Tech-2 Security

Similar to the windows fake AV alerts, MAC users have now been targeted with a fake AV scam. After visiting an infected site, the software scans the users hard disk and reports on viruses found. Users are then given the opportunity to purchase remedial AV software, thus parting with credit card information. The trick here is that is can masqurade as the legitimate MAC Defender application making the users less suspicious about the warnings. Apple Mac users have been adviced to disable a setting in the Safari browser that allows "safe" files to be automatically installed. Full details on removing and preventing this malware can be found here. Apple MAC Malware Removal

Fortinet have delivered a solution for 2-factor authentication within their Version 4 FortiOS. Customers with the Fortigate UTM platform can make use of the solution by upgrading their systems to V4 MR3. This is a free upgrade for customers with maintenance. The only chargeable component are the tokens themselves. Traditionally 2-factor authentication required some form of middleware solution which intercepted the logon details to verify the token one time password. This middleware is included in the FortiOS and therefore minimises implementation and up front costs. The offering works with Fortinet's IPSec and SSL VPN remote access (also included within the FortiOS).

The Playstation network has been down since about 20th April now. The full consequences of the attack may take some time to manifest, however the commitment to ensuring security since the attack has been foremost in Sony's agenda. The difficulty here is that although what has happened may be relatively clear, the how and who may be less obvious and because of this Sony need to take extra care when restoring the services as they cannot afford another similar incident. The fact that they may be offering a reward for information relating to the identity of the attackers proves that whoever did this were skilled enough to hide their tracks well. With enough digging, many clever breaches can be traced due to the smallest fragment of information in the logs or other data leading to clues. There is claim that information pertaining to the group Anonymous has been located on the systems, however Anonymous have denied the incident and apparently say they may have been framed. If the o