The first Patch Tuesday of 2014 is less than a week away and it will see Microsoft deliver four updates, all rated 'Important', that tackle vulnerabilities found in Windows, Office, and Dynamics AX.

One of the updates is set to resolve a previously-acknowledged elevation of privilege vulnerability that affects Windows XP and Windows Server 2003 and has already seen limited, targeted attacks. The patches will become available this coming Tuesday, January 14, at about 10:00 AM PST.

For a bit more info check out the Advance Notification found here.

Samsung Electronics America, Inc. today announced a new advanced security solution for the 840 EVO SSD, Samsung's SSD Self-Encrypting Drive (SED), compatible with professional security software.

The new data security enhancements are now shipping on the recently announced Samsung 840 EVO mSATA drive and can be enabled through a firmware update for the 840 EVO SSD SATA drive, launched last August. The new features are designed to meet security requirements for enterprise applications and are compliant with TCG Opal and IEEE 1667 standards.

The last Patch Tuesday of 2013 is closing in fast and, as revealed today, it will see Microsoft deliver no less than eleven updates - five rated 'Critical' and six rated 'Important'. The upcoming patches target vulnerabilities found in Windows, Office, Internet Explorer, SharePoint Server, Exchange, Lync, and Developer Tools. One of the critical updates addresses the Microsoft Graphics Component bug acknowledged last month.

The December 2013 MS patches will be rolled out on December 10, at about 10:00 a.m. PST. For a bit more info check out the Microsoft Security Bulletin Advance Notification available here.

QNAP Security today launched the newest Linux-based VioStor NVR VS-2100L series. The 2-bay VS-2100L series, available in a tower form factor with 4 and 8 channels, is designed micro-size with macro-functions for the home and small office users. Compact but fully loaded with advanced features, the VS-2100L series supports smart recording, multi-stream support, edge recoding, dewarping function, and more.

The VS-2100L series supports up to 8TB to accommodate high quality H.264, MPEG-4, M-JPEG, and MxPEG video recording. "The VS-2100L series provides many advanced features parallel to those available in superior models at a low total cost of ownership," said Amily Fang, product manager of QNAP Security. "We aim to offer a cost-efficient surveillance solution for home surveillance needs such as childcare, elder care, and home security."

Kingston Digital, Inc., the Flash memory affiliate of Kingston Technology Company, Inc., the independent world leader in memory products, today announced the release of the DataTraveler Vault Privacy 3.0 (DTVP) secure USB Flash drive, as well as the DataTraveler Vault Privacy 3.0 Anti-Virus, which helps enterprises safeguard business data and set security policies for end-users at an affordable price point. DTVP 3.0 provides 100-percent hardware-based encryption of confidential information and is also available separately with ClevX DriveSecurity powered by ESET anti-virus protection. The anti-virus engine utilizes ESET's NOD 32 proactive award-winning technology, which protects corporate end-users wherever they work or plug in.

As the workforce becomes more mobile, businesses must take the appropriate steps to educate their employees and establish security policies so sensitive data cannot be accessed by unauthorized users or cybercriminals. Kingston's DataTraveler Vault Privacy 3.0 USB Flash drive provides affordable business-grade security with 256-bit AES hardware-based encryption using XTS block cipher mode, which offers stronger protection than CBC and ECB modes. It is the first-to-market hardware-encrypted secure USB Flash drive with USB 3.0 performance.

The 13.3" EUROCOM M3 is now available with a Trusted Platform Module 1.2 for added security from external software attacks and physical theft.

The M3 is a small form factor, high performance notebook designed for both professional and gaming use, it is the highest performing 13.3" notebook currently available on the market that is perfect for users that require a highly capable system that can easily fit in carry-on luggage a backpack or purse.

QNAP Security today launched new business-class 4-bay, 1U rackmount VioStor NVR VS-4100U-RP Pro+ series, available in 8, 12 and 16 channels featuring high reliability. Powered by Dual-core Intel processor and 4GB DDR3 memory, the new series deliver quality performance with up to 250 Mbps throughput to ensure steady recording of multiple megapixel IP cameras. Moreover, the HDMI output and hardware decoder provide the ability to deliver up to 200fps Full HD local display.

The VS-4100U-RP Pro+ series support up to 16TB raw storage capacity to accommodate high quality H.264, MPEG-4, M-JPEG, and MxPEG video recording. "The VS-4100U-RP Pro+ series satisfy the requirements of SMB users who desire high performance network video recorders coupled with excellent reliability and features," said Amily Fang, product manager of QNAP Security. "The VS-4100U-RP Pro+ series delivers quality performance coupled with abundant features for small to medium-scale surveillance tasks."

Buffalo Inc. has today announced the RUF3-PV Series Flash Drives which offer enhanced data and virus protection through the use of built-in password protection and anti-malware software (namely Trend Micro USB Security 2.0). Coming in black and red, these new drives measure 65 x 23 x 9 mm, they have a retractable connector, USB 3.0 support, and deliver read speeds of up to 70 MB/s.

The RUF3-PV line includes 8 GB, 16 GB and 32 GB models and is set to hit stores in mid-September.

McAfee today announced the execution of a definitive agreement to initiate a conditional tender offer for the acquisition of Stonesoft Oyj, a leading innovator in next-generation network firewall products, for an aggregate equity value of approximately $389 million in cash.

Stonesoft delivers software-based, dynamic, customer-driven, cyber security solutions to secure information flow and simplify security management. Stonesoft's product portfolio of next-generation firewalls, evasion prevention systems, and SSL VPN solutions addresses businesses of all sizes. Through the pending acquisition of Stonesoft, McAfee expects to extend its leadership position in network security.

McAfee and Intel today announced their commitment to lead in delivering innovative security solutions aimed at protecting a consumer's entire digital life, reflecting the broad adoption and usage of personal devices. Together with Intel, McAfee is redefining the consumer security experience with a focus on safeguarding consumer devices, securing personal data and protecting identities online. This user-centric approach will deliver a comprehensive and valuable service offering that helps meet the evolving needs of consumers as they enjoy their digital lives, anywhere, from any device. The first of these personalized security offerings from McAfee is available in beta to partners, with a consumer version of the product available mid-year 2013.

The explosion in connected devices and the availability of online content and services has consumers spending more of their lives online. Always-connected consumers who are shopping, banking, and sharing information online have an unprecedented amount of their personal and financial information at risk to increasingly sophisticated attacks and scams. Because of these new usages and the resulting distribution of personal information, a more comprehensive approach to security is required to protect consumers.

Elitegroup Computer Systems (ECS) today reveals a full product line of Thin Mini-ITX motherboards, in three segments where low power consumption and a small footprint are desirable: enterprise, multimedia and consumer - to fulfill the different demands for AIO (All-in-one) and SFF (small form factor) applications.


Enterprise/Corporate Solutions: Q77H2-TI & B75H2-TI
For corporate and industrial use, the all solid capacitor ECS Q77H2-TI & B75H2-TI motherboards are based on the Intel 7-Series Chipset, which support 3rd generation Intel Core i7, Intel Core i5 and other Intel processors. Both of these platforms feature 2 x Mini PCIe x1 expansion slot, SATA 3.0/2.0/mSATA, 4x USB 3.0, 5x USB 2.0 along with support for digital signage.

Kaspersky Lab's CEO and co-founder, Eugene Kaspersky, has been voted Technology Hero of the Year in the third annual V3 technology awards. This is considered a massive achievement due to the award being presented to no other than the late Apple CEO, Steve Jobs in 2011.
Voted for by V3 readers, this prestigious award recognises Eugene's huge impact on the security industry over the past 15 years since Kaspersky Lab was founded. From Flame to Madi, inspiring leader Eugene has been at the fore-front of all of the company's ground-breaking malware discoveries and offered his expert advice to businesses and consumers alike.

"Our malware discoveries are dedicated to making the online world a safer place, so it's great to see the appreciation by winning this award", explains Eugene Kaspersky. "Being recognised as Technology Hero of the Year is an amazing achievement for not just myself, but Kaspersky Lab as a company due to the time and commitment spent on fighting cybercrime both before it occurs and during."

Today, leading technology companies announced the creation of the Cyber Security Research Alliance (CSRA). The CSRA is a private, non-profit research consortium formed in response to the growing need for increased public-private collaboration to address complex problems in cyber security. The founding members of the CSRI are Advanced Micro Devices (AMD), Honeywell, Intel Corporation, Lockheed Martin, and RSA/EMC.

President Obama has prioritized cyber threats as one of the most serious economic and national security challenges we face as a nation and a dependency to America's economic prosperity in the 21st century.

