Security World: Security Report: Cruel and unusual

========================================================================
SECURITY REPORT

http://www.infoworld.com/
========================================================================
Monday, May 7, 2007

* Cruel and unusual
* Microsoft promises DNS patch Tuesday
* Stop fighting better security
* Spammers use new technique to evade filters
* Mobile business applications need work
* Document shell code attacks loom large
* Symantec closes in on delivery of major AV update
* Digg bends to users' will on AACS encryption key

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
ADVERTISEMENT

IRONPORT(R): THE WORLD'S MOST INNOVATIVE ANTI-VIRUS TECHNOLOGY

IronPort Virus Outbreak Filters(TM), available on all IronPort email
security appliances, provide a critical first layer of defense
against new outbreaks, hours before traditional anti-virus solutions.
This proven, preventative solution performs a threat assessment of
inbound and outbound email - quarantining suspicious messages until
signatures from traditional anti-virus vendors are deployed.

http://newsletter.infoworld.com/t?ctl=175EA14:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
INFOWORLD ZERO DAY PODCAST

Covering business and IT strategies for securing the enterprise,
InfoWorld's Bob Garza covers anti-spam, anti-spyware, application layer
security, biometrics, digital identity, intrusion detection, malware and
more Sponsored by IronPort.

http://newsletter.infoworld.com/t?ctl=175EA08:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --

========================================================================

CRUEL AND UNUSUAL

Incident: I still have trouble believing that this happened only last
year. Our consulting guys got called in to rebuild a server farm
"from scratch," as the caller put it. That surprised us
because we'd done some business with this client before and the
client's on-site guy was decent. Calls to him for an explanation,
however, went unanswered. So we show up on-site and find out why:
They'd fired him. This didn't come as a complete surprise,
as he did have some personality issues that might have made him
unpopular. But as it turns out, according to office gossip, they
didn't just fire him. The CEO -- whom we didn't like either
-- actually did an Ari Gold number on him. Fired him during a staff
meeting, embarrassed him in front of everyone, screamed at him, told him
he wasn't getting his agreed-on severance for cause. I can't
get into specifics, but let's say that the gossip showed that
"cause" was highly arguable. Looked to us like he was
getting blamed for a sales engineer screwing up at a client site.

http://newsletter.infoworld.com/t?ctl=175EA07:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

========================================================================

MICROSOFT PROMISES DNS PATCH TUESDAY

Microsoft Corp.'s security center has confirmed that a patch for the
already exploited DNS server bug in Windows will be among the seven
updates scheduled to release next Tuesday.

http://newsletter.infoworld.com/t?ctl=175EA00:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

========================================================================

STOP FIGHTING BETTER SECURITY

I'm always surprised by how many professionals actually fight the
computer security improvement process. The very people that are supposed
to be security advocates often put up interesting theoretical roadblocks
to improving defenses. Here are some of the excuses I commonly hear:

http://newsletter.infoworld.com/t?ctl=175EA06:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
ADVERTISEMENT

IRONPORT(R): THE WORLD'S MOST INNOVATIVE ANTI-VIRUS TECHNOLOGY

http://newsletter.infoworld.com/t?ctl=175EA14:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
========================================================================

SPAMMERS USE NEW TECHNIQUE TO EVADE FILTERS

Spammers have stepped up efforts to use encrypted attachments to evade
filtering systems, service provider Email Systems has reported.

http://newsletter.infoworld.com/t?ctl=175EA05:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

========================================================================

MOBILE BUSINESS APPLICATIONS NEED WORK

The process of mobilizing enterprise business applications remains in its
early stages, but software makers, device manufacturers, and customers
are all currently working to foster increased wireless adoption.

http://newsletter.infoworld.com/t?ctl=175E9FF:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

========================================================================

DOCUMENT SHELL CODE ATTACKS LOOM LARGE

Targeted attacks that utilize vulnerabilities in popular document file
formats and execute via hard-to-find shell code are becoming an
increasingly popular menace, according to researchers at IBM's Internet
Security Systems division.

http://newsletter.infoworld.com/t?ctl=175EA04:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

========================================================================

SYMANTEC CLOSES IN ON DELIVERY OF MAJOR AV UPDATE

Symantec is slipping on its target delivery time for the next major
upgrade of its security product for enterprises, code-named Hamlet,
while it irons out final code wrinkles during beta testing.

http://newsletter.infoworld.com/t?ctl=175EA03:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

========================================================================

DIGG BENDS TO USERS' WILL ON AACS ENCRYPTION KEY

Kevin Rose, the founder of Digg, threw in the towel on Tuesday night. By
that point, Digg executives had spent hours in a fruitless battle
to remove repeated posts to the community news Web site that
contained a key needed to crack the AACS (Advanced Access
Content System) encryption used to limit copying of HD-DVD and Blu-ray
discs.

http://newsletter.infoworld.com/t?ctl=175EA01:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

======================================================================

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
ADVERTISEMENT

IRONPORT(R): THE WORLD'S MOST INNOVATIVE ANTI-VIRUS TECHNOLOGY

http://newsletter.infoworld.com/t?ctl=175EA14:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -

DAILY NEWS, DELIVERED TO YOUR COMPUTER, MP3 PLAYER OR CELL PHONE

The InfoWorld Daily podcast provides readers with
up-to-the-minute news and features that shape the world
of enterprise IT. Tom Sullivan reports on the leading news
and events that shape the today's IT community.

http://newsletter.infoworld.com/t?ctl=175EA09:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

======================================================================

ADVERTISE

To advertise, contact Kate_Hobbie@infoworld.com.

======================================================================

UNSUBSCRIBE/MANAGE NEWSLETTERS

To subscribe, unsubscribe or change your e-mail address for any of
InfoWorld's e-mail newsletters, go to:
http://newsletter.infoworld.com/t?ctl=175EA0A:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

Contact Customer Service at: customerservice@infoworld.com

To view InfoWorld's privacy policy, visit:
http://newsletter.infoworld.com/t?ctl=175EA0B:20920CD98AAF82DDDB9B8649FCC27E90EFF29049075316B4

This message was sent to: security.world@gmail.com