Webroot Secure Anywhere Leads the Pack

07/03/13

PassMark Software — a leading independent software testing lab — recently conducted performance tests for eight of the latest endpoint protection products. Webroot® SecureAnywhere™ Business – Endpoint Protection leads the pack.  Get the report here.

Kaspersky Changes Microsoft Office Documents Coverage

29/01/13

Kaspersky  plan to roll-out, within the next month, a change to the policy for Microsoft Office Documents protected by 'read' and 'write' passwords.

Up until now, Kaspersky have been treating such files as 'password protected'. Within the next month, they plan to roll out an update to change documents protected with only a 'write' password to be a normal scan.

Independent Research Cites Network Box as a Strong Performer in its Emerging MSSP Q1 2013 Report

11/01/13

Network Box evaluated for breadth of capabilities, flexibility, customer satisfaction
HOUSTON, JANUARY 9TH, 2013 - Network Box USA, the American division of worldwide managed security service provider Network Box Corporation Limited, announced that the company has been named a strong performer in The Forrester Wave™: Emerging Managed Security Service Providers, Q1 2013 Report.

Redscan are a Finalist in the Computing Security Awards for 2012

13/09/12

Redscan are a Finalist in the Computing Security Awards for 2012 in the category Assistance with Compliance (Which organisation has done the most to help organisations comply)

Mysql Authentication Bypass Vulnerability

13/06/12

A very nasty brute-force attack against some implementations of MYSQL has been announced. It is tracked as CVE-2012-2122.

Vulnerable systems are affected in that an attacker who knows a user name to connect with (and "root" almost always exists), can connect using any password by repeating connection attempts. 300 attempts takes only a fraction of second, so basically account password protection is as good as nonexistent. Any client will do, there's no need for a special libmysqlclient library.

Fashionable but vulnerable: mobile devices in the workplace

19/04/12

Many organisations are replacing desktop PCs with laptop computers and rolling out tablet computers and smart phones to teams working outside of the office. These mobile devices are contributing to improved efficiency and are undoubtedly popular with employees, but they are also inherently vulnerable. To minimise the risks, organisations must develop specific mobile device management policies – and then enforce them.  Blog about the policy considerations when coping with BYOD. 

Internet Accessible Maintenance Services and Microsoft RDP Vulnerability

14/03/12

Microsoft released their security bulletin MS12-020 which they label as Critical, and document two vulnerabilities in the RDP implementation in all modern version of Windows.

Make a Serious Step towards Security

01/03/12

Full Disk Encryption: Free trial now available here! Easy to install, easy to uninstall, take a serious step to improve your company's security.

Network Box announces it attains first milestone in "IPv6 Ready"

09/02/12

Network Box has announced that it has reached the first milestone in its endeavour to attain "IPv6 Ready" - Phase 2 criteria certification.

Network Box reveal NBRS-5

30/01/12

 Network Box has revealed information of its new software platform called NBRS-5.0, which will be available in increments from the second quarter of 2012.  This new technology will be available free of charge to existing users of the Network Box device.  Redscan will be contacting customers that use Network Box later this year to arrange the upgrade.  Learn more about the Next Generation of Network Boxes.

Board Room Spying for Fun and Profit

25/01/12

Blog by HD Moore on the research he conducted over the last three months. Alarge portion of video conferencing equipment is connected to the Internet without a firewall and is configured to automatically answer incoming video calls. This allows a remote intruder to monitor both audio and video information, often with little or no indication to the target. The interesting part of this research is who it affects; these units can cost anywhere from a few hundred dollars (used) to tens of thousands of dollars for high-end room systems.

VoIP: The Danger of Open Ports

04/01/12

A short blog on the time it takes for an undefended PBX to be attacked.  Why is this a concern?  Toll Fraud is the primary threat.  A hacker who can register as a legitimate user can make telephone calls at the owner’s expense.  Read more here

Cover Story of Processor: "Enterprise-Class Protection Even Small Businesses Can Afford"

12/10/11

Unique to Network Box’s security protection, which has won the company more than 40 awards globally, is the use of patented PUSH technology that automatically pushes antivirus signatures, security patches, and software updates from the SOCs to customer devices within 45 seconds of becoming available. According to Pierluigi Stella, Network Box USA’s CTO, a more traditional approach would involve IT monitoring multiple physical devices for Internet threats and then adding patches, applying signatures, etc.

Webroot Secure Anywhere wins Editor's Choice from PC Magazine

04/10/11

Excellent protection from malware; very good malware cleanup. Online backup and file-sharing. Powerful password management. Android support. Online console manages protection, backup, and passwords. Cleans up useless files.  Read more here.

Webinar: Is YOUR phone exchange being used illegally? HOW DO YOU KNOW? Sipera & RedScan

08/09/11

Your Unified Communications system may increase your company's productivity and connectivity, but it also opens up the possibility that you could be victim to an expensive scam.

Some Real World Statistics

02/08/11

Decline in Spam and Viruses during July. The following table shows statistics from a selection of Network Box Systems installed around the World. The percentage change is from the previous month (June). Interesting to see a general fall in Spam and Malware over both email and HTTP.

Real-Time Response to Malware Slashes Threats

23/07/11

"We've seen a virtual elimination of threats from the outside, because of Z-Scan," said Thomas Green, VP-IT at the $569-million Credit Union (CU) organisation. Previously, "we had a far higher rate of infection. It is rare today that we have to service a machine due to malware."

New Video on VoIP Security

24/06/11

With attacks against VoIP and UC accelerated by 50% from 2009 to 2010 from hackers targeting enterprise UC servers (source: VIPER Lab honeypots), Redscan has released a new video on VoIP security.  VoIP and UC attacks maket up to 25% of all hacking attacks in the wild (open Internet), up from single digits in previous years (rest of attacks are classic database and network layer attacks).  As email, web application and classic network hacking vectors are closed, VoIP and UC are the new targets. 

Actiance Introduces Vantage Security Subscription for Microsoft Lync Server 2010

07/06/11

Actiance (www.actiance.com), enablers of the safe and compliant use of unified communications, collaboration and Web 2.0, and a nationally managed Microsoft Gold Certified Partner, today introduced Vantage Security for Microsoft Lync, a subscription to protect Lync environments against malware and out of policy content.  Read more here.

Network Box Scores 100% on Extended Wild List Anti-Malware Test

27/05/11

Businesses of all sizes and types need to be concerned with providing protection from malware to their user base.  Regardless of the delivery mechanism, Unified Threat Management (UTM) firewall appliances aimed at small and medium businesses should deliver immediate and ongoing protection against malware threats propagating on the Internet.

Securing UC alongside Web 2.0

13/05/11

The line between enterprise and consumer real-time communications has never been clear cut. Standardising on a single UC platform rarely eliminates the use of consumer orientated applications – authorised or not, and with the announcement that Microsoft is to buy Skype the divide is looking increasingly blurred. For organisations looking to secure their networks or achieve regulatory compliance this heterogeneous environment is a complex issue.  Read more here.

Possible Asterisk Hack on LastPass

05/05/11

Password management system LastPass is reporting that it suspects that hackers accessed their system through an Asterisk server via UDP.  Reacting fast and comprehensively to protect their customers.  They have blogged about the incident here.  

Watch Video on UC Security

03/05/11

Listen to Sipera's Paul German when he was interviewed with Infosecurity TV on YouTube where he discusses Application layer security, unified communications, VoIP and Viper Labs.

Social Engineering Attack on Domain Name Registrar, Network Solutions

05/04/11

Microsoft's director of policy and enforcement for Xbox LIVE has had his Xbox account hijacked by a disgruntled gamer using a social engineering attack on his domain name registrar, Network Solutions. More information

here

.

Actiance Teams with LinkedIn to Enable Compliance with Top Regulatory Body Guidelines for the Financial Services Industry

01/04/11

Actiance, enablers of the safe and compliant use of unified communications, collaboration and Web 2.0, announced today an agreement with LinkedIn, the world's largest professional social network, that gives Actiance access to LinkedIn's private API (application programming interface) to enable Actiance's customer-base to leverage the expansive capabilities of LinkedIn while remaining compliant with key industry regulations.

PCI DSS - VoIP in Scope According to New Guidelines

24/03/11

The PCI DSS council, which is the industry body that develops and manages the international standard on payment card privacy, has provided new guidelines which indicate that VoIP calls that record financial transactions that include credit card details must be protected or deleted.  The guideline can be found here.  The auditing flow-chart on Page 6 shows that the card information transmission rules apply to voice and it is in scope of the regulations.  Then on

eMail-based Malware Increases Four Fold

11/03/11

Over the past few days we have been noticing an unusual increase in eMail-based malware. We have not seen such an increase for several years, and this is occurring globally.

Autonomy: Three Engineers through the Advanced Course

07/03/11

We are pleased to announce that three of our engineers have passed through the Advanced IDOL course that is run by our partner Autonomy, the leader in meaning based computing and enterprise search.  Autonomy's IDOL is a massively powerful enterprise search solution able to automatically for the actual meaning of words rather than working on the popularity of documents that contain words.  This greatly improves the results of any search carried out across the enterprise across all information whether document, database, voice or video. 

UC Federation: Get UC platforms talking together

09/02/11

Redscan is now able to provide rich federation features across a wide range Unified Communication (UC) platforms.  Many federation solutions provide only text and rudimentary presence information between selected competitors but Redscan, as a NextPlane partner, is now able to provide rich federation features such as multi-party chat, file sharing, voice, video and detailed presence between the leading UC products.

Web Usage Statistics for Q4 2010

28/01/11

At the end of each quarter, we produce statistics on web usage by business Worldwide.  The statistics come from our partner “Network Box” who work with businesses small and large in countries from China through Europe to the USA.  It gives us a really good idea of which sites industry worldwide is visiting.

Network Box Z-Scan Antivirus Engine Reduces Time to Respond to New Threats

16/11/10

 New antivirus engine focuses on developing signatures for emerging threats in less than one minute
 
A new virus detection and signature service launched by Managed Security Service company Network Box, aims to reduce the time it takes to respond to serious new internet threats, by cutting response times down from hours, which is common throughout the anti-virus industry, to less than one minute.
 

Redscan Email Archiving Whitepaper

20/10/10

These days, companies of all sizes - but particularly those operating in the financial services sectors - are required to meet new industry and regulatory compliance requirements for data retention, and to be able to produce audit trails. In addition, all organisations have found that emails are now mission critical to their business in the same way that letters are. They have found that they need to keep a record of what was sent and received in the past to protect themselves and improve their service to their customers.

Virus production from Russia increases again, says Network Box

01/07/10

Virus production from Russia is on the up again, after a temporary decline last month when Russian hosting service, PROXIEZ-NET – notoriously used by criminal gangs – was taken down in early May.  This is according to analysis of internet threats in June, by managed security company, Network Box.

Number of internet threats from the UK rising

01/06/10

The number of internet threats coming from the UK has increased in May, according to research by managed security firm, Network Box. The UK is now responsible for nearly six (5.9) per cent of the world’s internet viruses, up from three per cent in April. The only countries that produce more viruses than the UK are Korea (16.26 per cent) and the US (11.68 per cent).

The US and India continue to dominate the production of the world’s spam, with the US producing 10.7 per cent, and India 7.1 per cent (similar figures from last month).

IT security for Car Dealerships: free guide

14/05/10

Car dealerships, like so many businesses, are increasing the amount of business-related activities they carry out online, from checking inventory and ordering new parts, to communicating with customers and downloading manuals.

A new guide – IT Security for Car Dealerships – released today by managed security firm Network Box, provides guidelines for car dealerships to follow to protect their IT networks from security threats.

Protecting sports clubs from internet threats

30/04/10

Sports clubs are increasing online investment as they seek to engage their customers and drive sales, but IT security may be being left behind, according to managed security firm Network Box, who have just published a guide to IT Security for Sports Clubs.

The guide, which is free to download from Network Box’s website: http://www.network-box.co.uk/resources/white-papers, outlines the major issues facing sports clubs, such as the security of customer data, internet threats, managing multiple websites, bandwidth management and human error.

Remote working and social network use at work are biggest security concerns for business

13/04/10

Shifting working patterns and increased social network use are the two biggest headaches for IT managers, according to research by managed security company, Network Box. Fifty-nine per cent of IT managers surveyed said that remote working was one of their top priorities for the coming 12 months (ranking it between 8-10 on the survey, where 10 is ‘extremely important’ and 1 is ‘unimportant). Network Box surveyed 250 companies across all sectors.

Microsoft Out-of-Band Security Bulletin

31/03/10

In response to highly publicised attacks reportedly exploiting a zero-day (without protection) vulnerability in the Microsoft Internet Explorer web browser, Microsoft has released, out-of-band, security bulletin MS10-018 addressing nine privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer.
This bulletin is:
•    MS10-018 affecting Microsoft Internet Explorer.