Today, leading technology companies announced the creation of the Cyber Security Research Alliance (CSRA). The CSRA is a private, non-profit research consortium formed in response to the growing need for increased public-private collaboration to address complex problems in cyber security. The founding members of the CSRI are Advanced Micro Devices (AMD), Honeywell, Intel Corporation, Lockheed Martin, and RSA/EMC.

President Obama has prioritized cyber threats as one of the most serious economic and national security challenges we face as a nation and a dependency to America's economic prosperity in the 21st century.

CSRA seeks to achieve coordinated industry participation to address national cyber security research and development (R&D) imperatives and bridge the gap between government funded R&D and commercially available products and solutions in cyber security. CSRA will focus on challenges that are bigger than any one company, consortium, sector or nation and ensure that government, industry and academia collaborate on in-depth problem understanding and definition.

Kaspersky Lab, a leading developer of security and threat management solutions, today announced a partnership with Facebook, with the goal of enhancing the security of social networking both online and offline. Kaspersky Lab is now supplying Facebook with up-to-the-minute data about the latest malicious software threats worldwide, which will be used to protect Facebook users from inadvertently visiting malicious web pages.

People are more likely to click on a link shared by a friend, and this inherent trust is something cyber-criminals prey upon. Malicious URLs can automatically share themselves with a victim's personal contacts without the user's knowledge, making the links appear legitimate. Now, when Facebook users share or click a link shared by their friends, the link will instantly be compared against Kaspersky Lab's database of malicious web pages. If the link matches Facebook's list of known 'bad' URLs - which are supplied to Facebook by Kaspersky Lab and other security vendors - the user will be immediately notified and blocked from visiting the web page. This not only prevents the user's personal information and computer from being put at risk, but stops the malicious links from spreading further.

Designed for professionals seeking a solid business notebook that delivers robust productivity, manageability, security and reliability features, Acer America today introduced the new TravelMate P243 notebook PC for U.S. customers.

"Today's mobile business executive needs a PC that is robust enough to run intensive business applications while still fitting into strict budget guidelines," said Gregg Prendergast, vice president of commercial sales for Acer America. "The TravelMate P243 notebook is an important addition to our professional notebook portfolio as it combines everything today's road warrior requires, including exceptional performance, enterprise-level security, durability and manageability for a best-in-class mobile experience."

Imation Corp., a global scalable storage and data security company, today announced the expansion of its secure USB hard drive line with capacities of up to 1 terabyte (TB), optional biometric fingerprint authentication, and a uniquely comprehensive set of options for secure USB hard drive management.

"Enterprise and government organizations increasingly need manageable USB devices in order to provide mobile workers with the tools necessary to work where and when they want, and access the data they need in the most secure way possible," said Lawrence Reusing, Imation's general manager for Mobile Security. "People are increasingly turning to USB hard drives to transport large data sets. Our expanding secure hard drive offerings are in response to our customers needing increased capacity without compromising control over the devices and data."

Today Logitech expanded its Logitech Alert lineup by introducing the Logitech Alert 750n Indoor Master System, a complete video security system in a box that enables you to be there - even when you're not. Easy installation, wide-angle night vision, powerful PC software and a free remote viewing account let you rest at ease whether at home or away, with peace of mind that your property and loved ones are safe.

For expanded security coverage, Logitech also introduced the Logitech Alert 700n Indoor Add-On Camera. This stand-alone night-vision camera is easy to add to your existing Logitech Alert Master system so you can see what's going on in other rooms or locations.

Symantec Corp. today announced the findings of its Internet Security Threat Report, Volume 17, which shows that while the number of vulnerabilities decreased by 20 percent, the number of malicious attacks continued to skyrocket by 81 percent. In addition, the report highlights that advanced targeted attacks are spreading to organizations of all sizes and variety of personnel, data breaches are increasing, and that attackers are focusing on mobile threats.

Malicious Attacks Continue to Grow Rapidly

Symantec blocked more than 5.5 billion malicious attacks in 2011, an increase of 81 percent over the previous year. In addition, the number of unique malware variants increased to 403 million and the number of Web attacks blocked per day increased by 36 percent.

Apricorn (www.apricorn.com), a leading designer and manufacturer of data security products for business, has announced a new and improved version of its popular Aegis Padlock drive, the Aegis Padlock 3.0. The reinvented Aegis Padlock 3.0 combines a super fast integrated USB 3.0 cable - increasing data transfer speeds by over 500% over the USB 2.0 version, enhanced AES-XTS hardware encryption, software free design, plus new security features to create a powerful data storage device perfect for taking your data on the road.

Available in capacities up to 1 TB with either a ruggedized, shock mounted hard drive (prices start at $169) or with a super tough SSD (prices start at $199), the Aegis Padlock 3.0 provides powerful data security that is tough enough for a wide variety of needs.

You wouldn't think there would be much to say about a USB flash drive, but in this case, what you say, and how you say it, is your key to data security. Advanced technical skills are definitely not required, because this is a plug-and-play device, requiring no software installation. All critical software is embedded in the flash drive itself, and it is fully functional the moment it is removed from the box.

After inserting the USB into a computer, red and green LEDs flash to signal to the user that the drive is ready to hear the password through its on-board microphone. Armed with a dedicated on-board microprocessor, the drive's voice-recognition software then sorts out the various nuances and frequencies of an authorized voice, and the only necessary password is a spoken one.

Japanese company Elecom launched the MF-MSU3 line of stylish USB 3.0 flash drives. Available in four color options: black (MF-MSU30xGBK), white (MF-MSU30xGWH), pink (MF-MSU30xGPN), and blue (MF-MSU30xGBU), where "x" is capacity in GB; the drives are available in four capacity options: 4 GB, 8 GB, 16 GB, and 32 GB. The drives offer transfer rates of 60 MB/s (read/write), and feature Elecom PASS (Password Authenticated Security System), an AES-based data encryption software. Measuring 59.0 x 17.5 x 7.8 (WxDxH), these drives weigh about 9 g. The feature the conventional capped form-factor. Elecom did not give out pricing information, but they will be released to market in October.

Kingston Digital, Inc., the Flash memory affiliate of Kingston Technology Company, Inc., the independent world leader in memory products, today announced a reduction in price for its line of enterprise and government secure USB Flash drives, as well as new capacities for its DataTraveler 4000 (DT4000) and DataTraveler Vault - Privacy (DTVP) Managed and Unmanaged secure mobile storage solutions. A leader in memory solutions since 1987, Kingston will exhibit at RSA Conference 2012 (booth 1059) to showcase the industry's only secure USB family ranging from general-purpose business use to flexible, managed enterprise offerings, and to platforms for the most secure and rigid government standards.

Corporate and customer data are the lifeline of any company - to be safeguarded at all times and handled cautiously. Data breach trends and recent studies, such as the Ponemon Institute's 2011 report, The State of USB Security, indicate that data breaches continue to occur far more frequently than they should and unsecured USB Flash drives remain a leading culprit. Additionally, failure to protect data can expose a company to a host of negative consequences including non-compliance, fines, financial loss and lack of customer confidence and trust.

The UK government has a bizarre idea of "communications capabilities development": mass-monitoring of IP traffic, and snooping into what British netizens are up to. Despite being defeated during the UK Labour Party rule, there seems to be a revival of the idea of greater monitoring of internet traffic under the Conservative government, under a legislation titled "Communications Capabilities Development Programme".

This legislation proposes that ISPs and other communications providers be required to maintain logs of individual users' communications, all of them, starting from web history, to IM, to in-game text/voice chat, e-mails, Skype calls, even Twitter messages. This monitoring should run for at least an year, so the establishment collects enough data to draw patterns around.

Security software maker Symantec confirmed to the press that the group of hackers that obtained source code of its pcAnywhere software were holding it to ransom. The group claims to be linked to Anonymous. The group allegedly demanded US $50,000 from Symantec in return for destroying the source code it stole, on failing to pay it, the group threatened it would leak the source code to the public, which would expose the software to malware writers and competitors.

Symantec has apparently been in negotiations with the hacker group over preventing the leak, it even agreed to pay the group its "ransom", provided it could do so in monthly installments. The group declined, and the negotiations fell through. A transcript of this email conversation was posted on Pastebin (can be accessed here). The hackers claimed to have posted the source code of pcAnywhere (in a 2.3 GB RAR archive), on a popular bit-torrent site. In our opinion, extorting money is very un-Anonymous. Anonymous, being the self-proclaimed hacktivist group that it is, would post the source code "just for the lulz", without even getting into negotiations with Symantec.