SECURITY REPORT
http://www.infoworld.com/
Monday, Dec 03, 2007
========================================================================
Table Of Contents:
* Shell, Rolls Royce reportedly hacked by Chinese spies
* Attackers target unpatched QuickTime flaw
* Understanding OpenID and CardSpace
* Data theft touches 150,000 Massachusetts seniors
* Government-sponsored cyberattacks on the rise
* Go RBAC now
* Error-proof your disaster recovery plan
* Apps accelerators tackle security
***************** Sponsor *******************************
ANALYSIS OF MICROSOFT'S NOVEMBER 13, 2007 SECURITY BULLETINS
Download this podcast to learn the significance of the new
vulnerabilities and recommendations on how to effectively implement
patches. Get these answers now by tuning in to this free new podcast,
compliments of Qualys:
***********************************************************
SHELL, ROLLS ROYCE REPORTEDLY HACKED BY CHINESE SPIES
Britain's domestic intelligence agency is warning that cybercrime
perpetrated by China is on the rise following hacking attacks against
Rolls-Royce and Royal Dutch Shell.
More of this article at:
http://www.infoworld.com/article/07/12/03/Shell-Rolls-Royce-reportedly-hacked-by-Chinese-spies_1.html?source=NLC-SEC&cgd=2007-12-03
========================================================================
ATTACKERS TARGET UNPATCHED QUICKTIME FLAW
Attackers are trying to exploit an unpatched vulnerability in Apple's
QuickTime software that could let them run code on a victim's computer,
Symantec warned in a DeepSight Threat Management System alert issued
Sunday.
More of this article at:
http://www.infoworld.com/article/07/12/03/Attackers-target-unpatched-QuickTime-flaw_1.html?source=NLC-SEC&cgd=2007-12-03
========================================================================
UNDERSTANDING OPENID AND CARDSPACE
User-centric identity, which puts users at the center of identity
transactions, is fast capturing the attention of the Web-minded world.
In fact, many traditional organizations are looking to blend
user-centric technologies with traditional identity solutions in pursuit
of federation.
More of this article at:
http://www.infoworld.com/article/07/12/03/49FE-identity-cardspace-openid_1.html?source=NLC-SEC&cgd=2007-12-03
========================================================================
***************** Sponsor *******************************
ANALYSIS OF MICROSOFT'S NOVEMBER 13, 2007 SECURITY BULLETINS
Download this podcast to learn the significance of the new
vulnerabilities and recommendations on how to effectively implement
patches. Get these answers now by tuning in to this free new podcast,
compliments of Qualys:
***********************************************************
DATA THEFT TOUCHES 150,000 MASSACHUSETTS SENIORS
The state of Massachusetts is warning 150,000 members of its
Prescription Advantage insurance program that their personal information
may have been snatched by an identity thief.
More of this article at:
http://www.infoworld.com/article/07/11/30/Data-theft-touches-Massachusetts-seniors_1.html?source=NLC-SEC&cgd=2007-12-03
========================================================================
GOVERNMENT-SPONSORED CYBERATTACKS ON THE RISE
Governments and allied groups worldwide are using the Internet to spy
and launch cyberattacks on their enemies, targeting critical systems
including electricity, air traffic control, financial markets, and
government computer networks, according to McAfee's annual report
examining global cybersecurity.
More of this article at:
http://www.infoworld.com/article/07/11/30/Government-sponsored-cyberattacks-on-the-rise_1.html?source=NLC-SEC&cgd=2007-12-03
========================================================================
GO RBAC NOW
Good computer security is driven by role-based, least-privilege access
control. Each user should be given only the access that is necessary to
perform their job -- no, make that the specific task they are performing
at a specific point in time.
More of this article at:
http://www.infoworld.com/article/07/11/30/48OP-secadvise-go-rbac-now_1.html?source=NLC-SEC&cgd=2007-12-03
========================================================================
ERROR-PROOF YOUR DISASTER RECOVERY PLAN
In IT, change is the only constant, as hardware and software is updated
almost continuously. Companies that take business continuity seriously
protect themselves by creating a recovery site to run vital business
processes during an emergency.
More of this article at:
http://www.infoworld.com/article/07/11/30/48OP-storinside-error-proof-disaster-recovery-plan_1.html?source=NLC-SEC&cgd=2007-12-03
========================================================================
APPS ACCELERATORS TACKLE SECURITY
Companies that specialize in helping businesses speed delivery of their
applications and Web content are increasingly involving themselves in IT
security as the continued proliferation of systems-defense technologies
has become a potential roadblock to the performance and quality of the
services they already provide.
More of this article at:
http://www.infoworld.com/article/07/11/29/Apps-accelerators-tackle-security_1.html?source=NLC-SEC&cgd=2007-12-03
========================================================================
***************** Sponsor *******************************
ANALYSIS OF MICROSOFT'S NOVEMBER 13, 2007 SECURITY BULLETINS
Download this podcast to learn the significance of the new
vulnerabilities and recommendations on how to effectively implement
patches. Get these answers now by tuning in to this free new podcast,
compliments of Qualys:
***********************************************************
DAILY NEWS, DELIVERED TO YOUR COMPUTER, MP3 PLAYER OR CELL PHONE
The InfoWorld Daily podcast provides readers with up-to-the-minute news
and features that shape the world of enterprise IT. Tom Sullivan reports
on the leading news and events that shape the today's IT community.
http://www.infoworld.com/weblog/podcasts/new_podcasts_index.html
========================================================================
ADVERTISE
To advertise, contact Gregg_Pinsky@infoworld.com.
========================================================================
UNSUBSCRIBE/MANAGE NEWSLETTERS
To subscribe, unsubscribe or change your e-mail address
for any of InfoWorld's e-mail newsletters, go to:
http://subscribe.infoworld.com/cgi-win/ifwd.cgi?m=nletlogin
Contact Customer Service at: customerservice@infoworld.com
To view InfoWorld's privacy policy, visit:
http://www.infoworld.com/about/abt_prv.html
Copyright (C) 2007 InfoWorld Media Group.
501 Second St., San Francisco, CA 94107
No comments:
Post a Comment