As you can’t have failed to notice by now, a hardware vendor bought a UTM vendor last week. Of what earthly interest could that be to enterprise security folk? As it happens, the Dell acquisition of SonicWALL is interesting for a number of reasons. One being the concern many SuperMassive customers might have regarding its future under a company not renowned for its enterprise security products, and other being the way Dell is setting its stall out to take on HP and Cisco in the enterprise. ...Read more

Over the past several years, NSS Labs has conducted ongoing research into the protection capabilities of Chrome, Firefox, Internet Explorer, and Safari. The latest round of testing occurred from November 21, 2011 – January 5, 2011, during which we observed what appears to be a significant change when compared with historical results...Read more

On Friday December 9th, security reseller Accuvant published a Google-funded report in which Google Chrome comes out on top, seemingly at the expense of Mozilla Firefox. At the request of several enterprise clients, NSS Labs has reviewed the Google/Accuvant publication...Read more

Last Friday, NSS researchers announced their findings on Duqu on a blog post. We also pointed to our open source tool that we've shared with the security research community. Since posting, the tool has been viewed over 18,000 times and 45 different forks have been created from the github repository in the few days it has been up. Read more...

While there has been a lot written about DuQu, and some talented researchers – particularly Budapest-based CrySyS Labs – have done good work, there have been some key omissions and misinformation, as well as retractions and restatements. Having performed our own extensive analysis of the code, we wanted to provide the following succinct summary of our findings. Read more...

It is often said that there is no such thing as security through obscurity. However, if the purpose is to evade detection, then security through obscurity is a valid option; it is hard for data to be compromised if that data is never found. Read more...

First things first. The so-called Siri "vulnerability" that was widely reported this week is a dumb non-issue created by journalists seeking sensationalist headlines. A simple setting disables the ability to use Siri without unlocking the phone rendering the whole issue moot. What the sensationalists fail to take into account is that the iPhone is a consumer device. Most consumers don't even use a passcode. The obvious default setting for Siri in this case, as one of the attractive new USPs of the iPhone 4S... Read more

Performance and effectiveness claims from vendors of network security products can never be taken at face value. In a process crucial to making the right buying decisions, how do the CISO, CIO and other security professionals ensure that new in-line security products are tested thoroughly in an environment that replicates as closely as possible that found in his or her own network? Read more...

This weekend the infosec community lost one of its early pioneers and formative forces. Gene Schultz was also an advisory board member of NSS Labs. He was a wise, kind soul, and a consumate gentleman. I was personally graced by his mentorship, encouragement, support, and friendship over the last 7 years. He will be sorely missed and well remembered.

Gene's obituary, as written by long-time friend and another icon in infosec. http://www.cerias.purdue.edu/site/blog/post/gene_schultz_r._i._p/

Lately we have been seeing TrojansVOIP trojan downloading and installing the SIPVicious suite that is primarily used to audit SIP based VoIP System. This is a good example on how the toolset developed with good things in mind is misused by malware authors. For starters, SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It currently consists of five tools: Read more...