With over $1B in printer sales in Q3 2010 alone, and with many of those devices being all-in-one printers, running across an HP scanner in the enterprise is certainly very common. What many enterprises do not realize, is that their scanners may by default allow anyone on the LAN to remotely connect to the scanner and if a document was left behind, scan and retrieve it using nothing more than a web browser. Ever left a confidential document on the scanner and sprinted back to retrieve it when you realized? Thought so. Want to know if your office LAN has any wide open HP scanners running? Run a simple Perl script to determine if there are any devices on the local network running HP web servers. Get Test Script
Traditionally, “hacking” was viewed as a form of art by many where the primary motivation was bragging rights. Today, organized cyber crime syndicates are using money as the main incentive. Recent research uncovered one specific example of a post that offers a revenue share model referred to as Pay-Per-Install (PPI). In this case, those engaging in this particular campaign stand to make between $500 and $800 per 1000 installs. Initially, the malicious executable was only detected by 8 out of 43 Anti-Virus (AV) vendors. As newer threats emerge, traditional AV is less effective and more dynamic security solutions are necessary. Learn More
On Sept 14, Microsoft released its monthly security advisories which included three web based, client side vulnerabilities. These impact commonly used tools such as WordPad and MPEG-4 codec. In addition, a new critical zero-day vulnerability (CVE-2010-2883) in Adobe Reader and Acrobat was announced on September 8. There is no patch currently available and there are reports of exploits in the wild. The increasing frequency of patch cycles are creating large maintenance burdens for organizations. As a result, many are seriously investigating cloud based security alternatives where the onus of maintenance lies with the service provider. Zscaler deployed immediate updates to its service cloud upon the announcement of the vulnerabilities, instantly protecting customers. Vulnerability Details
Live Webcast with Keynote by Forrester’s Chenxi Wang Date: Oct 5 & 7, 2010 (3 convenient times)
Join Chenxi Wang of Forrester to understand how hackers are using your trust web resources such as Google, Facebook, and Twitter to compromise your employees. Social media security should be on everyone’s agenda. Traditional security controls such as Anti-Virus software or URL filtering are crippled in combating these new threats. Register
Zscaler researcher Julien Sobrier recently sounded the alarm on nearly three million pages indexed by Google that were serving Malware. Hours after Sobrier’s blog post, Google now seems to have finally started cleaning house.
Most phishing sites consist of one login page with perhaps a few additional pages. However, I recently stumbled upon a Facebook phishing site which cloned all the facebook pages: About, Developers, Adverting, Sign up, etc. and even in all of the 64 languages the original site offers!
Security concerns continue to be among the main forces preventing businesses from furthering their investments in cloud computing. That's one of the reasons behind the Open Security Foundation's new Cloutage project.
Heritage-Crystal Clean, Inc., headquartered in Elgin, Illinois, is a publicly-held environmental services company with a focus on automotive repair, commercial and industrial marketplaces. As the company continued to grow, the centralized URL filtering solution became highly inefficient in securing the 60 internet gateways as it introduced re-routing latency and traffic backhauling consumed expensive bandwidth. Matt Fields, IT Operations Supervisor, investigates cloud based security as a “greener” alternative which could also be extended to protect the organization’s growing mobile workforce.. Learn More
“Seamless integration, agent-less implementation, and service performance were key …”
- Matt Fields, IT Operations Supervisor
If you or your colleagues would like to receive this newsletter, please sign up.
Copyright 2011 Zscaler, Inc.
392 Potrero Avenue, Sunnyvale, CA 94085 | 1.866.902.7811 | webcast@zscaler.com.
The Cloud Security Company™
