Gmail zero-day flaw allows attackers to steal messages; PhishFilet catches malicious e-mails

Security News Alert This newsletter is sponsored by IBM Internet Security Systems Take A Preemptive Approach to Security Vulnerabilities are lurking! The IBM Cyber Attacks On The Rise: IBM 2007 Midyear Report highlights and analyzes security susceptibilities and identifies advances in spam and phishing technologies. IBM offers an unparalleled commitment to excellence when it comes to preemptive security. Start your journey into IBM security solutions today. Download your complimentary copy now. Network World's Security News Alert, 09/28/07 Gmail zero-day flaw allows attackers to steal messages, 09/26/07: Accounts on Google's Gmail can be easily hacked, allowing any past -- and future e-mail messages -- to be forwarded to the attacker's own inbox, a vulnerability researcher said Tuesday. Antiphishing feature added to Engate e-mail security, 09/27/07: Engate Technology today announced a version of its antispam software that the company says includes the industry’s first preemptive protection against phishing attacks. EBay: Phishing likely to blame for members' data theft, 09/27/07: EBay's security experts have determined that it's highly likely that whoever posted confidential information about its members in a company discussion forum this week stole the data via an e-mail phishing scam, an eBay spokeswoman said Thursday. Straight Talk from Security Experts Leading security experts share their advice, secrets and real-world experiences in Network World's latest Executive Guide, "The Security Treadmill." Learn how to get inside users' heads, fight for a bigger security budget and much more. Click here to download this Executive Guide. 5 things I've learned about privacy, 09/26/07: As founder of the Ponemon Institute, a privacy and business ethics think tank, Dr. Larry Ponemon worries society will give up on privacy ideals as protecting personal data becomes harder. Tapping IT to fight terrorism, deal with hurricanes, 09/26/07: Business intelligence takes on a new meaning when it's used to make sure that mission-critical equipment like night-vision goggles makes it to the right brigade in Iraq at the right time. Code Green downsizes data-protection boxes, 09/26/07: Code Green Networks is coming out with a smaller, lower-cost version of its data-loss-prevention appliances that it hopes will attract small and midsize businesses that cannot afford higher-end data-protection gear. France drags its feet on online security, 09/27/07: With Internet fraud on the rise, French banks and merchants are not putting in place antifraud technology to catch bad online transactions, an official from France's central bank said Thursday. UPEK brings fingerprint security device to Mac, 09/26/07: UPEK has announced that its Eikon Digital Privacy Manager, a "biometric" security device, now works with the Mac. It costs $39.99. Two charged with espionage sought funding in China, 09/27/07: A federal grand jury indicted two men in California of conspiring to steal high tech trade secrets and develop them with venture capital funding they sought to obtain from China. Chat with Amazon.com’s CTO live: If ever there were a man that knew how to eek out capacity and secure a data center, it would be Werner Vogels, vice president & CTO of Amazon.com. Join him for a live chat on Monday Oct. 1 from 2 p.m. - 3 p.m. EDT. No registration is required, but those who RSVP “yes” to community editor Julie Bort in advance will be eligible for a Network World T-shirt. More trouble with Microsoft’s license validation: The Microsoft Office 2007 add-on site refuses to download legitimate add-ins for Office 2007 when a legitimate – but not yet activated – additional Microsoft product is installed on the computer, discovers security expert Tyson Kopczynski.

TODAY'S MOST-READ STORIES: 1. 2007 Salary survey: IT pay falls short 2. TJX offer no good for 99% of breach sufferers 3. IBM: Symphony downloaded 100K times 4. Cisco's branch bonanza 5. Can Red Hat move beyond its core technology? 6. A defense against Photoshop fakery 7. Unauthorized iPhone apps market flourishes 8. 'Panda virus' victim offers perp plum IT job 9. Phil the Fish teaches users to spot phish 10. eBay denies breach led to posting of user data MOST-DOWNLOADED PODCAST: Twisted Pair: Death, bombs and backups

Contact the author: Senior Editor Ellen Messmer covers security for Network World. E-mail Ellen. This newsletter is sponsored by IBM Internet Security Systems Take A Preemptive Approach to Security Vulnerabilities are lurking! The IBM Cyber Attacks On The Rise: IBM 2007 Midyear Report highlights and analyzes security susceptibilities and identifies advances in spam and phishing technologies. IBM offers an unparalleled commitment to excellence when it comes to preemptive security. Start your journey into IBM security solutions today. Download your complimentary copy now. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007