| The Cloud Security Newsletter |
| The most trusted source for security and IT professionals | April 2010 Edition |
| | | | | | | | | | LEAD STORY OF THE MONTH | | Internet Explorer Exposed to Unpatched 0 Day Vulnerability Once Again |
|  |  |
| On March 9, 2010, Microsoft announced the existence of a critical vulnerability in Internet Explorer (IE) 6 and 7. Despite the fact that a patch was not available, Microsoft chose to go public with details of the issue and provide workarounds. Compounding the risk of this vulnerability is the fact that enterprises have been relatively slow to adopt the latest version of Internet Explorer (IE 8), which is not vulnerable to this issue. IE 6, a nearly nine-year-old web browser, continues to dominate and has created significant risk for enterprises. Learn More  | | | | TECH TALK | | It's Midnight — Who Left the "Backdoor" Open? Your Employees. | | In light of the recent Operation Aurora attacks, there has been a lot of discussion around Advanced Persistent Threats (APT). The attack methods are similar to general threats, but they usually target corporate end users and extend over longer periods of time. Sounds simply like marketing buzz? Unlikely if over 100+ public companies with strict IT operations fell victim. Although there is no silver bullet to protect against APTs, understanding their anatomy is essential in order to assess the risks to your organization. Learn More | | | | SECURITY INNOVATIONS | | Strategic Data-mining Uncovers Botnets | | Zscaler's Security Research team is actively engaged in analyzing and trending real-time web logs from millions of customers around the clock. The most recent research has uncovered some very interesting and alarming data about end user web usage. In particular, the vulnerability of organizations in Operation Aurora is no longer a surprise. Moreover, statistical analysis of transaction data also uncovered botnet call home activity which was going undetected by customer desktop anti-virus solutions. Learn More | | |
| | | NEWS HIGHLIGHTS | | Clickjacking: Bait & Switch Hits The Browser | | There's a serious threat called clickjacking waiting to convert your daily secure Web browsing into a malware nightmare. | | | | Security Hardware Appliances: Killed By the Cloud? | | Cloud-centric security is pressuring traditional on-premise security appliances | | | | Koobface Crew Has a Busy Weekend | | The number of command and control servers tied to Koobface jumped to 122 March 14 – 57 percent of which were in the United States. | | | | Zscaler Positioned in the Visionaries Quadrant of the Magic Quadrant for Secure Web Gateway | | | | Zscaler Publishes 'State of the Web' Report for Q4 2009 | | Research Details Trends and Security Threats for Corporate End Users on the Web | | | | SECURITY PRACTITIONER'S COLUMN | | "We use Internet with local accesses in all our locations. We want to secure our traffic!" | | - Laurent Hallermeier, CIO ALD Automotive (Societe Generale) |  | ALD Automotive's rapid growth of its leasing and fleet management operations in 39 countries has introduced extensive IT infrastructure complexity. Managing numerous on-premise security solutions was cumbersome and log consolidation across sites was extremely tedious. Learn More | | | | EDUCATIONAL WEBCASTS | | Death of Security Appliances – Hype or Reality? | | A Pragmatic Approach to Embracing Cloud Security | | Date: April 21, 2010 at 10:00 AM PST / 1:00 PM EST |  | Join Jim Reavis, Co-founder and Executive Director of the Cloud Security Alliance (CSA), to learn about the challenges that organizations are facing with their traditional appliance-based security solutions. Live demos will illustrate Web 2.0 exploits facing your organization today. Register Now | | | | | Webcast with keynote from Gartner | | Google was victimized by hackers. Will you be next? | | Play On-demand |
| | | | | | | If you or your colleagues would like to receive this newsletter, please Sign up. | | | Copyright 2010 Zscaler, Inc.
392 Potrero Avenue, Sunnyvale, CA 94085 | 1.866.902.7811 | info@zscaler.com |  |
|
|
 |
Note: Your e-mail is in our mailing list as security.world@gmail.com, if you wish to be removed from our mailing list please use the link below to unsubscribe from any future mailings. We will respect all unsubscribe requests http://cp20.com/Tracking/t.fo?AEWx--KCV-7KXAo9 
No comments:
Post a Comment