Search This Blog

Wednesday, August 25, 2010

Microsoft Binary Planting Bug: What You Need to Know

  Hacking your Web browser in 7 easy steps | Rustock botnet ditches encryption to ramp spam
 
  Network World Security

Forward this to a Friend >>>


Microsoft Binary Planting Bug: What You Need to Know
Microsoft released a security advisory in response to a potential exploit, known as DLL preloading or binary planting, which has been found to impact hundreds of third-party Windows applications--possibly including software developed by Microsoft itself. Unfortunately, this isn't a simple Windows vulnerability that Microsoft can fix with its next patch release, so it's important that you understand the flaw and what is at risk, as well as what you can do to protect your systems. Read More


WHITE PAPER: Tripwire

Where Compliance and Data Protection Overlap
Today's CISOs face more challenges than ever, including increased and more sophisticated threats, complex IT environments, decreased budgets, and greater compliance pressures. But these challenges present opportunity. Learn how CISOs can play these challenges to their advantage to meet both data protection and compliance demands. Read More!

WHITE PAPER: ArcSight

Building a Successful Security Operations Center
This paper outlines industry best practices for building and maturing a security operations center (SOC). For those organizations planning to build a SOC or those organizations hoping to improve their existing SOC this paper will outline the typical mission parameters, the business case, people considerations, processes and procedures, as well as, the technology involved. Building a Successful Security Operations Center

Hacking your Web browser in 7 easy steps
Plug-ins, extensions, add-ons -- leading browsers are fast becoming rich platforms for customizing your Web experience Read More

Rustock botnet ditches encryption to ramp spam
The Rustock mega-botnet appears to have ditched the experimental use of TLS (transport layer security) to obscure its activity, Symantec has reported. Read More

I Can Stalk U: Geotagged Pics Worth More Than 1,000 Words
Have stalkers found paradise at the "I Can Stalk U" site which reveals exact geotagged locations when people tweet their photos? Read More

TDE vs Column Encryption
SQL Server 2008 introduced a great new feature called TDE, Transparent Data Encryption. It allowed a database to be completely encrypted without having to change the applications that access it. It is referred to as encryption for "data at rest". But what about data in motion? That's where column-level encryption pays off to provide end-to-end encryption. Read More


WHITE PAPER: Websense

Seven Criteria for Evaluating SaaS
The right Security-as-a-Service solution can perform reliably and effectively and deliver the flexibility and control associated with on-premise solutions — at a significantly lower cost — without compromising privacy and security. Read More

Survey highlights wish list for communication systems
ShoreTel announced the results of a recent survey that identifies the latest communications system needs and priorities of CIOs and IT/Telecom Professionals. The survey was taken from prospective ShoreTel customers, and the 475 participants clearly spelled out many of the issues vendors must address if they are to satisfy customer communication needs. Read More

Worried About ID Theft? Join the Club
Nearly two-thirds of Americans are concerned that information about their bank accounts, credit cards and identity may be stolen from their computers, according to a survey released today by a provider of identity theft protection services. Read More

Hackers bait Zeus botnet trap with dead celeb tales
Spam messages touting fictional tales of celebrity deaths are prompting users to open attachments that are adding their machines to the Zeus botnet. Read More

iTunes Scam: How to Protect Yourself
In recent weeks, more and more iTunes users have been reporting fraudulent activity on their Apple accounts, reporting hundreds or even thousands of dollars worth of bogus purchases. With the reports of this type of fraud on the uptick in recent weeks, many users have been quick to blame Apple or PayPal, as many of the affected iTunes accounts were linked to PayPal accounts. Read More


WHITE PAPER: Tripwire

Where Compliance and Data Protection Overlap
Today's CISOs face more challenges than ever, including increased and more sophisticated threats, complex IT environments, decreased budgets, and greater compliance pressures. But these challenges present opportunity. Learn how CISOs can play these challenges to their advantage to meet both data protection and compliance demands. Read More!

Philadelphia wants bloggers to start paying taxes
If you're a blogger in the city of Philadelphia and make money from your writing, be forewarned. City officials want you to register as a business and pay your fair share of taxes. Read More

LDAP misconceptions live on
It's that time of the month when we pause and reflect on what we were talking about in this newsletter (and in the IdM community in general) 10 years ago -- in this case, August 2000. Read More

Giant W.A.S.P Sniffs Out Insecure Wi-Fi
A pair of hackers have created the ultimate gadget for finding unsecured Wi-Fi connections--one made with a surplus US Army drone. "Mike" and "Rich", also known as Rabbit Hole, created the autonomous W.A.S.P (Wi-Fi Aerial Surveillance Platform) to fly around and find people's insecure Internet connections. Read More

Researcher arrested for alleged voting machine theft
A security researcher who investigated electronic voting machines (EVM) used in Indian elections was arrested by police in Mumbai on Saturday. He is charged with stealing one of the machines, police sources said Monday. Read More

 
 
 

Join us on LinkedIn

Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today!
- Jeff Caruso, Executive Online Editor

SLIDESHOWS

Cloud storage lives up to the hype
We tested five cloud-based storage services under real-world conditions. We set up accounts, connected with the vendor storage network, uploaded and downloaded files, measured performance and analyzed cost structures. Our conclusions are that cloud-based storage can save you money. And cloud-based storage can be fast. However, there are still security concerns that you need to be aware of.

Wireless networks and mobility quiz
iPhones and other handhelds bought for home use are infiltrating corporate networks, but there's a host of other wireless technologies that comprise a wave of mobile computing that is creating sweeping changes in business infrastructure. How well versed are you in the technical and not-so- technical details?

MOST-READ STORIES

  1. Zero-day Windows bug problem worse than first thought
  2. Linux community finally fixes 6-year-old critical bug
  3. Intel-McAfee deal baffles security analysts
  4. Android 2.2: How to install Flash on Froyo
  5. Intel buys McAfee: My two cents
  6. Microsoft won't showcase Hyper-V at VMworld
  7. Cameron Diaz could wreck your PC, McAfee warns
  8. Decorate with Linux
  9. Intel to buy McAfee in $7.68 billion blockbuster
  10. Does Intel buying McAfee have any impact on open source
 

Do You Tweet?
Follow everything from NetworkWorld.com on Twitter @NetworkWorld.

You are currently subscribed to networkworld_security_alert as security.world@gmail.com.

Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Network World, please send an e-mail to customer_service@nww.com.

Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **

 

No comments: