« September 2009 | Main | November 2009 »

October 2009

10/28/2009

Inside One Firm's Private Cloud Journey

Travel booking and expense firm Concur Technologies uses virtualization and an infrastructure-as-a-service model to slash costs and deployment times for internal business groups. Bonus benefit: Improved compliance tracking.

CIO.com

Posted at 04:13 PM in Articles, Cloud Computing, Data Centers, Enterprise Technology, Published on CIO.com | | Comments (0) | TrackBack (0)

|

10/15/2009

The Underground's Cash Cow

Cybercriminals regularly buy and trade their victims' personal and financial information. Yet, security researchers are finding that online thieves are expanding their illegitimate businesses beyond just selling data. Now they are selling access to your computer.

In June, Web security firm Finjan reported that its researchers found an online trading platform that allows criminal buyers to lease or purchase blocks of compromised systems, commonly referred to as bots or zombies. The criminal exchange, named "Golden Cash" by its creators, presents an easy way for cybercriminals to profit from the control of their victims' systems.

Symantec's YourSecurityResource

Posted at 12:04 PM in Articles, Consumer Technology, Cybercrime, Published on Symantec's YSR, Security | | Comments (0) | TrackBack (0)

|

Five Lessons from a Data Center's Crisis of Capacity

In 2005, problems in the data center at Pacific Northwest National Laboratory came to a head.

Unscheduled outages were occurring almost monthly, bringing down the data center for hours at a time. Groups were buying an increasing number of rack-mounted servers — which had recently become cheaper at the time — to boost the computing resources, says Ralph Wescott, data center services manager for the government laboratory, which is managed by the U.S. Department of Energy. In July, 2005, the server room had reached its capacity limit.

"Groups would go buy a server and throw it over the wall to me, saying, 'Hey, install this,'" Wescott says. "But I didn't have any space, power or cooling (capacity) left. If I installed (one more), the whole room would go dark."

CIO.com

Posted at 10:21 AM in Articles, Data Centers, Enterprise Technology, Published on CIO.com | | Comments (0) | TrackBack (0)

|

10/09/2009

Vermont's Lights Out Data Center: No One's Home Nights or Weekends

The data center for the state of Vermont provides application and storage for the services provided by the state's government, from processing registration information for the Department of Motor Vehicles, to ensuring that enrolled citizens benefit from the state's food subsidy program.

In an effort to cut costs, Joe Ng, the information-technology manager responsible for the government's data center, embarked on a program two years ago to automate management of the facility, moving from operation around the clock to locking the doors and turning off the lights between midnight and 6 a.m. on weekdays and for the entire weekend.

CIO.com

Posted at 09:34 AM in Articles, Data Centers, Enterprise Technology, Published on CIO.com | | Comments (0) | TrackBack (0)

|

10/02/2009

Researchers Hijack a Drive-By Botnet

By infiltrating a criminal computer network aimed at infecting visitors to legitimate websites, university researchers have gained firsthand insight into the scale and scope of so-called "drive-by downloading." They found more than 6,500 websites hosting malicious code that redirected nearly 340,000 visitors to malicious sites.

Drive-by downloading involves hacking into a legitimate site to covertly install malicious software on visitors' machines or redirect them to another site.

In an unpublished paper, researchers at the University of California at Santa Barbara describe a four-month study in which they connected their servers to a collection of compromised computers known as the Mebroot botnet.

Technology Review

Posted at 08:24 AM in Articles, Cybercrime, Published on Technology Review, Research, Security | | Comments (0) | TrackBack (0)

|

10/01/2009

Sanctuaries for Thieves

In April, the Federal Trade Commission, the U.S. agency responsible for protecting consumers, approached a number of security experts looking to answer one question: Had a company known as Triple Fiber Network, or 3FN, become a haven for online crime?

The Shadowserver Foundation, a group of computer security whizzes who track cybercriminals' online activities, searched their database and found that more than 4,500 unique malicious programs used 3FN's servers as central command hubs. The data confirmed that 3FN provided a haven for cybercriminals to reach out to unsuspecting users and steal passwords, compromise their systems and send out spam.

"They were running botnet controllers for spamming and other malicious activity," says André DiMino, co-founder and director of the Shadowserver Foundation. "We had pretty good visibility into what they were doing."

Symantec's YourSecurityResource

Posted at 12:11 PM in Articles, Consumer Technology, Cybercrime, Published on Symantec's YSR, Security, Software | | Comments (0) | TrackBack (0)

|