ANX Corporate Blog

Posts filed under Security Threats

Showing 21 through 25 of 26 total posts

ANX PositivePro Customers Protected from Recently Discovered SSL Vulnerability

 SSL authentication gap allows a man-in-the-middle attack, affecting the majority of SSL-protected servers

SOUTHFIELD, Mich. (Nov. 24, 2009) - ANXeBusiness Corp., a leading provider of networking and security managed services, today announced that customers of the company’s cloud-based remote access product, ANX PositivePRO, are protected from the recent Secure Sockets Layer (SSL) vulnerability discovered by researchers at PhoneFactor, a leading global provider of two-factor security services. ANX PositivePRO is a hosted, managed VPN solution that quickly allows remote access without the need to buy, install, or configure an appliance within an organization.


According to PhoneFactor, a serious...

Read more

Comments (0) Comment Bubble

Posted November 21, 2009 12:10 pm by Glenn Moore

National Data Breach Notification Laws Getting Closer

Political momentum is building for a nationalized approach to data breach notification.  I think it's just a question of "when" this will become the law of the land.


Here's a quick summary of the laws under consideration:


The U.S. Senate Judiciary Committee recently approved two bills that would require organizations with data breaches to report them to potential victims.


The first bill is called the Data Breach Notification Act and is sponsored by Senator Dianne Feinstein of California.  It would require U.S. agencies and businesses that engage in interstate commerce to report data breaches to victims whose personal information "has been, or is reasonably believed to have been, accessed, or acquired."  Feinstein's bill would also require agencies and businesses...

Read more

Comments (1) Comment Bubble

Posted November 18, 2009 1:03 pm by Anthony Maughan

SSL/TTS Vulnerability Response (CVE-2009-3555)

There's been much coverage and discussion of recently disclosed SSL vulnerabilities. ANXeBusiness is jumping into the discussion with the help of a special guest blogger, Steve Dispensa.  Marsh Ray, who is on Steve's development team, is credited with discovering this vulnerability.


Steve is currently the CTO of PhoneFactor and is one of the founding partners and original developers of our cloud-based remote access product, PositivePRO.  The idea behind PositivePRO was that remote access provided by the internal IT staff was expensive and cumbersome to maintain.  Steve and his crew were determined to develop a Software-as-a-Service alternative that was simpler and more effective than traditional appliance-based approaches.  One of the key objectives was to make it  even...

Read more

Comments (0) Comment Bubble

Posted November 15, 2009 11:20 pm by Dennis Piche

Get Safe Online Week

According to their blog, the UK based initiative “Get Safe is a free public service from HM Government, the Serious Organised Crime Agency (SOCA) and partners from the private sector. We help individuals and micro-businesses use the internet safely.” Their website has a beginners guide, some down to earth videos, and great advice for small businesses.  Check out their video on money mules (Internet money laundering) - evidence that real money is stacking up and that we have entered a new stage in online criminal activity.


This week is Get Safe Online week. Running from November 16 through the 20th, their objective is to encourage everyone to take some time out of their week to learn more about internet safety and to make sure that their computer is properly...

Read more

Comments (0) Comment Bubble

Posted November 12, 2009 8:10 am by Glenn Moore

War on Cyber Terrorism

Have you seen the story by 60 Minutes on cyber threats?  I highly recommend you watch it: 

The Story In a Nutshell

Cyber terrorism has crossed over from the realm of potential into the realm of likely.  The story provides examples of how power grids, financial networks, government agencies and even defense systems are already being compromised. State sponsored cyber attacks are proving to be the new battle field.



Here's My Take:

How do we combat such an insidious new enemy?  It starts with awareness.  We can no longer stick our heads in the sand and hope the problem doesn't strike.  Just as the Department of Homeland Security did a good job of educating the public on terrorist threat levels after 911, we need to adopt similar approaches with cyber...

Read more

Comments (0) Comment Bubble