Web site auctions software vulnerabilities to highest bidder; 10 steps to prepare for cyberwar

Security News Alert This newsletter is sponsored by Gateway Virtual Server Management: Weigh the options Learn about an array of exciting new time-saving tools that make it possible to manage virtual servers in a similar way as physical servers by watching the latest Network World Editorial Perspectives Webcast. Click here to watch! Network World's Security News Alert, 08/24/07 Web site auctions software vulnerabilities to highest bidder, 08/23/07: A new Web site, wslabi.com, auctions off software vulnerabilities, raising concerns that criminals will have better access to them for exploitation. Monster shuts down rogue server after breach, 08/23/07: Monster Worldwide, whose job-hunting sites suffered a massive data breach caused by hackers, has shut down a rogue server that had been used to gather personal details of job seekers. Cogent: Cable was attacked with saw and gun, 08/23/07: Guns, saws, and some very dim-witted thieves were all apparently involved in a network blackout that affected Internet users, primarily in the Northeastern U.S., earlier this week. Network World Buyer's Guides Find the right products for your enterprise - fast. With seven categories - security, storage, convergence and VoIP, network infrastructure, network applications, wireless and LAN/WAN management - you can quickly pinpoint the hardware or software you need. With the side-by-side comparison tool you can evaluate product features and make the best purchase decisions for your enterprise. Click here to go to the Buyer's Guides now. How close is World War 3.0?, 08/22/07: When the Estonian government was hit with major, sustained denial-of-service attacks this spring, the headlines screamed that it was the first incident of modern cyber warfare. 10 steps to prepare for cyberwar Hacktivism attacks may rise, homeland security official warns, 08/22/07: Michael Witt was appointed deputy director of the U.S. Computer Emergency Readiness Team within the Department of Homeland Security’s National Cyber Security Division in January 2006. He leads US-CERT in protecting the nation’s Internet infrastructure by coordinating the response to cyberattacks. Network World national correspondent Carolyn Duffy Marsan interviewed Witt about the Estonian cyberattack and its implications for U.S. network managers. 5 things Estonia did right in battling hacktivism 'Storm' Trojan horse may turn to hyping Hurricane Dean, 08/22/07: The 8-month old Storm Trojan horse may soon come full circle and take up touting Hurricane Dean, the Category 5 storm that slammed into Mexico Tuesday, security researchers said. How to neutralize today's worst Web attacks, 08/22/07: Symantec recently posted details about a new version of MPack, a for-sale Web attack kit that loads up a site with exploits against Windows, QuickTime, and WinZip. The $400 kit was used in the June Italian Job online assault that hijacked tens of thousands of Web sites, most of them in Italy. Crooks can buy MPack and a host of other nefarious programs on a thriving online black market. FTC stops e-mail marketing of weight-loss products, 08/23/07: A U.S. district judge has ordered a company to stop sending unsolicited e-mail marketing weight-loss and anti-aging products that allegedly did not work, the U.S. Federal Trade Commission announced Thursday. U.S. state pension fund admits breach of retiree data, 08/22/07: Red-faced officials at the California Public Employees' Retirement System (CalPERS) are sending out letters of apology to about 445,000 state retirees after inadvertently printing their Social Security numbers on brochures announcing an upcoming election at the state pension fund. Sandia back-hacker still waits for his $4.7M, 08/22/07: Six months after being awarded more than $4.7 million in damages and other costs stemming from a wrongful termination suit against Sandia National Laboratories, Shawn Carpenter, a former security analyst at the organization, has yet to collect a dime. Cisco IP phones open to attack: Session Initiation Protocol flaws are making Cisco 7940/7960 IP Phones vulnerable to denial-of-service attacks. NAC security tips: Cisco Subnet blogger Jamey Heary has some tips on creating a solid NAC host security policy. Live Chat: The truth about NAC: Security expert Joel Snyder separates NAC fact from fiction. Live, Tuesday Aug. 28 at 2 p.m. Submit your questions now.

TODAY'S MOST-READ STORIES: 1. How close is World War 3.0? 2. Gunplay blamed for Internet slowdown 3. Storm worm spam nearly doubles in volume 4. Deploying Google Apps: A career-killer? 5. Microsoft-Cisco collaborative lovefest over? 6. 10 virtualization companies to watch 7. 1.6M records stolen from Monster.com 8. 5 things Estonia did right in battling hacktivism 9. 3G wireless not just for big shots anymore 10. Singapore Airlines puts a Linux PC in every seat MOST DOWNLOADED PODCAST: Safety tip: Keep your cell phone out of your pocket

Contact the author: Senior Editor Ellen Messmer covers security for Network World. E-mail Ellen. This newsletter is sponsored by Gateway Virtual Server Management: Weigh the options Learn about an array of exciting new time-saving tools that make it possible to manage virtual servers in a similar way as physical servers by watching the latest Network World Editorial Perspectives Webcast. Click here to watch! BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007