Downadup/Conflicker worm: When will the next shoe fall?; 6 Desk Security Mistakes Employees Make

10 woeful tales of data gone missing; Monster.com reports data theft Security Alert NetworkWorld.com | Security Research Center | Update Your Profile Sponsored by Oracle Successfully Manage a Secure Database. Database professionals are invited to join this Oracle Live Webcast on Thursday, February 5 at 2:00 p.m. ET/11:00 a.m. PT. Gain a better understanding of database security and how to more strategically work with security administrators. Don't miss out. Register for this live webcast now Spotlight Story Downadup/Conflicker worm: When will the next shoe fall? By Ellen Messmer The Downadup worm - also called Conflicker - has now infected an estimated 10 million PCs worldwide, and security experts say they expect to see a dangerous second-stage payload dropped soon. Read full story Plus: Conficker hitting hardest in Asia, Latin America Related News: 6 Desk Security Mistakes Employees Make Every Day You've checked all of the entry ways in your office building, you have surveillance technology in place and IT assures you that your firewalls are bulletproof. But have you checked your staff's desks? That may be one of the largest holes in a company's security plan. Desks and other work spaces often have items on or around them that contain sensitive information, and that information can be dangerous if it gets into the wrong hands. Fortinet: Holiday season saw spike in Trojan activity, spam The year-end holiday season saw a surge in Trojan activity and spam worldwide, according to network security provider Fortinet. 10 woeful tales of data gone missing Backup tapes, the repositories of millions upon millions of personal data records, are slippery little devils. Here are 10 examples of backup tape disappearances – the recent, the classic and one just plain unusual. Heartland tries to rally industry in wake of data breach The CEO of Heartland Payment Systems is calling for the card payments industry to share security information and consider end-to-end encryption. Monster.com reports theft of user data Monster.com is advising its users to change their passwords after data including e-mail addresses, names and phone numbers were stolen from its database. Don't just talk about security - do something! Last time, I reviewed disheartening research showing that in general, our security-awareness efforts don't work. Most people seem to blame poor communications or the obtuseness of users. In contrast with this standard view of the failure of compliance with sensible advice, scientists at Carnegie Mellon University (CMU) have been studying why people fail to follow perfectly good advice on how to avoid phishing scams. Obama plan says cyber infrastructure is 'strategic' The Obama administration has published a high-level plan to protect U.S. computer networks, saying it considers cyber infrastructure "a strategic asset" and will appoint a cyber adviser who will report directly to the president. Author Expert: Keatron Evans: How the economy might hamper security efforts In previous years, at least half of a 10-student class I would lead were individuals dedicated to security in the job roles. Now I'm lucky if 1 or 2 are dedicated to security. Amazon cloud could be security hole Cloud services are now vulnerable to malicious use, a security company has suggested, after a techie worked out how Amazon's EC2 service could be used as a BitTorrent file harvester and host. Study: Spam is More Malicious than Ever Spam, especially junk e-mails with malicious links or attachments, continues to be a huge IT headache. Spammers are also getting more creative in their attempts to find victims, utilizing popular sites such as Facebook and Twitter, according to a report from UK-based security firm Sophos this week. Opal promising interoperable disk-drive security The Opal security specification from the Trusted Computing Group promises interoperable encryption, authentication and management capabilities for disk-drive manufacturers and security software vendors. Trojan preys on Mac BitTorrent users Mac users ill-advised enough to search for pirated copies of Apple's iWork 09 software could find themselves on the wrong end of an unpleasant and crafty new Trojan. Who goes there? Identity management is all about who you are and what you should be allowed to do. This Product Guide describes the technology and how it works. January giveaways from Cisco Subnet and Microsoft Subnet Up for grabs: Two Cisco training courses from Skyline-ATS worth up to $6,990, a Microsoft training course from New Horizons worth up to $2,500, 15 copies each of the hot book titles Microsoft SQL Server 2008 Management and Administration, IPv6 Security and Chained Exploits: Advanced Hacking Attacks. Get all the entry details here. IT Outlook '09 In-depth analysis of the latest enterprise strategies, start-ups to watch, people to know, and more. 9 hot technologies for '09 Our annual rundown, plus a tip or two about how to approach each hot technology. Sponsored by Oracle Successfully Manage a Secure Database. Database professionals are invited to join this Oracle Live Webcast on Thursday, February 5 at 2:00 p.m. ET/11:00 a.m. PT. Gain a better understanding of database security and how to more strategically work with security administrators. Don't miss out. Register for this live webcast now HP Logical Servers Make your datacenter infrastructure more adaptive with logical server technology. Find out how you can simplify routine tasks and create more efficiency within your datacenter. Learn more Preparing for the Next Cyber Attack. Ensure you are up-to-speed on the latest security technologies available to keep your network safe in this Executive Guide. Get a thorough assessment of the corporate security threat landscape. Protect your network with data leakage protection, NAC and other technologies explained in this report. Download this Executive Guide now.   01/26/09 Today's most-read stories: Apple puts iPhone Nano and Netbook rumors to rest White House confirms: ObamaBerry is a go In Las Vegas, data center takes power, cooling to the limit Bull castration and snake eaters: the life of Dave Hitz Nortel chief flying in corporate jet as company files for bankruptcy Top 10 YouTube hacking videos Ballmer provides grim outlook as economy 'resets' First Killzone 2 reviews roll in Heartland breach raises questions about PCI standard's effectiveness Layoffs: Microsoft bent, but not broken Preparing for the Next Cyber Attack. Ensure you are up-to-speed on the latest security technologies available to keep your network safe in this Executive Guide. Get a thorough assessment of the corporate security threat landscape. Protect your network with data leakage protection, NAC and other technologies explained in this report. Download this Executive Guide now. Compare products, get advice, and check out tests and reviews from the experts at Network World. Over 70 categories. Visit now   This email was sent to security.world@gmail.com Complimentary Subscriptions Available for newsletter subscribers. Receive 50 issues of Network World Magazines, in print or electronic format, free of charge, Apply here. Terms of Service/Privacy   Subscription Services Update your profile To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. Unsubscribe Network World, Inc., 492 Old Connecticut Path, Framingham, MA 01701 Copyright Network World, Inc., 2009 www.networkworld.com