Kaspersky Lab Americas’ Award-Winning Partner Program Raises the Bar

WOBURN, MA — (Marketwire) — 05/04/10 — A 100 percent commitment to the value-added channel isn’t simply lip service at Kaspersky Lab, a leading developer of Internet threat management solutions that protect against all forms of malicious software. It’s how Kaspersky Lab has transformed itself from a virtual unknown in North America to a significant force in IT security in just five years.

Already honored by Everything Channel in 2008 & 2009 as the Client Security Software Company of the Year and a Five Star Partner Program Winner, today’s announcement unveils significant new enhancements and levels to the Kaspersky Lab Green Team Partner Program. Kaspersky Lab offers top rated security solutions to maximize partners’ competitive edge and market reach. Offering service and support are critical components to ensuring overall success. Kaspersky Lab Americas recently appointed Nancy Reynolds as Senior Vice President of Corporate Sales and Support. In this new role, Nancy will lead both the corporate sales and support teams as a single unit, ensuring pre-sales, post-sales and support are offered in four languages, (English, French, Spanish and Portuguese), and led out of the Kaspersky Lab Americas’ headquarters in Woburn, Massachusetts to support the needs of the entire region.

As part of its Green Team Partner Program, Kaspersky Lab has significantly beefed up the WOW! factor with new revenue, support and rewards opportunities. Here is a sampling of what’s new:

* NEW! Business Discount Rewards – Financial incentives for Partners around new customer acquisition.
* NEW! Online Deal Registration – Partners who register deals can earn additional discounts and protect deals.
* NEW! Customer Account Registration – With an approved business plan, Partners can register protection for specific customer accounts.
* NEW! Extended Distribution Terms – Partners can now receive even greater distribution terms for positive cash flow.
* NEW! Syndicated Threatpost Content – Partners can now syndicate Threatpost IT Security News and Analysis on their own websites, bringing the latest security news and threat information to their customers, driving new traffic to partner websites and generating new partner leads.
* NEW! Self-Service Software Downloads & Trials – Partners can easily access customized and co-branded software downloads, greatly reducing the time and effort required for customer trials.
* NEW! Kaspersky University Online Training – Partners are eligible for admission to the new Kaspersky University. Regional and new online training modules are offered for optimal knowledge exchange.

To learn more about Kaspersky Lab’s Green Team Partner Program, please visit: http://usa.kaspersky.com/partners/partner-program.php or email: greenteam@kaspersky.com. To join the program, please visit: http://portal.kasperskyamericas.com.

Spencer Ferguson, President, Wasatch Software
“I’m very excited about syndicating Threatpost content to our site. This brings relevant and constantly changing IT security news and analysis directly to our website for our customers and prospecting needs. And best of all, it’s packed with new marketing opportunities for our company without us having to lift a finger.”

Brett Alterman, Sales Director, Resilient IQ
“The new deal registration program not only protects us in competitive situations, it rewards us with meaningful discounts for bringing new opportunities to Kaspersky Lab. The fact that Kaspersky Lab is willing to invest in my business by funding a dedicated Kaspersky product sales specialist shows they value me as a true business partner. These are just two benefits among a host of others that are particularly important to us at Resilient IQ.”

Nancy Reynolds, Senior Vice President Corporate Sales & Support, Kaspersky Lab Americas
“When I came to Kaspersky Lab, my intent was not to change the Green Team Partner program, but enhance it. As partners make commitments and investments with Kaspersky Lab, we want to ensure that we deliver a program that emphasizes education, knowledge transfer and lead management, and we’ll continue to invest in those partners who give us their highest levels of commitment. We’re building business integrity into our programs and maintaining profitability for greater revenue for partners and customers.”

Kristen Capone, Vice President, North American Channel Sales, Kaspersky Lab Americas
“Having recently come on board at Kaspersky Lab, I communicated my goal of optimizing the Green Team Partner Program in ways that would richly benefit partners in 2010 and beyond. This program is the next step of that vision and reality.”

Fonte: http://ca.sys-con.com


The Iphone OS needs to be opened up, says Kaspersky

THE INFOSEC CONFERENCE WAS TOLD that Apple’s Iphone is secure for now, but if Apple doesn’t open up the system it will lose out to rival mobile operating systems due to its lack of flexibility.

Eugene Kaspersky, founder and CEO of Kaspersky Labs, said at Infosec that if Apple does not change its Iphone OS within three years to be more open like Android, it will lose market share because there will be less software supporting it.

He said, “Symbian was very secure. Nokia had a very secure system for years, but it started to lose the market because it didn’t have the functionality.”

“They changed its mind and now it’s open source. They moved from the far, far left to the far, far right in terms of security.”

Software vendors can’t put security software on the Iphone because it is so locked down, so Kaspersky obviously has a vested interest in making the device more open as his company deals with mobile security.

So the Inquirer went for a talk with David Harley, director of malware intelligence at ESET, who has had many years experience with Apple security and was speaking at Infosec on the subject.

He said that Apple’s whitelisting of Iphone applications, where the availability of apps is controlled by Apple, means that that anything running on the apps store is thought to be ‘safe’.

Harley said, “I’m not convinced that they can maintain that model indefinitely. First of all as more and more people want to jump on the [Apple] bandwagon it’s going to be less and less feasible to spend the time of checking on every application for total security.”

He added that there had been hints that there have been ‘grey’ applications that had got through.

“The other thing is that a lot of Apple users want freedom to choose their own applications. Sooner or later Apple is going to have to find someway of accommodating some of the people who break Iphones. There are an awful lot of them.”

This asks the question about ‘jailbreaking’, where doing it is a breach of Apple’s agreement and in effect the user affected ‘deserves everything they get’. This is why last year’s reports of Apple Iphone Trojans weren’t taken that seriously, as they hit hacked phones.

“I can’t say that’s completely wrong, but what are the odds that at some point some breach is going to leak into un-jailbroken phones?”

If Apple did loosen the reins, Harley said that it would need some form of security that differed from application whitelisting, although he was unclear about what form this would take. µ

Fonte: http://www.theinquirer.net/inquirer/news/1603543/the-iphone-os-kaspersky

Oman’s MoE implements Kaspersky Lab anti virus solution across 35,000 networked PC terminals

Oman’s Ministry of Education has implemented a new online virus detection solution for 35,000 PC terminal users in response to rapidly increasing malware volumes. Following a competitive the Ministry has adopted the antivirus for Windows Workstation of Kaspersky Lab, a leading developer of secure content management solutions, to beef up its network security and reduce vulnerability and exposure to hackers, spam and virus.

“The detection rates of the previous vendor’s solution could not keep up with the rate of infections and the Ministry of Education took the decision to identify a new solution to resolve the issue at endpoint level,” said the Ministry’s spokesperson Ali Bin Suleiman Alhanai.

“We chose Kaspersky LabKaspersky Lab because of its high detection rates of viruses and the solution’s ability to perform with the minimum resources possible. Our tests of Kaspersky’s product on one of our live servers showed that it detected and removed more malware than any other solution we tried.

“We have already seen the important benefits the new products have introduced to our operations through compatibility with existing IT security infrastructure, higher detection rates, user friendly interface and ability to maintain high performance without slowing down our systems,” said Alhanai.

The Ministry of Education of Oman has also acquired a further 1,000 Kaspersky Antivirus for Windows servers licenses for its network of servers across the Sultanate. It took less than four months for the Ministry to implement the full solution across its network.

“We are very proud to have won and implemented our superior anti virus solutions across the network of Oman’s Ministry of Education,” said Tarek Kuzbari, Managing Director, Kaspersky, Middle East. “This project demonstrates our ability to provide governmental institutions with bespoke solutions that meet their discerning and sensitive requirements.

“The Middle East’s government sector ranks high among our regional priorities and the Ministry of Education of Oman is the latest in a long list of government institutions that have adopted’s security solutions.”

Fonte: http://www.zawya.com

Décadas depois, estouro de memória continua sendo usado como ataque

O estouro de memória (buffer overflow) têm sido um sério problema de segurança para desenvolvedores de software por várias décadas, mas a história da pesquisa de exploit sobre esta classe de falhas é relativamente curta.

Fonte: http://threatpost.com/pt_br/blogs/decadas-depois-estouro-de-memoria-continua-sendo-usado-como-ataque-050310

Conheça os diferentes tipos de vulnerabilidades e ataques de hackers

Segurança da informação pode ser um assunto complicado. São muitos termos diferentes. Para elucidar um pouco como ataques e vulnerabilidades funcionam, a coluna Segurança para o PC preparou um “dicionário” em uma linguagem simples para que você possa entender o funcionamento de algumas brechas e saber como hackers ganham acesso não autorizado a diversos sistemas. Confira.Leia o artigo completo no G1 Segurança.


Fonte: http://threatpost.com

Botnet Gumblar muda de tática para evitar detecção

Os criminosos por trás da botnet Gumblar têm adaptado as suas técnicas, como os atacantes estão acostumados a fazer, tendo em vista não só evitar a detecção como impedir os investigadores de baixar e analisar as novas versões do malware.

Uma análise da atividade recente da Gumblar mostra que a versão atual (ou uma das versões correntes) tem uma nova funcionalidade que verifica em qual país a máquina recentemente infectada está localizada durante a rotina de infecção inicial. O objetivo dos bandidos é evitar que o Gumblar infecte outras novas máquinas no Japão, onde os pesquisadores têm conseguido localizar e desmontar partes da rede da rede.

O vírus Gumblar vem infectando PCs e servidores por mais de um ano, com uma elevada taxa de sucesso. A nova alteração de orientação por parte dos atacantes mostra que ainda não estão contentes.

Os desenvolvedores do Gumblar notaram uma atividade incessante de muitos IPs japoneses visando seu sistema. O duro trabalho de análise dos dados colhidos no Japão resultou em uma resposta dos cibercriminoso. Há pouco tempo nos deparamos com uma nova variante do script infector criado pelos desenvolvedores do Gumblar, que verifica de que país o cliente remoto está vindo. O script usa um banco de dados IP para localizar o país do cliente. E se o país acaba é o Japão, o script pára e não ataca. Abaixo está a parte do código que implementa essa tarefa:

A nova pesquisa, feita por Vitaly Kamluk, do escritório japonês da Kaspersky, descobriu que a rede de Gumblar agora compreende pelo menos 4.460 servidores. Esse é um número bastante grande de servidores, e uma fração desse número seria suficiente para montar uma botnet muito grande.

“Neste momento ninguém tem informações sobre quantas as máquinas-cliente comprometidas estão na botnet Gumblar, mas acreditamos que é mais do que apenas o número de servidores comprometidos, porque o número de servidores representa apenas a contagem de usuários infectados que têm seus próprios sites e usam clientes FTP no sistema infectado “, Kamluk escreveu.

Google lança curso gratuito de segurança em aplicativos web

O Google lançou um novo curso de formação online para desenvolvedores de aplicativos Web projetado para ensinar-lhes como evitar erros comuns de programação que conduzem à vulnerabilidades como cross-site scripting, falsificação de solicitação entre sites e outros.

O curso, que faz parte do Google Code University, baseia-se em torno do conceito de um aplicativo para o Twitter, chamado Jarlsberg, uma aplicação real que o Google está lançando como parte do curso. Conhecido como “Exploits e Defesas de Aplicativos Web”, o curso oferece aos desenvolvedores a oportunidade de ver o funcionamento interno de uma aplicação fundamentalmente insegura, analisar as vulnerabilidades e aprender sobre os erros de programação que levaram a esses defeitos.

“Este curso foi feito em torno do Jarlsberg, uma pequena aplicação web que permite aos seus utilizadores publicar trechos do texto e armazenar arquivos diversos. “Infelizmente”, o Jarlsberg tem vários bugs de segurança que variam de cross-site scripting e falsificação de solicitação de cross-site, abertura de informações, negação de serviço e execução remota de código. O objetivo deste codelab é guiá-lo a descobrir alguns desses bugs e maneiras de aprender a resolvê-los, tanto no Jarlsberg como em geral,”, diz a documentação do curso.


O curso de desenvolvimento seguro é baseado em torno de uma série de desafios que exigem que os alunos passem e identifquem vulnerabilidades específicas no código do Jarlsberg. Depois que os alunos aprendem o básico de uma vulnerabilidade, tais como CSRF, eles então têm de encontrar uma maneira de usar essa falha para executar uma ação maliciosa específica na aplicação, tais como a mudança de alguns detalhes de um usuário logado na conta do utilizador sem o seu conhecimento.

Aulas de codificação segura para os desenvolvedores não são novidade, nem são o tipo de aulas de hacking ético que dão aos alunos a oportunidade de aprender técnicas básicas de ataque. Mas a idéia de dar aos desenvolvedores a oportunidade de ir atrás de vulnerabilidades em uma aplicação web projetada especificamente para esse fim é algo novo, e provavelmente muito necessária, dada a pouca instrução de segurança que a maioria dos desenvolvedores de aplicativo da Web recebe.

O curso de segurança é aberto a todos e disponível gratuitamente, assim como o código do Jarlsberg.

Fonte: http://threatpost.com