Whaling is the new phishing; NAC's dirty little secrets; The FTP Threat

Security News Alert This newsletter is sponsored by Secure Computing PCI DSS: Discover how to easily comply Tune in to this live webcast to hear industry experts discuss the PCI DSS specification and how real-world companies are complying today. You will hear advice on how to establish a comprehensive strategy to achieve this goal. Don't miss out. Network World's Security News Alert, 11/15/07 Whaling: Latest e-mail scam targets executives, 11/14/07: With targeted phishing attacks on the rise, it’s no surprise that cybercriminals are doing their research and aiming at those with the most to lose – executives. NAC's dirty little secrets revealed by early adopters, 11/14/07: Early network access control adopters are attracted to the technology for very specific reasons that often don’t include the main reason NAC technology was brought about in the first place: endpoint checking. Podcast: The FTP Threat: Every week, the news is filled with stories of yet another breach of data with millions more identities being stolen by hackers. A lot of attention is given to newer Web 2.0 applications with unproven security track records. But one company is trying to shine the light on another potential hole with a long history on the 'Net: FTP. Network World's Jason Meserve talks with Proginet Senior VP Arne Johnson about FTP, its potential risk to corporate data and what you can do to better protect your organization's data. (9:37) Executive Guide The Security Treadmill This Executive Guide offers interviews with leading, real-world security experts who tell you how to get inside users' heads, fight for a bigger security budget, and whether VoIP security issues are overstated or underrated, and much more. Review this informative guide today. Click Here for More Information With Web 2.0, a new breed of malware evolves, 11/14/07: Web 2.0 technologies may be laying the groundwork for a new generation of hacker tools, a noted security researcher said Wednesday. Password recovery and the service provider edge: When can a service provider allow a provider edge router in 'untrusted' premises? Hackers target MLB, NHL sites, 11/14/07: Hackers targeted the Major League Baseball and National Hockey League Web sites last week with an exploit that convinces users they need to scan their computer for viruses and tricks them into downloading a malicious program. Palm-print biometrics aid Atlanta police, 11/14/07: The Police Department of Atlanta, which makes 63,000 arrests per year, is getting a new kind of weapon to catch criminals: a workflow-based biometrics system that can scan palm prints in addition to fingerprints. Half a million database servers have no firewall, 11/14/07: Think your database server is safe? You may want to double-check. According to security researcher David Litchfield, there are nearly half a million database servers exposed on the Internet, without firewall protection. ZoneAlarm offers free antispyware for one day, 11/14/07: Check Point Software Technologies' ZoneAlarm is offering a free download of its anti-spyware package as part of Microsoft's Patch Tuesday. Microsoft's OneCare 2.0 due next week, 11/14/07: Microsoft plans to release a major update to its Windows Live OneCare security suite next week, according to online retailer Amazon.com. Editor's note: Starting the week of Nov. 19, subscribers to the HTML version of this newsletter will notice some enhancements to the layout that will provide you with easier and clearer access to a wider range of resources at Network World. We hope you enjoy the enhancements and we thank you for reading Network World newsletters.

MOST-READ STORIES: 1. Testing all-in-one firewalls 2. South Korea to build robot theme parks 3. 10 career killers to avoid 4. Top 5 security-menace predictions for 2008 5. Networking's 50 greatest arguments 6. Oracle takes on VMware with its hypervisor 7. AT&T brings online banking to cell phones 8. Avaya gets iPhone ready for business 9. 5 cool wireless research projects 10. MIT's amazing, foldable, stackable car FEATURED BUYER'S GUIDE: Secure Web Gateways

Contact the author: Senior Editor Ellen Messmer covers security for Network World. E-mail Ellen. This newsletter is sponsored by Secure Computing PCI DSS: Discover how to easily comply Tune in to this live webcast to hear industry experts discuss the PCI DSS specification and how real-world companies are complying today. You will hear advice on how to establish a comprehensive strategy to achieve this goal. Don't miss out. BONUS FEATURE 90% of IT Managers are leaving their company at risk for a DNS ATTACK. Get the tools and resources you need to keep your DNS healthy and secure. Run a DNSreport on your domain today - 56 critical tests run in 8 seconds. Visit www.dnsreport.com to learn more. (apply coupon NWW2007NLA for a 25% membership discount) PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007