Cisco Linksys among "millions" of hackable routers

	Microsoft fixes buggy patch for Windows Server 2008 | DARPA issues call for computer science devotees
	Network World Security				Forward this to a Friend >>>
	Cisco Linksys among "millions" of hackable routers Ever want to hack into millions of routers? Or try to stop someone from doing so? Perhaps a discussion at the upcoming Black Hat conference in Las Vegas will help you in either or both goals. And its title, "How to Hack Millions of Routers," cuts right to the chase too. Read More WHITE PAPER: MessageLabs Top Ten Web Threats and how to eliminat This paper raises real challenges for IT managers who have to protect the business against malware, keep internet bandwidth available for legitimate business needs and enforce acceptable use policies for the human resource department. Read Now. In this Issue Microsoft fixes buggy patch for Windows Server 2008 DARPA issues call for computer science devotees Mozilla yanks password-stealing Firefox add-on Privacy Watchdog, ESRB, Itself Leaks A Thousand Emails White House cybersecurity chief calls meeting to discuss President's agenda With fix now out, Microsoft sees jump in XP attacks Oracle releases 59 patches for security flaws, three critical Hacker wrecks 175 websites, leaves Facebook fan link Check your credit-card bills ZeuS Trojan attempts to exploit MasterCard, Visa security programs Microsoft confirms Russian spy was employee, report says why executives are the easiest social engineering targets WHITE PAPER: Oracle Defense-in-Depth Solutions for Security and Compliance Learn how Oracle Database Security products are designed to work transparently, minimizing any impact on existing applications while addressing requirements found in many regulations. Oracle Database Security products provide defense-in-depth security by addressing the three layers of security: encryption & masking, access control, and monitoring. Read Now. Microsoft fixes buggy patch for Windows Server 2008 As part of its routine Patch Tuesday updates, Microsoft re-released patch MS10-024 for Windows Server 2008 and R2 that was itself causing problems. The revised patch was not mentioned in the company's heads-up alerts issued on Thursday. Read More DARPA issues call for computer science devotees The Defense Advanced Research Projects Agency is looking for a few good computer science researchers who might be interested in developing systems for the US military. The move is seen, in part anyway, as a way for the agency to win more heart and minds of the advanced science community. Read More Mozilla yanks password-stealing Firefox add-on Mozilla on Tuesday warned users that a password-stealing add-on slipped into Firefox's extension gallery more than a month ago had been downloaded nearly 2,000 times before it was detected. Read More Privacy Watchdog, ESRB, Itself Leaks A Thousand Emails An employee for a privacy group made a rookie mistake by sending a Reply-All email and actually breached the privacy of people who had emailed their concerns to the group about their privacy. The irony of this story about the Entertainment Software Rating Board (ESRB) is something to be marveled over... Read More WHITE PAPER: Qualys 12-point checklist outlines key considerations Discover a 12-point checklist for choosing the best vulnerability management solution for your organization. Read now! White House cybersecurity chief calls meeting to discuss President's agenda White House cybersecurity coordinator Howard Schmidt will host a meeting Wednesday to discuss progress and ways to move forward on the cybersecurity agenda outlined by President Barack Obama in May 2009. Read More With fix now out, Microsoft sees jump in XP attacks Microsoft urged Windows users to update their software Tuesday, saying it's now seen more than 25,000 attacks leveraging one of the critical bugs fixed in July's monthly security patches. Read More Oracle releases 59 patches for security flaws, three critical Oracle Corp. released 59 patches on Tuesday to fix security vulnerabilities across its entire range of database, application and middleware products. Read More Hacker wrecks 175 websites, leaves Facebook fan link An audacious hacker has defaced 175 Australian websites in an attack that links viewers to his personal website, email and Facebook fan page. Read More WHITE PAPER: MessageLabs The Wild, Wild Web: How to Ensure 360-Degree Border Security Managing the security and availability of Web, email, and IM is complex. This paper will discuss the modern threat of blended attacks from web, email and IM. and highlight how a comprehensive hosted solution by Symantec Hosted Services can secure your networks from these threat vectors. Read Now Check your credit-card bills The Federal Trade Commission (FTC) just halted an elaborate scheme which resulted in more than $10 million in bogus charges on consumer credit and debit cards. How could an organized international ring get away without notice by consumers? The Identity Theft Resource Center (ITRC) believes many bills are being paid blindly, without confirming each transaction. Read More ZeuS Trojan attempts to exploit MasterCard, Visa security programs The notorious ZeuS banking Trojan is showing off a new trick: Popping up on infected computers with a fake enrollment screen for the "Verified By Visa" or "MasterCard SecureCode Security" programs. Read More Microsoft confirms Russian spy was employee, report says Microsoft has reportedly confirmed that the "12th alleged member" of the recently exposed Russian spy ring worked for Microsoft. Read More why executives are the easiest social engineering targets Security managers are often concerned about employees who use Facebook at work and fall for the 419 "I'm trapped in London and need money" scam. Others might still have some in their organization who are convinced it is the Prince of Nigeria who wants to share his fortune. And with spear phishing, a targeted email attack in which messages are created to look like they come from an employer, bank or other trusted source, now a common criminal technique, the need for effective awareness programs for employees has become paramount. But those concerns, according to Jayson Street, a security consultant and CIO of Stratagem 1 Solutions, shouldn't be the chief worry. That's because the biggest social engineering threat is the top executives in a company -- and they're the ones who need to be educated the most. Read More
	Join us on LinkedIn Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today! - Jeff Caruso, Executive Online Editor Books for you from Microsoft Subnet and Cisco Subnet Throw your name in the hat for a complete CompTIA Security+ study guide and the SharePoint bible, Essential SharePoint 2010. Deadline July 31. Enter today! SLIDESHOWS Robocop ran DOS Virtually no sci-fi or action flick these days is complete without a computer scene showing a few screens of mysterious scrolling text and a 3D wire-frame model. But where does this vaguely tech-looking stuff come from? Well, more often than not, it comes from a Website, app, or startup screen from the real world at the time the movie was made. Read on for some of the most unexpected tech cameos in movies. Top Russian spy ring technology screw-ups Alleged Russian spies arrested last month in cities around the United States seemed to be lacking in spycraft and in urgent need of some IT expertise, based on some of the gaffes they made. They also used some technologies effectively. Here is a summary of their efforts as revealed in court filings against them. MOST-READ STORIES Researchers find privacy flaws in Chatroulette Bluetooth at heart of gas station credit-card scam Newest attack on your credit card: ATM shims 8 amazing things you'll do with Windows 8 Social network sites: Block or not? Microsoft punches Cisco, VMware in the eye Cisco rival Brocade for sale again? Apple's iPhone 4 fiasco: There's no good way out VMware says: Windows still matter ... sort of Windows XP SP2 and 7 other things Microsoft has killed this year
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **