Microsoft's advice on Downadup is flawed; Unlearned Lessons of ChoicePoint

Downadup worm now infects 1 in every 16 PCs Security Alert NetworkWorld.com | Security Research Center | Update Your Profile Sponsored by AMD See the power of the new Quad-Core AMD Opteron(TM) processor. Virtualization is a proven engine that drives business performance. The fusion of the Quad-Core AMD Opteron(TM) processor and virtualization - It's a match made in the data center. Find out more: Spotlight Story US-CERT: Microsoft's advice on Downadup is flawed By Gregg Keizer Microsoft's advice on disabling Windows' "Autorun" feature is flawed, the U.S. Computer Emergency Readiness Team (US-CERT) said Wednesday, and leaves users who rely on its guidelines to protect their PCs against the fast-spreading Downadup worm open to attack. Read full story Related News: Panda Security: Downadup worm now infects 1 in every 16 PCs The computer worm responsible for the biggest attack in years has infected at least 1 out of every 16 PCs worldwide, a security company said Wednesday, and may have managed to compromise as many as nearly 1 in 3. Four Years Later: Unlearned Lessons of ChoicePoint It's been four years since data broker ChoicePoint acknowledged the data security breach that put it in the middle of a media firestorm and pushed data protection to the top of the infosecurity community's priority list. Cisco patches CUCM, Cisco Security Manager Cisco released patches to two security holes: one affecting Cisco Unified Communications Manager, and the other affecting Cisco Security Manager. Heartland data breach could be bigger than TJX's A data breach disclosed Tuesday by Heartland Payment Systems may well displace TJX Companies' January 2007 breach in the record books as the largest ever involving payment data with potentially over 100 million cards being compromised. Plus: Banks warn customers as debit-card processor acknowledges breach ... "Larger than TJX?" Debit-card processor claims data breach part of global fraud operation Yahoo Mail gets an antispam boost Yahoo has taken new steps to sharpen its Webmail service's antispam capabilities, including the adoption of two commercial technologies and the testing of an open-source system, the company said Tuesday. Google shuts off antiphishing feature in Firefox 2.0 Google planned to turn off an antiphishing service used by Firefox 2.0 Monday, a Mozilla Corp. executive said Tuesday. RIM pulls bid for security vendor Certicom Research In Motion pulled its hostile bid for security vendor Certicom on Tuesday, the day after a judge issued an injunction that halted the offer. How to choose and use source code analysis tools The high cost of finding and patching application flaws is well known. Wouldn't it be cheaper to write secure code in the first place? Who goes there? Identity management is all about who you are and what you should be allowed to do. This Product Guide describes the technology and how it works. January giveaways from Cisco Subnet and Microsoft Subnet Up for grabs: Two Cisco training courses from Skyline-ATS worth up to $6,990, a Microsoft training course from New Horizons worth up to $2,500, 15 copies each of the hot book titles Microsoft SQL Server 2008 Management and Administration, IPv6 Security and Chained Exploits: Advanced Hacking Attacks. Get all the entry details here. IT Outlook '09 In-depth analysis of the latest enterprise strategies, start-ups to watch, people to know, and more. 9 hot technologies for '09 Our annual rundown, plus a tip or two about how to approach each hot technology. Sponsored by AMD See the power of the new Quad-Core AMD Opteron(TM) processor. Virtualization is a proven engine that drives business performance. The fusion of the Quad-Core AMD Opteron(TM) processor and virtualization - It's a match made in the data center. Find out more: Preparing for the Next Cyber Attack. Ensure you are up-to-speed on the latest security technologies available to keep your network safe in this Executive Guide. Get a thorough assessment of the corporate security threat landscape. Protect your network with data leakage protection, NAC and other technologies explained in this report. Download this Executive Guide now. Successfully Manage a Secure Database. Database professionals are invited to join this Oracle Live Webcast on Thursday, February 5 at 2:00 p.m. ET/11:00 a.m. PT. Gain a better understanding of database security and how to more strategically work with security administrators. Don't miss out. Register for this live webcast now.   01/22/09 Today's most-read stories: Court rules Kentucky does not own the Internet Juniper expected to cut jobs amid weak demand Belkin fake reviews case raises broad questions How to protect your PC against the Downadup worm Sony: There's no way Xbox 360 will win in the end WLAN sniffers pass the sniff test F5 attempts to lure Nortel Alteon customers Cisco CTO could be tapped by Obama Top 10 YouTube hacking videos Obama's BlackBerry equals national security threat The Evolution of Network Security Zero in on the hottest security technologies you need to know about in this Executive Guide. Better protect your IT environment with NAC, data leakage prevention controls and auditing tools. Learn more. Compare products, get advice, and check out tests and reviews from the experts at Network World. Over 70 categories. Visit now   This email was sent to security.world@gmail.com Complimentary Subscriptions Available for newsletter subscribers. Receive 50 issues of Network World Magazines, in print or electronic format, free of charge, Apply here. Terms of Service/Privacy   Subscription Services Update your profile To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. Unsubscribe Network World, Inc., 492 Old Connecticut Path, Framingham, MA 01701 Copyright Network World, Inc., 2009 www.networkworld.com