Phishing attacks fall as Brazil drops down the spam charts

01/03/10

In January, more than half (55.59 per cent) of all malware sent on email was an attempted phishing attack, but February has seen this figure drop dramatically to 17.86 per cent, according to analysis by managed security firm, Network Box.

Network Box launches S-Series UTM devices for SMEs and branch offices

17/02/10

A new range of unified threat management (UTM) devices designed for SMEs and branch offices, and supported by a full managed service, is launched today by managed security firm, Network Box. The S-Series range (S-35 and S-85) is available from 16 February 2010.

The S35 is designed for smaller offices that require a VPN (to connect remote workers or branch offices to a central location), firewall, and intrusion prevention functionality; as well as full support and management services.

Microsoft Releases Important Out-of-Band Patch

22/01/10

Network Box Security Response has released a second supplemental report on the January 2010 Microsoft Patch Tuesday.
In response to highly publicised attacks reportedly exploiting a zero-day (without protection) vulnerability in the Microsoft Internet Explorer web browser, Microsoft has released, out-of-band, security bulletin MS10-002 addressing seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer.
This bulletin is:

2009 saw a new threat every 10 seconds; majority of malware now from botnets

11/01/10

Almost three million new threats were identified in 2009 – approximately one every 10.8 seconds – according to analysis by managed security firm, Network Box. 2,905,697 threat signatures were released through the year to protect against new or variant threats. This is an increase on 2009 of 6.9 per cent.

Solid return on investment now makes managed security more cost-effective for mid-sized and smaller companies

09/12/09

Managed security firm, Network Box, has published a guide to return on investment for security services, ROI of managed security services, available free from its website. 

Facebook and YouTube dominate our business networks

26/11/09

Accessing and downloading material from Facebook and YouTube when at work accounts for more corporate web activity and used bandwidth than any other sites, according to analysis by managed security firm, Network Box.

Nearly six per cent of all web traffic from business networks is to Facebook – higher than to any other website. Google is next in line, at 4.1 per cent.

Nearly eight per cent of all corporate bandwidth is taken up downloading YouTube videos. The next in line is Windows Updates, taking up 3.8 per cent of bandwidth.

Companies must keep control of home workers’ computers,

12/11/09

The growth of home or remote working can leave companies vulnerable to security threats if they don’t take some simple steps to securing employees’ computers. This is the warning from managed security company, Network Box, which gives advice to businesses on the issue in a new advisory guide, Securing Remote Workers.

Companies should be particularly vigilant with home workers, according to the guide. Often, home workers will be using a personal home computer (as opposed to a company-provided computer) that is unlikely to meet stringent corporate security standards.

International co-operation vital as malware sources disperse

29/10/09

Hackers are spreading their operational bases further around the world, according to threat analysis from managed security firm, Network Box. During October, malware levels remained high, but threats originating from the ‘traditional’ top sources of malware (the US, China, Korea and Brazil) were all down on last month.

Spam

Network Box October 2009 Report on Microsoft Patch Tuesday

14/10/09

This month, Microsoft releases its biggest ever security update, with 13 security bulletins tackling 34 vulnerabilities. Eight of the bulletins are classified as critical, and eleven of the vulnerabilities have an exploitability index of 1 (consistent exploit code likely). Several of the vulnerabilities are currently being exploited in the wild.
Of these vulnerabilities, Network Box Security Response views it particularly important to draw your attention to the following security bulletins, in particular, that we determine require urgent patching:

Network Box UK offers cloud solution for web surfing and email scanning

07/10/09

Network Box UK, the managed security company, now offers its customers a ‘cloud’ security solution for web surfing and email scanning.  Following their policy of selecting the “best of breed” for their customers, the solution is based on Webroot’s Web Security Software as a Service (SaaS).  The new cloud security solution is being offered to Network Box UK customers from 1 October 2009.

Network Box awarded five-star rating by SC Magazine

28/09/09

Network Box has been given a five-star rating by SC Magazine in its review of Intrusion Detection and Prevention (IDP) solutions.

The Network Box solution was rated five out of five for features, ease of use, performance, documentation, and support, with an overall rating given of five out of five.

Network Box Corp Ltd Partners with Microsoft to Protect Customers

14/09/09

For the first time, Network Box Corporation Ltd will receive advanced information from Microsoft about their monthly security bulletins to anticipate emerging threats and provide mutual customers with more timely protections.
 
Network Box joined the Microsoft Active Protections Program (MAPP), and will be provided with vulnerability information in advance of Microsoft’s monthly security update release to offer protections to customers efficiently and effectively.
 

Secure sites must stop relying on single passwords

02/09/09

Using passwords to access online information is not secure enough, according to a new white paper from managed security company, Redscan. Authentication, who are you?, written by Redscan’s Internet Security Analyst, Simon Heron, argues that web-based services – particularly those that hold financial information - must increase security in order to protect their customers effectively.

Network Box releases upgrade to customer mail portal

10/08/09

Managed security company, Network Box, will release a number of enhancements to its customer mail portal in late September that will improve the speed of mail handling by three to five times, and simplify the way data is presented to users.
Email data will be laid out so that email administrators can see at a glance how their mail service is performing, and any issues affecting it. A simplified home page to the mail portal will show (both as lists and graphics):

Viruses up 300 per cent: more threats coming from India and Brazil

29/07/09

29 July 2009 - The number of viruses sent over email has increased by 300 per cent in the last three months, according to managed security firm, Network Box. 

Analysis of Internet threats by Network Box in July 2009 shows the number of viruses is at its highest so far this year, peaking at around 12 viruses per customer per hour.

Update on Adobe Flash Attacks

24/07/09

Network Box Security Response is currently monitoring exploits of a zero-day flaw in Adobe Flash Player 9 and 10, with the exploit delivered by a flash object embedded in an Adobe PDF document (rendered by Adobe PDF Reader / Acrobat).

The flaw has been acknowledged by Adobe, who are working on a fix for the issue. An article providing more information is available on threatpost.

Redscan warns companies to take action against increase in SQL Injection attacks

21/07/09

A steady increase in the number of SQL Injection attacks (where a hacker ‘injects’ malicious code into an application, exploiting a vulnerability in that application) means that companies should review their applications for vulnerabilities, and ensure vulnerabilities are patched. Managed security company, Redscan, has issued advice to customers on protecting against SQL Injection attacks to customers who operate public web servers to exercise caution, particularly those accessible over the Internet.

Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution

07/07/09

Network Box Security Response has been tracking a zero-day vulnerability in the msvidctl.dll component of Microsoft Video ActiveX. There is a widespread attack underway exploiting this vulnerability using a large network of compromised websites. The attacks are using Internet Explorer as the attack vector and are installing a Trojan downloader onto compromised machines. Analysis of the attacks by security experts reveals that the attackers are injecting IFRAMEs into compromised websites in order to redirect users to sites hosting the trojan downloaders.

Unified Security

25/06/09

It’s always nice to be mentioned in an analyst’s report, and Gartner’s recent Managed Security Service market (Asia Pacific) is no exception. The first thing that struck me is how far managed security services have come in the last five or six years – it is a fast-maturing market and one in which Gartner forecasts a 12 per cent compound growth over the next 12 years in the region. That’s significant, given spending freezes and cuts in other areas.
 

Don't block IM, control it, says new guide for IT managers from Network Box

10/06/09

Don't block IM, control it, says new guide for IT managers from Network Box

A new guide to securing instant messaging (IM) advises companies to control employees' use of IM, rather than blocking it outright. Securing IM is the latest in the ‘Securing Social Media' series of guides from managed security company, Network Box. The guides are all free to download from Network Box's website: http://www.network-box.co.uk.

Microsoft DirectShow (quartz.dll) Vulnerabilty

29/05/09

Microsoft has today issued a Security Advisory (#971778) regarding a zero-day vulnerability in its quartz.dll serving up DirectShow content for quicktime movies. The vulnerability is remotely exploitable by a user visiting a malicious website and being served a maliciously crafted DirectShow quicktime movie.

Microsoft IIS 6.0 WebDAV Remote Authentication Bypass

19/05/09

A zero-day vulnerability against Microsoft IIS has recently been announced and made public by "Kingcope". Affected Microsoft IIS servers currently have no built-in protection against this vulnerability and may be susceptible to attack.

Details of the vulnerability have been published on the Full Disclosure security list, and are available here.

NETWORK BOX LAUNCHES NEW CUSTOMER PORTAL

11/05/09

Managed security company, Network Box launches its new Box Office Customer Portal tomorrow (12th May 2009) providing customers with a single, powerful web-based user interface for the management of one or more Network Boxes, at a country, regional or global level.

Box Office Customer Portal provides real-time status of Network Box devices and allows for formalised two -way communication with the Network Box Network Operation Centres (NOCs) responsible for monitoring and configuration of the equipment and network.

New mail scanning and rules engine from Network Box improves spam scanning speed by 100 per cent

29/04/09

Network Box, the managed security company, has released a new heuristics package which significantly improves spam detection (this includes malware carried over spam email) and also its own high-performance rules engine which increases scanning speeds by 100 per cent. This makes Network Box's mail scanning system the most effective on the market.

Network Box has released two new heuristic mail scanning modules:

New Customer Portal to be available on 15th May

24/04/09

Responding to customer feedback, Network Box has been working to improve the Customer Portal we call 'Box Office'.  This will go live on 15th May 2009 and will not only be easier to use, it will also allow our customers a unified view on all their Network Boxes providing information on the change requests both past and present, the connectivity to the Internet and between offices and the health on numerous metrics.  Have a pre-view of our new user guide.

Security policies should now include Twitter

14/04/09

Business should review their security policies to include Twitter, according to a guide released today by Network Box.

The Guide to Secure Use of Twitter is part of a series of 'securing social media' guides from Network Box, and is designed to help IT managers review or create new user policies and update company security processes to include Twitter and other microblogs.

Phishing attacks rise as recession bites – now 50 per cent of all virus threats

30/03/09

Phishing attacks now account for just over 50 per cent of all virus threats, according to new figures from managed security firm, Network Box. This figure (50.6 per cent) is the highest it has been so far this year, and is up from 33 per cent one month ago.

The top source of viruses is the US, which this month accounts for just over 21 (21.66) per cent of the world's viruses. This figure is significantly higher than at the start of the year, when the US produced between 13 and 15 per cent of viruses.

Cloud computing – a secure future?

20/03/09

The debate about cloud computing seems to be everywhere at the moment. There are still some security concerns – as there are bound to be when you put critical data and resources outside the corporate firewall. But in general, companies are becoming more comfortable with giving data to a third party (lost USB sticks and laptops on trains aside, of course).

There are three areas of concern that seem to crop up again and again when I’m asked about cloud computing:

China close to equalling US as biggest source of viruses

02/03/09

China now accounts for 15.7 per cent of all viruses, according to statistical analysis in February by managed security firm, Network Box. This is second only to the US, which now accounts for 16.04 per cent of the world’s viruses.

China’s rise as a dominant source of threats has been rapid; last month it accounted for just 3.9 per cent of viruses, so it will be interesting to see if this increase is permanent. Korea has also increased the percentage of viruses for which it is responsible: 10.8 per cent in February, up from 8.9 per cent in January.

Companies should stop whitelisting their own email domain names

17/02/09

Nearly 20 per cent of all spam now forges the domain name of the recipient – ie looks as though it comes from the recipient, or someone in their company - according to analysis by managed security firm, Network Box. This has increased from just one per cent in June 2008. As a result, Network Box is advising all companies not to whitelist their own domain names.

US regains the top spot in the virus charts as the single biggest source of viruses Korea takes second place

30/01/09

The US regained the dubious position of the single biggest source of viruses in January 2009, according to analysis of Internet threats by managed security firm, Network Box. Nearly 15 (14.8) per cent of all viruses originate from the US. In second place is Korea, responsible for nearly nine (8.9) per cent of all viruses; an increase from eight per cent in December and 6.3 per cent in November.

Network Box finds customers are the best resellers

28/01/09

Managed IT security firm, Network Box (www.network-box.co.uk), has announced a Customer Partnership Programme to pass on new discounts to its existing customers. It is introducing this ‘friend get friend’ scheme, to assist existing customers who introduce new customers to Network Box.

Ineffective security management leads to slow Internet speeds and security vulnerabilities

05/01/09

Nearly two-thirds of UK businesses do not look after their Internet security effectively, according to new research. A survey undertaken by managed security firm, Network Box (www.network-box.co.uk), found that just over 65 per cent of companies spend ‘no time’ managing their security systems (anti-virus, anti-spam, content filtering, VPN, intrusion detection and web usage and bandwidth policies). Nearly 15 (14.7) per cent spend less than 30 minutes per week managing their IT security.

UK government ‘not doing enough’ to protect against cyber crime

10/12/08

Eighty per cent of businesses believe the government is not doing enough to protect the UK’s national infrastructure from cyber threats, according to research from managed security firm, Network Box (www.network-box.co.uk).

This year’s follow up enquiry by the House of Lords to its 2007 report on Internet Security called for increased measures by government to protect the UK from cyber threats, including greater international co-operation.

Trying to Put an End to Spam

10/12/08

One of the most frustrating things about the Internet has been the rise of spam. These unwanted e-mails choke our networks, steal precious storage space and in recent years have become the delivery vehicle for any number of malicious types of payloads intended to cause all kinds of harm.

This is why a new effort under way at a company called Network Box is worth watching. Network Box is working on an approach to fighting spam that keeps track of the relationships that individuals create when responding to incoming electronic mail.

New worm attack set to make users squirm

05/11/08

A worm that exploits the bug Microsoft Corp. patched in an emergency update 11 days ago is actively attacking systems, several security companies and researchers said Monday. Network Box and Kaspersky Labs label the worm Exploit.Win32.MS08-067.g, and we are actively tracking its spread. This is the seventh variant of MS08-067 exploit for which protection signatures have been released.

Network Box appoints James Mackie as sales manager

22/10/08

James Mackie has joined managed security company, Network Box UK, as sales manager. He takes on responsibility for building the company's sales strategy and developing sales to SMEs and corporates in the legal, media and finance sectors.

Mackie joins from City Information Services, where he was UK sales manager. In this role, he oversaw the company’s sales strategy development and delivery, and was responsible for more than GBP6 million sales to FTSE 500 companies.

Network Box launches beta testing of new ‘relationship management’ technology to combat spam

14/10/08

Network Box, the managed UTM security firm, is launching beta testing on a new relationship management technology to combat spam. ‘Network Box Relationship Manager’ will offer customers significant improvements on any existing spam detection technology, by analysing not just content and IP address, but by applying learning from email user behaviour and relationships, to understand which emails are welcomed by the user, and which are unsolicited spam.

In The Boxing Ring - September 2008

19/09/08

In the September 2008 edition of "In The Boxing Ring", Mark Webb-Johnson, CTO Network Box Corporation, discusses the spam and malware onslaught coming from the Storm botnet, the launch of Asian language support in Network Box interfaces and reports, and the launch of Google Safe Browsing and Searching. He also outlines what Network Box can do to assist customers with combating these threats, and presents the updates for Network Box Patch Tuesday, and what customers can expect.

Network Box Releases Web Content Filtering Engine for Google Safe Search and Google Safe Browsing

13/08/08

6 August 2008 - Network Box, a managed security company, has announced the beta release of its web content filtering technology to support Google Safe Search and Google Safe Browsing. The new functionality will be added to its range of unified threat management (UTM) products to allow businesses to easily implement protection against Internet threats, and prevent sites and web pages with inappropriate content from appearing in search engine results.

Google Safe Browsing

Fake-CNN spam mutates as attacks continue

13/08/08

The massive attack that has infected PCs by tricking users into clicking links in fake messages from CNN.com shows little sign of ending soon, security researchers said Friday.

According to MX Logic Inc. , spam posing as CNN.com Top 10 lists peaked at close to 11 million messages per hour early Thursday, but remained at high volumes throughout the day Friday.

All-in-One Network Security Appliances: Common Myths and Misperceptions

04/08/08

As this white paper is being written, the concept of UTM (unified threat management) has been around for more than five years. Network Box Corporation has actually been in existence for almost 10. Yet, even after these many years, and with so many other vendors now on the market, the UTM concept has yet to be as generally accepted as one would expect, considering the enormous benefits it provides in terms of simplification, manageability, and cost of network gateway security.

House of Lords cybercrime report

18/07/08

The recent House of Lords cybercrime report urged new policies to improve data security. IT PRO looks at how business and law enforcement would be affected.

“Most police stations don’t have the resources to deal efficiently with these sorts of crimes, and if the crime doesn’t relate to a multi-million pound fraud, victims get advised to contact either PayPal, or agencies such as Antiphishing.org to seek justice,” said Simon Heron, internet security analyst for Network Box.

ALERT: CVE-2008-1447 - Multiple DNS implementations vulnerable to cache poisoning

11/07/08

The Domain Name System (DNS) is responsible for translating host names to IP addresses (and vice versa) and is critical for the normal operation of internet-connected systems. DNS cache poisoning is an attack technique that allows an attacker to introduce forged DNS information into the cache of a caching nameserver. DNS cache poisoning is not a new concept; in fact, there are published articles that describe a number of inherent deficiencies in the DNS protocol and defects in common DNS implementations that facilitate DNS cache poisoning.

Network Box Monitoring increased activity on botnet sql injection

19/06/08

Over the past few days, Network Box has been monitoring an increase in highly-targetted SQL Injection website attack activity. Currently, this only appears to be affecting certain versions of the Microsoft IIS web server, coupled with Active Server Pages (ASP) scripting and Microsoft SQL Server. The attacker attempts to modify sql database records for websites.

The wireless gateways to cybercrime

22/05/08

On a hot summer's day two years ago, members of the Washington police force arrived at a building in Arlington County to arrest a suspected paedophile. The detectives were met by an elderly woman who, it emerged, had nothing to do with the crime. The problem was her wireless router. The device was openly allowing access to the internet throughout her apartment building and it is suspected that one of her neighbours was using it to upload child pornography.

Change to Default Recommended Policy (Smart Tag Object Blocks)

21/05/08

Network Box Security Response is announcing a scheduled change to the default recommended policy on Network Boxes, regarding policy-blocking of objects in html emails. For those customers who have requested blocking of objects in html emails, Network Box Security Response will be implementing a change to the default policy and introducing an enhancement to support an issue with Microsoft Smart Tags.

Network Box Releases 'Live Watch' Trace functionality for Mail, Web Proxy, Firewall and IDP

07/05/08

Network Box Corporation, a leading provider of managed UTM+ services, is proud to announce the release of 'live watch' trace functionality for its full range of award-winning UTM+ appliances.

Web hack attack infects 500,000 pages

28/04/08

Attacks on legitimate Web domains, including some belonging to the United Nations that began earlier this week, have expanded dramatically, security researchers said Friday, with hundreds of thousands of pages hacked by Friday.

Some researchers are indicating this may be related to the privilege escalation problems with Microsoft Security Advisory 951306 (affecting primarily web hosting companies running Microsoft IIS server).

Network Box USA Launches Channel Program

08/04/08

SAN FRANCISCO--At the RSA Conference today, Network Box USA (www.networkboxusa.com), a leading provider of cutting-edge computer network security solutions, unveiled a channel program for its award-winning Network Box Internet threat prevention and security device.

ATM Security leaves customers vulnerable to hackers

20/02/08

It has been estimated that something in the region of 70 percent of the ATMs in current use are based not on the proprietary hardware, software and communication protocol platforms of old but instead on PC/Intel hardware and commodity operating systems, the most popular being Windows XP embedded. In fact, it is not too much of a stretch of the imagination to think of these ATMs as being simple PCs running simple PC operating systems and using the standard Internet Protocol that we are all used to.

Understanding ATM Security and Risks

04/02/08

Pierluigi Stella (Network Box USA), talking at CUISPA 2008 on the subject of 'Understanding ATM Security and Risks', explains that "when we think of ATM security we tend to think mainly to the cases of robbery or fraud that so very often make the headlines. These stories are catchy and interesting, and undoubtedly they constitute the largest part of ATM security problems. But by doing so we tend to forget that ATM machines are nothing more than Windows workstations connected to a network, and as such they are susceptible to attacks just as every other computer in a bank.

Microsoft confirms Excel bug; recommends blocking files

18/01/08

Ongoing attacks are exploiting a flaw in most versions of the popular Excel spreadsheet application, Microsoft's security group said Tuesday.

New mass hack strikes sites, confounds researchers

15/01/08

A massive hack of legitimate Web sites has been spreading malware to visitors' PCs, using a new tactic that has made detection "extraordinarily difficult," security experts said Monday.

According to the researcher who broke the news, the hack, which involves several hundred sites, may be related to a November 2007 break-in at Fasthosts Internet Ltd., a U.K.-based hosting service that in early December acknowledged that some clients' log-in credentials had been pinched.

Review of 2007: Lost in translation

09/01/08

April 2007: ... more earth-shattering than the 4.3 magnitude earthquake that hit Kent, was a survey from Network Box that found 99 per cent of SMEs said they did not know how often their AV software was updated.

Cyber-gangs gear up for 2008

24/12/07

Spear phishing, spyware and state-sponsored cyber-attacks will define the security agenda in 2008, a security company predicted today.

Network Box predicted a rise in targeted attacks on senior level employees, and an increase in social engineering leaving employees' personal information and corporate databases wide open to exploitation.

The company believes that the popularity of social networking sites, such as Facebook and MySpace, is allowing cyber-criminals to access information previously unobtainable.