Search This Blog

Monday, June 21, 2010

Cross-Site Scripting: An Old Problem Returns

  Apple OS X gets IPsec VPN client | Police seize a million child porn pictures from one man
 
  Network World Security

Forward this to a Friend >>>


Cross-Site Scripting: An Old Problem Returns
In May, Web security consultant George Deglin discovered a cross-site scripting (XSS) exploit that involved Facebook's controversial Instant Personalization feature. The exploit ran on Yelp, one of the three sites that Facebook had selected to test Instant Personalization. Deglin was able to obtain not only Facebook profile information shared with Yelp but also the e-mail addresses for that profile's Facebook friends--a potential gold mine for marketers and spammers alike. Read More


ARTICLE: Akamai

Achieve Both PCI Compliance & Web Security
Join industry experts from Akamai Technologies and Avivah Litan, Research Vice President from featured analyst firm, Gartner, Inc., for an on-demand webcast, "Achieve Both PCI Compliance and Web Security" as they show you the steps you can take to abide by today's Payment Card Industry (PCI) standards and limit your compliance scope. Click to continue

RESOURCE COMPLIMENTS OF: AT&T

AT&T
Designing Tomorrow's Ethernet-Based Metropolitan Area Networks Click to continue

Apple OS X gets IPsec VPN client
Mac users are being offered a new and feature-rich alternative to Apple's in-house OS X VPN client, free of charge to individual users. Read More

Police seize a million child porn pictures from one man
"Someone must have stashed those pictures on my computer; I have no idea how they got there." The lament has become a favorite excuse of child pornography perverts and a nightmare for those legitimately victimized ... but it's obviously not available to this recently arrested Austrian. From an Associated Press story: Austrian authorities say they have arrested a man who hoarded more than a million... Read More

Google Street View Wi-Fi data included passwords and e-mail
Wi-Fi traffic intercepted by Google's Street View cars included passwords and e-mail, according to the French National Commission on Computing and Liberty (CNIL). Read More


WHITE PAPER: ArcSight

Building a Successful Security Operations Center
This paper outlines industry best practices for building and maturing a security operations center (SOC). For those organizations planning to build a SOC or those organizations hoping to improve their existing SOC this paper will outline the typical mission parameters, the business case, people considerations, processes and procedures, as well as, the technology involved. Building a Successful Security Operations Center

Dell backtracks slightly on Ubuntu safety
In a move that probably shocks no one, Dell has removed a statement that Ubuntu is more secure than Microsoft Windows from its website.Given that Dell sells computers pre-loaded with Windows, one might imagine the company came under a wee bit of pressure from the software maker. As I reported yesterday, in Dell's Top Ten things you should know about Ubuntu, No. 6 wasUbuntu is safer than Microsoft® ... Read More

Doing the right thing on the 'Net
Today's notes, which you are welcome to use freely in your own work or for your community groups, family and friends, touch on some of the legal constraints on what you should and should not be doing on the Internet if you want to stay out of trouble. Read More

Lawmakers question US cybersecurity readiness
U.S. lawmakers questioned Wednesday whether the U.S. Department of Homeland Security has the authority or resources it needs to protect the nation against cyberattacks. Read More


E-GUIDE: Compuware

Perfecting Application Performance
The enterprise application scene has become increasingly complicated over the years. Things have changed with the rise of Web services, SOA, Virtualization and cloud computing. In this Executive Guide explore how to get the best performance out of today's application environments. Read Now.

10 Deep Thoughts of Telecommuters Everywhere
You don't (always) work in your pajamas. But you do occasionally snarf nachos while on a conference call and wonder if anyone hears your crunching. Hey, it takes one to know one: Here's what's really happening inside the mind of a telecommuter. Read More

Banking's big dilemma: How to stop cyberheists via customer PCs
In online banking and payments, customers' PCs have become the Achilles' heel of the financial industry as cyber-crooks remotely take control of the computers to make unauthorized funds transfers, often to faraway places. Read More

Run on IPv4 addresses could exhaust supply by December
The remaining pool of unallocated IPv4 addresses could be depleted as early as December due to unprecedented levels of broadband and wireless adoption in the Asia Pacific region, experts say. Read More

 
 
 

Join us on LinkedIn

Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today!
- Jeff Caruso, Executive Online Editor

Books for you from Microsoft Subnet and Cisco Subnet

Throw your name in the hat for a complete CompTIA Security+ study guide and the SharePoint bible, Essential SharePoint 2010. Deadline July 31. Enter today!

Computerworld and Network World: Best of Green IT

Computerworld and Network World: Best of Green IT Computerworld and Network World are teaming up to identify the top organizations leading the way with green-IT efforts and the coolest green-IT products. Computerworld will feature two ranked lists in its Oct. 25 issue: Top green-IT end-user organizations and a Top green-IT data center suppliers/vendors. Network World will feature the most effective green-IT products, as cited by survey respondents, in its Oct. 25 issue and online. Please fill out our short survey or forward this link to the person in your company best able to answer questions about IT energy issues. Surveys should be submitted by Thursday, July 1 at 12 noon EST.

SLIDESHOWS

A brief history of smartphones
How the smartphone went from a high-end enterprise device to an everyday consumer staple.

Summer gadget guide 2010
From a solar-powered watch to a speaker for your bike helmet and a nifty geocache finder, these 10 high-tech toys are perfect for summer.

MOST-READ STORIES

  1. Ruling lets employers view worker text messages with reason
  2. Run on IPv4 addresses could exhaust supply by December
  3. Facebook, stop what you're doing: Amazon has patent for 'social network'
  4. 10 great illustrations of Linux humor
  5. Microsoft gives look at internal "YouTube" network
  6. Dell says Ubuntu is safer than Windows
  7. Banking's big dilemma: How to stop cyberheists via customer PCs
  8. End of life for CSA? That's okay
  9. DNS security reaches 'key' milestone
  10. Tech argument: LTE vs. WiMAX

 

Do You Tweet?
Follow everything from NetworkWorld.com on Twitter @NetworkWorld.

You are currently subscribed to networkworld_security_alert as security.world@gmail.com.

Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Network World, please send an e-mail to customer_service@nww.com.

Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **

 

No comments: