Slamming the door on malware; TJX offers settlement in wake of massive data breach

Security News Alert This newsletter is sponsored by Still Secure Having Trouble Deploying NAC? NAC authority Alan Shimel, CSO at StillSecure, says: "The industry has been crying out for something to ease the pain of implementing NAC." Now with Safe Access Lite, you can download NAC for free to test your endpoints' security posture and policy compliance without disrupting your network. To find out more, click here! Network World's Security News Alert, 09/26/07 Secure Web gateways: slamming the door on malware, 09/25/07: The Web has become the new security battle front, surpassing even e-mail as the leading source of malware infections. In a recent study, Google found that one in 10 Web sites that it crawled contained a malicious payload. And Gartner Group estimates that 75% of enterprises will be infected this year with targeted malware that evades their traditional defenses. TJX offers settlement in wake of massive data breach, 09/24/07: The TJX Companies is offering three years of credit-monitoring services along with identity theft insurance coverage to all consumers whose driver's license or other personal data may have been compromised by the massive data breach disclosed earlier this year by the retail company. 'Fraudster' posts confidential eBay member data on forum, 09/25/07: Someone used an eBay discussion forum on Tuesday to post confidential information about eBay users along with what may be their credit card numbers. Straight Talk from Security Experts Leading security experts share their advice, secrets and real-world experiences in Network World's latest Executive Guide, "The Security Treadmill." Learn how to get inside users' heads, fight for a bigger security budget and much more. Click here to download this Executive Guide. Security holes expose data stored in Tivoli system, 09/24/07: IBM has issued a warning to customers that security fixes should be installed for two vulnerabilities in the IBM Tivoli Storage Manager (TSM) backup software client. The security holes could allow a buffer overrun attack or enable unauthorized access to stored data, IBM said. ArcSight launches PCI compliance suite, 09/25/07: ArcSight on Monday announced a suite of software designed to make sure companies are in compliance with the Payment Card Industry’s (PCI) latest data-security standards. Video: NAC standards: Where are we now?: Steve Hanna, a Juniper distinguished engineer and co-chair of NAC standards groups at the IETF and the Trusted Computing Group, discusses the progress of the NAC standards effort and Cisco's lack of involvement. Critical vulnerability found in Ask.com toolbar, 09/25/07: A vulnerability in Ask.com's toolbar for Internet Explorer could allow an attacker to take control of a person's computer, according to security advisories. Google says Street View will comply with privacy laws, 09/24/07: Google's Street View application, which has raised privacy concerns because of the street-level views of locations it provides, will respect the local laws of the countries wherever it is available, the company's privacy counsel said today in a company blog. Chat with Amazon.com’s CTO live: If ever there were a man that knew how to eek out capacity and secure a data center, it would be Werner Vogels, vice president & CTO of Amazon.com. Join him for a live chat on Monday Oct. 1 from 2 p.m. - 3 p.m. EDT. No registration is required, but those who RSVP “yes” to community editor Julie Bort in advance will be eligible for a Network World T-shirt.

TODAY'S MOST-READ STORIES: 1. Gartner touts Web 2.0, scoffs at sequel 2. 2007 Salary survey: IT pay falls short 3. 7 cool new consumer technologies at DEMOfall 07 4. Lawsuit charging GPL violation is first ever 5. Cisco broadens Carrier Ethernet line 6. Daylight saving time issue reappears on IT radar 7. 2007 Salary survey: Your earnings 8. VMware bugs shed light on virtualization security 9. How Apple can stop open source iPhone use 10. Open source saves school district's IT department MOST E-MAILED STORY: Daylight saving time issue reappears on IT radar

Contact the author: Senior Editor Ellen Messmer covers security for Network World. E-mail Ellen. This newsletter is sponsored by Still Secure Having Trouble Deploying NAC? NAC authority Alan Shimel, CSO at StillSecure, says: "The industry has been crying out for something to ease the pain of implementing NAC." Now with Safe Access Lite, you can download NAC for free to test your endpoints' security posture and policy compliance without disrupting your network. To find out more, click here! BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007