AV giants team up against eBay pirates
Symantec Corp. and McAfee Inc. may be competitors, but they and others are teaming up against a common enemy: software pirates selling illegal versions of their products on eBay. The AV vendors have thrown their clout behind a larger Software & Information Industry Association campaign to purge eBay of pirated-software sales. The SIIA's goal is to trap the pirates by buying software from the auction site and suing those whose products turn out to be fraudulent, according to Silicon.com.
The initiative started earlier this week when the SIAA filed three lawsuits against people in the U.S. They are accused of selling at least 15,000 items of pirated software during the last three months of 2005. A quick surf around eBay by Silicon.com uncovered dozens of sales offering software from Symantec's line of Norton products, as well as McAfee software. Many appeared far from legitimate, with some offerings consisting of nothing more than a CD; some sellers even admitted that boxes and manuals were not included in the sale, the news site reported.
"McAfee takes the sale and distribution of pirated software extremely seriously," a representative for the antivirus company told Silicon.com. "We proactively take all measures possible to shut down all auctions where it is obvious that illegal or gray imports of our products are being sold on eBay or indeed any auction site."
Report: Cisco, Microsoft will reap security benefits
A new poll of IT executives shows many considering products from Cisco Systems Inc. and Microsoft this year, as companies prepare for new network and application security investments and the two technology giants push deeper into the security market.
The poll was conducted by New York-based Citigroup Inc.'s Citigroup Investment Research arm and focused on CSOs at 50 U.S.-based Fortune 1,000 companies. According to the survey, 32% of respondents will increase their security budgets this year, while 54% will spend about the same as last year. Only 6% said they'll reduce tech spending this year.
Asked which vendors they're looking at for new security technology, most respondents mentioned Cisco in the networking space and Microsoft in the applications sector.
Citigroup said 64% of respondents plan to buy applications from security vendors, while 33% will probably buy security products from companies that specialize mainly in data networking technology. While only 33% said they prefer to buy from data networking vendors, Citigroup said 44 out of 50 respondents said they've already started making some security purchases from Cisco.
Sun addresses Java flaw
Sun Microsystems Inc. has addressed a security hole in its Java System Directory Server, which attackers could exploit to gain unauthorized access. In an advisory, Sun said the problem lies in an unspecified error that occurs during the initial installation process. This may cause the wrong user data to be entered into a file created during installation of the administration server instance. Attackers could exploit this issue to gain unauthorized administrative access to the directory server by logging into the directory server console.
The problem could affect Sun Solaris 8, 9 and 10; Linux, Windows, HP-UX, and AIX.
As a solution, Sun recommends changing the administrative user password manually. The process for doing so is mapped out in the advisory.