Microsoft confirms hackers exploiting critical IE bug, promises patch

	Hackers exploit 0-day: Kick IE to the curb or catch a nasty Poison Ivy itch? | Denim Group's ThreadFix Open Source Application Vulnerability Management
	Network World Security				Forward this to a Friend >>>
	Microsoft confirms hackers exploiting critical IE bug, promises patch Microsoft on Monday issued a security advisory that confirmed in-the-wild attacks are exploiting an unpatched bug in Internet Explorer. The software maker is working on a fix. Read More WHITE PAPER: BMC Software Forrester: Industrializing IT Workload Automation In this study, Forrester developed a hypothesis that tested the need for automation, the issues raised by a tactical and punctual deployment of job scheduling solutions, and the benefits of a more strategic usage of enterprise-wide workload automation. Read Now! In this Issue Hackers exploit 0-day: Kick IE to the curb or catch a nasty Poison Ivy itch? Denim Group's ThreadFix Open Source Application Vulnerability Management Changing Enterprise Security Strategies Kaspersky researcher cracks Flame malware password Intel hopes McAfee security features will differentiate mobile chips Half of companies surveyed report Web application security problems Free Mobile Apps Put Your BYOD Strategies at Risk WHITE PAPER: Sourcefire, Inc. The Sourcefire FireAMP Vision Still getting malware infections despite the time and money you've spent on security? Today's malware defenses have an inherent disadvantage in fighting today's threats. Designed for another time they are burdened with legacy constraints that hamper performance and protection. Learn More Hackers exploit 0-day: Kick IE to the curb or catch a nasty Poison Ivy itch? Do you use Internet Explorer 6, 7, 8 or 9? If so, then you might catch a nasty itch since malicious hackers are using those IE browsers "to install the Poison Ivy Trojan—malware that can steal data or take remote control of PCs," the BBC warned. This new zero-day can potentially infect "hundreds of millions" of IE browsers. Read More Denim Group's ThreadFix Open Source Application Vulnerability Management In the information security space we are very luck to have a plethora of great open source tools that most all security pros use. Names like Snort, Metasploit, Nmap and ClamAV may not be household names, but they are meat and potatoes of many a security admin's tool set. A new tool is now being added to this open source security toolset, ThreadFix. Read More WHITE PAPER: Blue Coat Systems Optimize and Secure Cloud, SaaS, BYOD, and Social Media Today's threat landscape has migrated to the web causing many security professionals to prevent direct Internet access at the branch. But with new cloud-based security solutions from Blue Coat you can re-architect your network to embrace the Internet – safely – and optimize application performance. Learn more. Changing Enterprise Security Strategies In a recent research survey, ESG asked security professionals working at enterprise organizations (i.e. more than 1,000) how their organizations would change their security management strategy in the next 24 months. Here are the results: • 44% said that they plan to design and build a more integrated security architecture • 39% said that include new data sources for security intelligence • 24%... Read More Kaspersky researcher cracks Flame malware password Researchers have cracked the password protecting a server that controlled the Flame espionage botnet giving them access to the malware control panel to learn more about how the network functioned and who might be behind it. Read More WHITE PAPER: Oracle Start by Protecting Data at the Source - Your Databases This IDC white paper presents a proactive approach to data protection, discusses the growing threats to business information, and the impact government regulations have on requiring additional data protections. Learn More! Intel hopes McAfee security features will differentiate mobile chips Intel hopes security features from McAfee will help the company differentiate its mobile chips from its rivals,' according to Intel's software chief Renee James. Read More Half of companies surveyed report Web application security problems A survey of 240 companies questioned about the relation between their Web applications and security found about half experienced at least one Web application security incident since last year, sometimes with "severe negative financial consequences." Read More Free Mobile Apps Put Your BYOD Strategies at Risk When CIOs worry about the Bring Your Own Device (BYOD) trend, one of the things that most concerns them is their lack of control over mobile apps. Rogue apps packing malware are a major concern, but many malware-free apps pose risks too. Read More
	SLIDESHOWS TEST: 6 free email servers for small businesses hMailServer (Windows only) wins our test; Citadel (Linux only) comes in a close second JOIN THE NETWORK WORLD COMMUNITIES As network pros you understand that the value of connections increase as the number of connections increase, the so called network effect, and no where is this more evident than in professional relationships. Join Network World's LinkedIn and Facebook communities to share ideas, post questions, see what your peers are working on and scout out job applicants (or maybe find your next opportunity). Network World on Facebook Network World on LinkedIn MOST-READ STORIES Oops. OpenStack board member says letting VMware into project was a mistake Windows Phone 8 has 'baked-in cybersecurity goodness' 5 free open source alternatives to Microsoft Office FBI warns financial institutions are being highly targeted by fraudsters Test: 6 free email servers for small businesses 20 awesome cloud services you've never heard of Juniper plotting open source alternatives to Cisco, VMware SDN controllers Forget iPhone 5: 10 top Apple alternatives Kaspersky researcher cracks Flame malware password Hard disk drives vs. solid-state drives: Are SSDs finally worth it?
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2011 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **