Security and vulnerability assessment: 4 common mistakes

	PETA plans to spy on hunters with drones | EFF urges court to protect privacy of text messages
	Network World Security				Forward this to a Friend >>>
	Security and vulnerability assessment: 4 common mistakes If you're running a robust security program, you're regularly conducting security and vulnerability assessments of your both your network and physical environments. But in the quest to uncover security gaps and vulnerabilities, slip-ups are often made, too, that make these efforts less effective at having a positive impact. Read More RESOURCE COMPLIMENTS OF: Cymphonix Maintain Network Sanity During March Madness Streaming, live NCAA basketball. It's coming to your network with a force that will make the rest of your traffic crawl at best and at worst, bring your connection to the Cloud to a complete halt. Unchecked, your network's stability and performance are at risk. Don't leave it to chance. Install an Internet Management device from Cymphonix today. Give us four minutes of your time, and we'll show you how Cymphonix will allow you to completely manage and control all March Madness traffic. Click now to view the video, "Maintain Network Sanity During March Madness." In this Issue PETA plans to spy on hunters with drones EFF urges court to protect privacy of text messages Mobile-security startup debuts with 'container' and audit tech for iPad VMware sells Protect product family to LANDesk SQL injection flaws easy to find and exploit, Veracode report finds With Firefox 22, Mozilla escalates the tracking battle Control system hack at manufacturer raises red flag The state of cloud encryption: From fiction to actionable reality EPIC presses FBI in lawsuit for details on biometric database U.S. business SEC filings suggest cyber threats may be overstated Father of SSH working on new version of crypto standard WHITE PAPER: Trusteer Dealing with Advanced and Targeted Attacks This whitepaper explains how advanced malware challenges traditional defenses to take advantage of the increased exposure of employee endpoints. It reviews the evolution of advanced targeted attacks and the various approaches used to address them. Learn More. PETA plans to spy on hunters with drones If hunters stalk their prey, how well do you suppose they would like being stalked by a drone that hunts for the hunters? Hunters may not normally be concerned with surveillance or drones, but PETA plans to launch drones in order to "spy on hunters," collect footage, and then publicize it. Read More EFF urges court to protect privacy of text messages This case represents such an obvious and egregious rights violation by police that I have a hard time granting good faith on the part of the Washington state authorities arguing otherwise. Read More Mobile-security startup debuts with 'container' and audit tech for iPad Mobile-device security startup Averail makes its debut today with its "containerization" software and service intended to give IT managers control over mobile-device apps and their content. Read More WHITE PAPER: EMC Corporation Data Protection Visibility with EMC Data Protection Advisor With better visibility and insight into a key service delivery area like backup, data protection providers can get better information with less effort—and their clients are the beneficiaries. Learn More VMware sells Protect product family to LANDesk To further its concentration on software-defined data centers, hybrid clouds and end-user computing, VMware has sold the Protect product family to LANDesk. Read More SQL injection flaws easy to find and exploit, Veracode report finds The software industry's inability to reduce the number of security flaws in its code is fuelling an age of the 'everyday hacker', criminals who can exploit vulnerabilities with a minimum of technical skills, Security testing firm Vercode's latest State of Software Security (SoSS) report has suggested. Read More With Firefox 22, Mozilla escalates the tracking battle "Do Not Track" capabilities have been controversial ever since they first appeared in Firefox 4 back in 2011, but earlier this year the battle became even more intense when Mozilla announced that it planned to begin blocking third-party cookies by default. Read More WHITE PAPER: PhoneFactor Phones Become the Leading Multi-Factor Authentication Device According to a leading analyst firm, phone-based authentication will comprise 61% of the multi-factor authentication market by the year 2014. This paper will address the key drivers for this market shift away from security tokens and includes real-world case studies from organizations that have made the move to phone-based authentication. Learn More Control system hack at manufacturer raises red flag An unreported attack on the energy management system of a New Jersey manufacturer has been revealed by the U.S. Cyber Emergency Response Team (US-CERT). Read More The state of cloud encryption: From fiction to actionable reality The risks of data privacy, residency, security and regulatory compliance remain significant barriers to cloud adoption for many enterprises. While encryption seems like an obvious solution, historically the technology produced usability issues for cloud applications. To complicate matters, putting encryption into the hands of cloud service providers still left the enterprise open to risks such as insider fraud, hacking and disclosure demands from law enforcement. Read More EPIC presses FBI in lawsuit for details on biometric database A privacy watchdog has filed a lawsuit contending the U.S. Federal Bureau of Investigation has failed to provide requested technical information about a biometric identification database expected to be the largest in the world. Read More U.S. business SEC filings suggest cyber threats may be overstated You may arrive at some conflicting conclusions about reported cyber attacks in recent filings with the U.S. Securities and Exchange Commission by some of the largest companies in the nation. Read More Father of SSH working on new version of crypto standard The Secure Shell (SSH) cryptographic network protocol that's supported in software for server authentication and machine-to-machine communications is headed for a significant update. Read More
	SLIDESHOWS Top 10 cloud tools New tools help IT execs cut cloud costs, optimize resources, integrate and manage cloud instances. JOIN THE NETWORK WORLD COMMUNITIES As network pros you understand that the value of connections increase as the number of connections increase, the so called network effect, and no where is this more evident than in professional relationships. Join Network World's LinkedIn and Facebook communities to share ideas, post questions, see what your peers are working on and scout out job applicants (or maybe find your next opportunity). Network World on Facebook Network World on LinkedIn MOST-READ STORIES 1. Microsoft: Facebook Home is a copycat, Windows Phone is the 'real thing' 2. Digia rolls out Qt 5.1 with Android and iOS support 3. Network heavy hitters to pool SDN efforts in OpenDaylight project 10. 3D printers: Not for the average consumer 9. No, Windows is not dying (although Microsoft is strangling it) 6. Windows 8: How to solve the Start Button dilemma 5. Knocking down the myths of why enterprises need MPLS 4. Anonymous cyberattack on Israel finds disputed impact 7. I ditched Windows 8 and went Ubuntu by mistake 8. AV-Test issues first Windows 8 antivirus solution ratings
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2013 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **