[SECURITY] [DSA 2747-1] cacti security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2747-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
August 31, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : cacti
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-5588 CVE-2013-5589

Two vulnerabilities were discovered in Cacti, a web interface for
graphing of monitoring systems:

CVE-2013-5588

install/index.php and cacti/host.php suffered from Cross-Site
Scripting vulnerabilities.

CVE-2013-5589

cacti/host.php contained an SQL injection vulnerability, allowing
an attacker to execute SQL code on the database used by Cacti.

For the oldstable distribution (squeeze), these problems have been fixed in
version 0.8.7g-1+squeeze3.

For the stable distribution (wheezy), these problems have been fixed in
version 0.8.8a+dfsg-5+deb7u2.

For the unstable distribution (sid), these problems have been fixed in
version 0.8.8b+dfsg-3.

We recommend that you upgrade your cacti packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJSIjM+AAoJEL97/wQC1SS++40H/RQJwb6+1U4HTa0oEe0XxDoc
tarEazGr4nyHq2iP9yLKAZQAxtXZsLBznUGhIQVNplNpjRCVVATtLl+gzazvpQJk
EDZdtlJkOrC5nvlsGmhXs7WWukemU/gkaskfXwd0/G3w1HxuSWmbdSuyyaKbYPZB
opDiko0aDPrOo/2dRP/45J20lJ0zVn4C62HZvs6u8RCyji9yADibHe3J4QWlaj8G
ZsHCoVjUgkA81fBiI/H42Wqiewf0+R56CXLsf/csEk7vMmGZYpfnd8trvS9I5Yx2
4ZQVbzWiX4ItvWmljWDLtBy11xKC5tz1bM5mKDAY2oAtM+S2rCzar5uLoduvwEk=
=pAOw
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/87fvtp7mt3.fsf@mid.deneb.enyo.de

RE

Su correo-ID se ha dado 950,000,00 GBP en nuestro Uk Online promo.send
su
1.Names ............
2.Dirección ........
3.Country .........

--


El servicio de correo misena es soportado tecnológicamente por © Google y
ofrecido por el Servicio Nacional de Aprendizaje – SENA de manera gratuita
a todos los colombianos y en especial a los aprendices e instructores de
Programas de Formación Titulada y Complementaria. Los contenidos, textos,
imágenes, archivos y puntos de vista enviados en este mensaje son
responsabilidad exclusiva del remitente y no reflejan ni comprometen
oficialmente a la institución. No se autoriza el uso de esta herramienta
para el intercambio de correos masivos, cadenas o spam, ni de mensajes
ofensivos, de carácter político, sexual o religioso, con fines de lucro,
con propósitos delictivos o cualquier otro mensaje que se considere
indebido o que vaya en contra de la Ley.

Invitation: Hello. @ Sat 31 Aug 2013 00:00 - 01:00 (jessicaali119@gmail.com)

more details » Hello. Hello, My name is Miss Jessica Ali, It give me a great pleasure to write you. I was browsing when i came across your email contact and it attracts me to write to you so that we can be friends if you will have the desire as me. i will be very happy to be in communication with you so that we can get to know each other better and see what happens in future. I await your reply so that i can tell you more about my self and give you my picture. I will be waiting to hear from you on my E-mail: jessicaali1993@yahoo.fr Have a great day. Thanks. Regards. Miss Jessica Ail. When Sat 31 Aug 2013 00:00 – 01:00 Eastern Time Calendar jessicaali119@gmail.com Who (Guest list has been hidden at organiser's request) Going?   Yes - Maybe - No    more options »

Invitation from Google Calendar You are receiving this courtesy email at the account security.world@gmail.com because you are an attendee of this event. To stop receiving future notifications for this event, decline this event. Alternatively, you can sign up for a Google account at https://www.google.com/calendar/ and control your notification settings for your entire calendar.

New iPAS System Gets

Hi,

I know you get a lot of mail with offers, but I want you to read this
one carefully!

I'm looking for serious people who want to work part-time or even
full-time from home marketing a new viral blogging platform that can
be used for promoting any type of business, blogging about trending
news, viral videos, and just cool and fun stuff.

This new blogging platform will include Social media syndication,
both audio and video blogging capabilities via mobile app and many
other cool features!

We are helping 1000's make 4 figure, 5 figure and even 6 figure
incomes per month online.

Over $60 Million in commissions have already been paid out in the
last 18 months!

We are now paying out an average of over $1 Million a week in
commissions.

So, if that's of interest to you, then enter your email and watch this:
http://linkprosperity.com/new-ipas-system-gets-1-2-paid-referrals-daily

You can get some insight on our exclusive marketing system, iPAS,
that in just 2 short weeks has created over $30,000 in sales
commissions for our members.

Here is the I PAS system:
http://superwebsecrets.com/iPAS-System/?id=coy123

More additional info can be found here: http://ipaskit.uwanted2know.com

Here is my contact details if you have any questions:

Jeff Kellum
Skype: jeffcoy1
PHONE+447449980449
EMAIL:coy.e.kellum@btinternet.c

Some good news on gun violence prevention

Joe -- It's not every day that we get good news in the fight to prevent gun violence, so I wanted to make sure you saw this: Even though Congress has failed to act in the nine months since Newtown, President Obama took two executive actions yesterday to help keep weapons out of the hands of dangerous people. Read more about this announcement, and be sure to share the good news -- here's an Associated Press story you can share on Facebook -- or on Twitter. Yesterday's announcement involves two executive actions -- here's what they do: #1. Close a loophole that allowed some dangerous weapons to be purchased without a background check. Currently, people -- including convicted felons and domestic abusers -- can buy machine guns and short-barreled shotguns and register them to trusts or corporations to avoid a background check. Not anymore: That loophole is now closing. #2. Keep surplus military weapons off the streets. When the United States provides military firearms for our allies, it had been legal for private American companies to buy them back, with governmental approval. That ends today: The United States will be denying requests to bring military-grade firearms back into our country, with some exceptions for museums and the like. These are big steps forward to keep our families and communities safer -- but we also know they're not enough. Only Congress can pass legislation expanding background checks for gun sales -- that's why we can't let up. Share the great news today -- and ask your friends to join our fight. Post it on Facebook: http://my.barackobama.com/AP-Gun-Action-Update-FB Or tweet it out today: http://my.barackobama.com/AP-Gun-Action-Update-TW Thanks for being part of this, Kelly Kelly Byrne Gun Violence Prevention Campaign Manager Organizing for Action ---------------- The other side will spend millions to maintain the status quo. We're fighting for change -- chip in $5 or more to support OFA today.

Paid for by Organizing for Action

Contributions or gifts to Organizing for Action are not tax deductible.

This email was sent to: securityworld@gmail.com. If that is not your preferred email address, you can update your information here. We believe that emails are a vital way to stay in direct contact with supporters. Click here if you'd like to unsubscribe from these messages. Organizing for Action, P.O. Box 66732 Washington, D.C. 20035

Security Management Weekly - August 30, 2013

Learn more! ->     August 30, 2013     Corporate Security Sponsored By: "NSA Paying U.S. Companies for Access to Communications Networks" "Caught on Camera: How Video Surveillance Can Protect Your Business" "Facebook: Government Agents in 74 Countries Demanded Data on 38,000 Users So Far This Year" "New Michigan Law Makes Shoplifting a Crime That Results in Prison Time" "Three Apple Patents Being Reexamined by USPTO on Anonymous Requests" U.S. Patent and Trademark Office Homeland Security Sponsored By: "Secret Budget Details U.S. Spy Operation" National Intelligence Program "DNI to Release Surveillance-Request Data" Director of National Intelligence "Pentagon Not Likely to Attack Syria's Chemical Weapons Depots" "NSA Broke UN Video-Conferencing Encryption, Eavesdropped on Deliberations" "Study: U.S. Nuclear Reactors Vulnerable to Terror Attack" Cyber Security Sponsored By: "Expect More Web Hacking if U.S. Strikes Syria: Cybersecurity Expert" "iOS and Android Weaknesses Allow Stealthy Pilfering of Website Credentials" "Napolitano Warns Large-Scale Cyberattack on U.S. is Inevitable" "Sept. 23 Deadline Looms for Business Compliance With HITECH Act on Patient Privacy" Health Information Technology for Economic and Clinical Health Act "Popular Download Management Program Has Hidden DDoS Component, Researchers Say" Distributed Denial of Service             NSA Paying U.S. Companies for Access to Communications Networks Washington Post (08/30/13) Timberg, Craig; Gellman, Barton The National Security Agency (NSA) is paying hundreds of millions of dollars a year to U.S. companies for secret access to their communications networks, targeting foreign enemies, but also sweeping large volumes of American phone calls, emails, and other communications. The majority of the spending goes to participants in a Corporate Partner Access Project for major U.S. telecommunications providers. The project calls for the NSA to tap into "high volume circuit and packet-switched networks," according to a spending blueprint for fiscal 2013, which showed that the program was expected to cost $278 million this year, down from $394 million in 2011. However, privacy advocates say the multimillion-dollar payments could create a profit motive to offer more than the required assistance. "It turns surveillance into a revenue stream, and that’s not the way it’s supposed to work," says Electronic Privacy Information Center executive director Marc Rotenberg. Web Link | Return to Headlines Caught on Camera: How Video Surveillance Can Protect Your Business Yahoo! Small Business Advisor (08/28/13) Heyden, Karine Though there are obvious benefits to safeguarding business premises against in general intruders, theft and vandalism after hours, there are also several ways in which video surveillance can help protect a business during the work day. Though some may think this approach is only suited to bug business, small business are reaping the benefits of video surveillance. Not only can video surveillance help identify those coming and going during business hours, but it can also be used after any unfortunate event inside the shop to help identify those involved. Images or descriptions provided through such surveillance can be sent to area police to help them identify suspected shop lifters or burglars in the area, which can help result in their capture. Video surveillance can also provide verification of information and evidence to help black fraudulent claims, as when a customer returned to a shop claiming to have left her purse and then when it was not produced, demanded the amount of money allegedly in it. The shop-girl was able to use the video surveillance tapes to show herself serving the customer, and the customer putting her goods and purse into the shopping bad. The customer left, but the shop-girl was able to provide stills from the video to the police to give to other area shops along with a report of the scam. Video surveillance also helps provide protection for a business' clients and staff, as it helps monitor the area against potential passing threats such as muggers, and helps to protect staff against potential violence from clients or others who enter the store. Web Link | Return to Headlines Facebook: Government Agents in 74 Countries Demanded Data on 38,000 Users So Far This Year Associated Press (08/27/13) Facebook revealed on August 27 that during the first half of 2013, government agents from 74 countries demanded that the company provide information on around 38,000 Facebook users, though nearly half of the orders were made by authorities in the United States. Like Google and Microsoft, the social-networking giant is beginning to release figures on how often governments seek information about its customers, and, also similarly, it is hard to determine much from Facebook's data. The company has been criticized for helping the National Security Agency secretly collect data on customers, as it has turned over some data in response to around 60 percent of that agency's requests. The report did not make it clear how many of the approximately 26,000 government requests on 38,000 users were for law-enforcement purposes and how many were for intelligence gathering, as the federal government forbids companies from revealing exact numbers. Colin Stretch, Facebook's general counsel company said in a blog post that "We fight many of these requests, pushing back when we find legal deficiencies and narrowing the scope of overly broad or vague requests. When we are required to comply with a particular request, we frequently share only basic user information, such as name." Facebook said that it plans to release what figures it can on a regular basis. Web Link | Return to Headlines New Michigan Law Makes Shoplifting a Crime That Results in Prison Time MLive.com (08/22/13) Deiters, Barton In Michigan, the newly passed Organized Retail Crime Act, sponsored by Genesee County State Rep. Joseph Graves, has moved shoplifting from being considered a misdemeanor to being seen as a felony, that would be punishable by up to five years in prison. In particular, the law targets those who steal goods with the express intent of reselling them. According to Grandville Police Department Sgt. Detective Renee Veldman, the statute has been a welcome addition to the tools used by law enforcement. The Michigan Retailers Association spearheaded getting the law passed in 2012 in order to fill a gap that existed between the petty thefts of single items and the more sophisticated criminals who are looking to make a profit, according to William Hallan, vice president for governmental affairs and general counsel. Hallan, is on the Organized Retail Crime Advisory Board, which has been tasked by Gov. Rick Snyder to monitor the effectiveness of the new law over time. He warned that organized criminals often become more aggressive and would be even more willing to turn to violence. Web Link | Return to Headlines Three Apple Patents Being Reexamined by USPTO on Anonymous Requests Apple Insider (08/22/13) Campbell, Mikey The U.S. Patent and Trademark Office has decided to comply with anonymous requests to reexamine a total of three Apple patents, all of which pertain to litigation with Samsung. The first two patents up for reexamination are iPhone design properties, one successfully used in the Apple v. Samsung court trial and another from Apple's recent win of an import ban from the U.S. International Trade Commission. The patent asserted to the ITC was unsuccessful, though Apple still has a chance to reassert the property in an appeal. Apple's two design patents are nearly identical, each showing drawings of the original iPhone. The new questions of patentability are also similar, with the USPTO citing three Japanese patents as prior art references. The three patents were not taken into consideration when the USPTO first examined Apple's designs, which the anonymous requesting party now claims are obvious. "Each of the three [Japanese prior art] references include a rectangular front face having a rectangular screen, a border space around the screen, and an oblong shaped speaker opening above the screen," the USPTO notice states. The anonymous requester is combining the three Japanese patents other references to invalidate Apple's properties. The USPTO has yet to issue a first Office action to reject claims from either Apple patent. The third Apple patent is currently being asserted in separate cases against Samsung and Motorola. Web Link | Return to Headlines Secret Budget Details U.S. Spy Operation Washington Post (08/30/13) Gellman, Barton; Miller, Greg The U.S. government's top-secret $52.6 billion "black budget" for fiscal 2013, obtained from former ­intelligence contractor Edward Snowden, maps a bureaucratic and operational landscape that has never been subject to public scrutiny. Although the government has annually released its overall level of intelligence spending since 2007, it has not divulged how it uses the money or how it performs against the goals set by the president and Congress. The 178-page budget summary for the National Intelligence Program details the successes, failures, and objectives of the 16 spy agencies that make up the U.S. intelligence community. The summary describes cutting-edge technologies, agent recruiting and ongoing operations. While U.S. spy agencies have built an intelligence-gathering colossus since the attacks of Sept. 11, 2001, they remain unable to provide critical information to the president on a range of national security threats, according to the budget. The budget summary reveals that spending by the CIA has surged past that of every other spy agency, with $14.7 billion in requested funding for 2013. The figure vastly exceeds outside estimates and is nearly 50 percent above that of the National Security Agency, which conducts eavesdropping operations and has long been considered the behemoth of the community. Long before Snowden's leaks, the U.S. intelligence community worried about “anomalous behavior” by employees and contractors with access to classified material, according to the budget summary. The NSA planned to ward off a “potential insider compromise of sensitive information” by re-investigating at least 4,000 people this year who hold high-level security clearances. Web Link | Return to Headlines DNI to Release Surveillance-Request Data Politico (08/29/13) Romm, Tony Amid rising backlash to the U.S. government's secret surveillance efforts, the Obama administration announced Thursday it would release aggregate data annually about its requests for phone call logs and Internet chats. The requests include those issued under the controversial Foreign Intelligence Surveillance Act as well as the government's use of National Security Letters. Director of National Intelligence James Clapper said in a statement that the yearly disclosures would include the government's "total number of orders issued during the prior 12-month period, and the number of targets affected by these orders." Meanwhile, Google and Microsoft have petitioned the Foreign Intelligence Surveillance Court to allow them to explain more about the access they give to the federal government. The court has granted six extensions to the Justice Department to enable it to negotiate with the companies. The latest 10-day deadline extension expires on Friday. Web Link | Return to Headlines Pentagon Not Likely to Attack Syria's Chemical Weapons Depots Homeland Security News Wire (08/28/13) According to administration officials, the coming U.S. military strike against Syria, which could be launched as early August 29, will aim not to change the regime, but to punish the use of chemical weapons, and to "deter and degrade" the ability of the Assad regime to use chemical weapons in the future. Though the attack will not be focused on chemical weapons storage sites, due to concerns that targeting these sites could result in the release of toxic clouds into the air, potentially creating an environmental and humanitarian disaster. An official said that while suspected chemical weapons depots are tempting targets, "Our interest is in keeping the chemical weapons secured. You hit a bunker that holds chemical weapons and all of a sudden you have chemical weapons loose." Israeli intelligence analysts disagree with this concern, as they are of the opinion that Assad's chemical depots can – and should – be attacked. According to Israel, not only do Western intelligence agencies know the locations of at least 90 percent of the Syrian chemical weapons bases, they also know that the components of the chemical weapons are stored separately and are only assembled when a strike order is given, so an attack on such a facility will not trigger a chemical reaction. It is not clear if Israel will be able to change the U.S. viewpoint, but it is clear that if Assad retaliates against Israel following an American strike on Syria, Israel will not hesitate to attack these storage facilities. Web Link | Return to Headlines NSA Broke UN Video-Conferencing Encryption, Eavesdropped on Deliberations Homeland Security News Wire (08/26/13) On Sunday, German newspaper Der Spiegel reported that secret documents from the National Security Agency (NSA) showed that in 2012, the agency broke the encryption used to secure the internal video conferencing at the New York headquarters of the United Nations. One of the document's cited in the report claimed that breaking the encryption allowed the agency to benefit from "a dramatic improvement of data from video teleconferences and the ability to decrypt this data traffic." According to the Spiegel report, following the European Union's U.S. delegation's into new offices in New York in September 2012, the NSA began eavesdropping on the organization's headquarters for an operation codenamed "Apalachee." Within three weeks of breaking the encryption, the report noted, the NSA had increased the number of decrypted communications from twelve to 458, and later determined that the Chinese secret service was also eavesdropping on the UN. Web Link | Return to Headlines Study: U.S. Nuclear Reactors Vulnerable to Terror Attack Security Director News (08/20/13) According to a new report from the Nuclear Proliferation Prevention Project at the University of Texas at Austin, which conducted a security assessment of the United States' 104 commercial nuclear-power reactors under contract for the Pentagon, the level of security at these plants is not adequate against large-scale, credible terrorist threats. The study noted that while some government nuclear facilities are properly protected, others are not, and called on the government to require all high-consequence nuclear targets to have sufficient protection. Study authors Lara Kirkham and Alan Kuperman noted the despite the fact that some nuclear-power plants are vulnerable to attack from the sea, they are not require to defend against such attacks. Three of the civilian research reactors fueled with weapons-grade uranium, the study said, will be using that material for another decade at least, but are not protect against a terrorist attack in the same way as military facilities holding the same material. Currently, the nation's civilian reactors are only required to prepare for smaller-scale attacks, though Kuperman noted that the government is not providing additional protection against a realistic 9/11-style attack. The report is available online, at http://blogs.utexas.edu/nppp/files/2013/08/NPPP-working-paper-1-2013-Aug-15 .pdf Web Link | Return to Headlines Expect More Web Hacking if U.S. Strikes Syria: Cybersecurity Expert Los Angeles Times (CA) (08/28/13) Puzzanghera, Jim Cybersecurity expert Adam Meyers, vice president of intelligence for CrowdStrike, said on Wednesday that the Syrian Electronic Army, a hacker group that has taken the credit for outages on the websites of sever new organizations, including the New York Times, will likely increase its hacking activity if military strikes against Syria are launched by the U.S. This hacker group supports President Bashar Assad and wants to keep people from viewing any information about the Assad regime that it deems negative, and does so by launching hacking attacks on news and social media sites. Meyers commented that "They’re gearing up to continue the campaign, and if the hammer starts to come down on the current regime, they’re going to start desperately trying to provide positive messaging and negatively impact those speaking badly about the regime." The tactic known as spear phishing was used to gain access to the user name and password of a sales partner at an Australian Internet company MelbourneIT, and from that access, the hackers were able to prevent computers from accessing the New York Times website for large parts of Tuesday and into Wednesday. Web Link | Return to Headlines iOS and Android Weaknesses Allow Stealthy Pilfering of Website Credentials Ars Technica (08/27/13) Goodin, Dan Microsoft and Indiana University researchers have found an architectural weakness in both the iOS and Android mobile operating systems that makes it possible for hackers to steal sensitive user data and login credentials for popular email and storage services. The researchers, in a paper to be presented at the ACM Special Interest Group on Security, Audit and Control's (SIGSAC) Computer and Communications Security Conference in November, found that both operating systems fail to ensure that browser cookies, document files, and other sensitive content from one Internet domain are off-limits to scripts controlled by a second address without explicit permission. The same-origin policy is a basic security mechanism enforced by desktop browsers, but the protection is absent from many iOS and Android apps. The researchers demonstrated the threat by creating several hacks that carry out cross-site scripting and cross-site request forgery attacks. "The problem here is that iOS and Android do not have this origin-based protection to regulate the interactions between those apps and between an app and another app's Web content," says Indiana University professor XiaoFeng Wang. The researchers created a proof-of-concept app called Morbs that provides OS-level protection across all apps on an Android device. Morbs works by labeling each message with information about its origin that could make it easier for developers to specify and enforce security policies based on the sites where sensitive information originates. Web Link | Return to Headlines Napolitano Warns Large-Scale Cyberattack on U.S. is Inevitable The Hill (08/27/13) Yager, Jordy Outgoing Homeland Security Secretary Janet Napolitano expects her successor to move quickly to strengthen U.S. cyberdefense. "Our country will, at some point, face a major cyber event that will have a serious effect on our lives, our economy, and the everyday functioning of our society," Napolitano says. While terrorist threats to the country have not been eliminated, the ability for the United States to stop attacks rapidly increases with each uncovered plot. "For every attack we experience, every threat we face and every piece of intelligence we come across, we learn; we assess our preparations and capabilities; we make changes; we become more flexible in the actions we take; and we get stronger and more nimble," Napolitano says. Web Link | Return to Headlines Sept. 23 Deadline Looms for Business Compliance With HITECH Act on Patient Privacy Computerworld (08/26/13) Vijayan, Jaikumar Organizations that handle healthcare data, including online storage vendors and cloud service providers, must comply with new security and privacy requirements under the Health Information Technology for Economic and Clinical Health (HITECH) Act by Sept. 23. The HITECH Act includes new breach notification standards and restrictions on the use and disclosure of protected health information. In addition, organizations must ensure that business associates and subcontractors are compliant with the privacy and security requirements of the Health Insurance Portability and Accountability Act. Covered entities also must provide updated patient privacy notices that describe patient data rights and how data can be used and shared. The new rules will hold business associates of healthcare providers, such as cloud service providers, directly responsible for protecting patient data, even if the vendor is only storing the data. Web Link | Return to Headlines Popular Download Management Program Has Hidden DDoS Component, Researchers Say IDG News Service (08/22/13) Constantin, Lucian Newer versions of Orbit Downloader, a popular Windows program for downloading embedded media content and other file types, turns computers into bots and uses them to send distributed denial-of-service (DDoS) attacks, according to ESET. ESET researchers say once it is downloaded on the program's official website, Orbit Downloader, beginning with version 4.1.1.14, silently downloads and uses a Dynamic Link Library component that has DDoS functionality. An encrypted configuration file containing a list of sites and Internet Protocol addresses to serve as targets for attacks is downloaded from the same site, ESET says. Once they found the DDoS component, the ESET researchers investigated junk programs installed by Orbit Downloader. "The developer [of Orbit Downloader], Innoshock, generates its revenue from bundled offers, such as OpenCandy, which is used to install third-party software as well as to display advertisements,” the researchers say, noting that the practice has become standard for free programs. However, they say, “what is unusual, though, is to see a popular utility containing additional code for performing denial-of-service attacks." Web Link | Return to Headlines Abstracts Copyright © 2013 Information, Inc. Bethesda, MD   ASIS also offers a daily and a non-sponsored, special-content Professional Edition of Security Newsbriefs. Please click to see a sample or to contact us for more information. Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

Sarah Palin's latest

Joe -- This is the last thing I wanted to talk about before Labor Day weekend, but you gotta hear this: Former Alaska Governor Sarah Palin just joined the "Defund Obamacare" movement -- a group of people, including 80 members of Congress, who are willing to sabotage the economy because they don't like Obamacare. This is the kind of reckless nonsense President Obama is up against in trying to pass a smart budget that actually grows the economy for the middle class. OFA is here to fight back -- because when it comes down to it, I doubt the American people are going to like hearing that people are threatening to shut down the government instead of passing a budget. Thanks for being a voice of reason. For the sake of our national sanity, will you take the next step in this fight, and chip in $5 or more to support OFA? Congress has a budget deadline of September 30th. All next month, OFA is going to push Congress to consider President Obama's plan for the country -- one that focuses on creating jobs and growing the economy, instead of scoring political points. We'll be calling out the radical members of Congress for their recklessness -- and asking John Boehner to be a leader and stand up to his colleagues. Because if our representatives don't know that there's a price to pay for this kind of nonsense, it's not ever going to stop. Chip in $5 or more today to support our work: https://donate.barackobama.com/Pass-a-Smart-Budget Thanks, Jon Jon Carson Executive Director Organizing for Action ---------------- The other side will spend millions to maintain the status quo. We're fighting for change -- chip in $5 or more to support OFA today.

Paid for by Organizing for Action

Contributions or gifts to Organizing for Action are not tax deductible.

This email was sent to: securityworld@gmail.com. If that is not your preferred email address, you can update your information here. We believe that emails are a vital way to stay in direct contact with supporters. Click here if you'd like to unsubscribe from these messages. Organizing for Action, P.O. Box 66732 Washington, D.C. 20035

CV for Senior position in HR/Admin/IR

Dear Manager HR,

Applying for any senior position in HR/Admin/IR. CV is attached.

Regards,

Asif Amin

0333-2291721 

Unisys going on offense in server and security markets

	Hot products from VMworld 2013 | Facebook report on government data requests a reminder there is no privacy
	Network World Compliance				Forward this to a Friend >>>
	INSIDER Unisys going on offense in server and security markets CEO Ed Coleman says a new software-focused data center strategy and powerful new security technology will enable Unisys to take up the attack in vital market segments and shake up customer views about the usually quiet company. Read More WEBCAST: HP Intel VMware The Cloud: Why the Hybrid Cloud May Be Best A combination of the public and private cloud, the hybrid cloud fits the needs of a broad range of enterprises. View Now! In this Issue Hot products from VMworld 2013 Facebook report on government data requests a reminder there is no privacy Three types of DNS attacks and how to deal with them Anonymous responds to FBI claims of victory with record leaks Next Microsoft CEO faces rocky road in easing NSA-fueled privacy worries VMware spotlights key NSX security tool for deploying security software and services Developers hack Dropbox, show how to access to user data Tesla Model S vulnerable to hackers, kind of Hackers may cash in when XP is retired Sept. 23 deadline looms for business compliance with HITECH Act on patient privacy How technology is transforming the NFL WHITE PAPER: Condusiv Technologies IDC: I/O Optimization Boosts Virtualization Performance In this Tech Spotlight, IDC highlights the plague of unnecessary I/O in virtual environments, the need for software intelligence to remove it, the importance of I/O optimization at the top of the stack and why Condusiv should be considered as an alternative to hardware for performance. Read now! Hot products from VMworld 2013 Click through to see all the latest from the show in San Francisco. Read More Facebook report on government data requests a reminder there is no privacy Facebook, others cannot refuse legitimate requests, so users should think twice before posting and follow employers' policies for social networks Read More Three types of DNS attacks and how to deal with them The Syrian Electronic Army, a pro-Assad hacking group, altered the DNS records used by the New York Times, Twitter, and the Huffington Post. The changes forced one site offline and caused problems for the others. Here are three ways such attacks happen, and how they can be mitigated Read More WHITE PAPER: Mitel Networks Computerworld Report: Wrangling Your Mobile Devices This report looks at how IT executives at companies large and small are learning to embrace the mobile device trend, by rethinking their strategies, hammering out new policies and locking down their critical data. Learn More Anonymous responds to FBI claims of victory with record leaks Anonymous leaks thousands of records days after FBI claims it dismantled the hacktivist group Read More Next Microsoft CEO faces rocky road in easing NSA-fueled privacy worries Ballmer's replacement will have to build trust overseas, especially after report Germany advised to not use Windows 8 because of backdoor Read More VMware spotlights key NSX security tool for deploying security software and services VMware's NSX network virtualization platform, expected out by year end, will have a key security tool for deploying security software and services to VMware-based virtual machines. Read More WHITE PAPER: Verizon Secure, Stable Cloud Computing Business-critical applications in the cloud require the highest level of multilayered security. Learn how Terremark's secure, advanced data centers and clustered grid architecture provide the redundancy needed to keep critical systems up when hardware goes down while also providing monitoring, backups, patching and incident management. Learn More Developers hack Dropbox, show how to access to user data Developers who were able to bypass Dropbox's security by reverse-engineering Python applications -- the language used by the cloud storage provider -- described their technique in a published paper. Read More Tesla Model S vulnerable to hackers, kind of It's the curse of the connected car – once it's linked to the Internet, it's, well, on the Internet. In the case of the Tesla Model S, this means that malicious hackers could, in theory, control some functions of the vehicle and even track it without the owner's knowledge. Read More Hackers may cash in when XP is retired Hackers may bank their Windows XP zero-day exploits and cash them in after Microsoft stops patching the aged operating system next April. Read More Sept. 23 deadline looms for business compliance with HITECH Act on patient privacy Organizations handling protected health information have until Sept. 23 to comply with new security and privacy requirements that were included as part of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. Read More How technology is transforming the NFL Read More
	SLIDESHOWS Hot products from VMworld 2013 Click through to see all the latest from the show in San Francisco. JOIN THE NETWORK WORLD COMMUNITIES As network pros you understand that the value of connections increase as the number of connections increase, the so called network effect, and no where is this more evident than in professional relationships. Join Network World's LinkedIn and Facebook communities to share ideas, post questions, see what your peers are working on and scout out job applicants (or maybe find your next opportunity). Network World on Facebook Network World on LinkedIn MOST-READ STORIES 1. Juniper kills MobileNext mobile packet product line 2. IBM starts restricting hardware patches to paying customers 3. Old electronics don't die, they pile up 4. School starts mass social media surveillance of students for their 'safety' 5. Developers hack Dropbox, show how to access user data 6. Spear phishing led to DNS attack against the New York Times, others 7. Cisco in for a virtual fight 8. Apple's iPhone trade-in program is a game changer 9. Hot products from VMworld 2013 10. Linus Torvalds celebrates 22 years of Linux with nostalgic message
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_compliance_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2013 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **