Attacks exploited YouTube & Microsoft Live to install surveillance

	Certificate Authority Security Council backs SSL server rules taking effect Nov. 1 | Grocery stores in multiple states hit by data breach
	Network World Security				Forward this to a Friend >>>
	Attacks exploited YouTube & Microsoft Live to install surveillance When a cybercrook targets a person, he or she usually relies on tricking the victim into clicking on link bait – such as exploiting the death of Robin Williams – or opening an email attachment, spear phishing so the victim enters sensitive info on a spoofed site, or watering hole attacks that infect a legitimate site the target tends to visit. But if the attacker can get an ISP, or others, to install specific high-speed network hardware based on carrier-grade server technologies, then there is no social engineering needed. Instead, “network injection allows the exploitation of any target that views any clear-text content on the Internet provided that they pass through a network point that the attacker controls.”To read this article in full or to leave a comment, please click here Read More : CDW Considerations For Effective Software License Management For many reasons, software license management has become a critical issue for many IT organizations and enterprise's alike. With many licensing options, hurdles and complications to consider, software licensing can be a daunting task. This e-guide provides readers with invaluable software license management techniques for the virtual data center View Now In this Issue Certificate Authority Security Council backs SSL server rules taking effect Nov. 1 Grocery stores in multiple states hit by data breach The world's coolest and geekiest mailboxes British spy agency scanned for vulnerable systems in 32 countries, German paper reveals Startup builds intrusion prevention system for home networks Gartner: Think twice before deploying Windows 7 WHITE PAPER: Dropbox The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception? Keeping data close to home, on premises, makes business and IT leaders feel inherently more secure. But the truth is, cloud solutions can offer companies real, tangible security advantages. Learn more! Certificate Authority Security Council backs SSL server rules taking effect Nov. 1 As a safety precaution to prevent SSL server certificates being exploited for network man-in-the-middle attacks on organizations, vendors that issue SSL server certificates will begin adhering to new issuance guidelines as of Nov. 1. These new rules, as described by members of the industry group Certificate Authority/Browser Forum, mean certificate authorities (CAs) will not issue certificates that contain “internal names” and expire after Nov. 1, 2015. Now, a second industry group, the CA Security Council, whose members include Go Daddy, DigiCert, Trend Micro, Entrust, Symantec, GlobalSign and Comodo, shares its perspective on these important changes in the commentary below from Wayne Thayer, a member of the Steering Committee of the CA Security Council who is also Go Daddy’s general manager for security products:To read this article in full or to leave a comment, please click here Read More Grocery stores in multiple states hit by data breach A data breach at Supervalu Inc., one of the largest grocery wholesalers and retailers in the U.S., could affect thousands of people who shopped at the company's stores between June 22 and July 17.The breach may also affect customers from several other major grocery store chains for which Supervalu provides IT services as a third-party provider.The stores affected by the breach include 180 Supervalu stores operated under the Hornbacher's Shop 'n Save, Shoppers Food & Pharmacy, Farm Fresh and Cub Foods banners. Customers of all Jewel-Osco stores operating in Illinois, Indiana and Iowa were also affected. Supervalu offered up a list of the stores it believes were affected ( download PDF) and has posted a FAQ about the breach..To read this article in full or to leave a comment, please click here Read More WHITE PAPER: Cisco Cisco Connected Mobile Experiences (CMX) Amplify customer interactions with Cisco Connected Mobile Experiences. Our platform's Wi-Fi intelligence meets the needs of a growing mobile audience. And with Cisco Services, we'll help you design a mobile infrastructure that addresses your unique business goals for a high return on your investment. Learn more The world's coolest and geekiest mailboxes "Image by REUTERS/Fred ProuserSnail mail may get the short shrift these days but that doesn’t mean the mail deserves to be delivered to a basic black box with numbers on it. No-siree.  What we have here is a collection of mailboxes – starting with a number from Florida, but including a number from around the world that are pretty cool and geeky. If you have a cool mailbox drop us a picture. As for the others, take a look:To read this article in full or to leave a comment, please click here Read More British spy agency scanned for vulnerable systems in 32 countries, German paper reveals Heise Online reveals top-secret details about the GCHQ's 'Hacienda' program Read More WHITE PAPER: Juniper Networks Security in the Next-Generation Data Center This white paper examines these trends, and it reveals the key capabilities that today's security teams require to effectively ensure that vital corporate assets remain secure, while at the same time optimizing access, cost, and administrative efficiency. View Now Startup builds intrusion prevention system for home networks At a time of growing concern about the security of interconnected devices in homes, a startup aims to provide consumers with a type of network security system traditionally used by businesses.At the DefCon 22 security conference in Las Vegas last week, San Jose-based Itus Networks unveiled an intrusion prevention system that it claims can protect the increasing number of network-connected consumer devices from outside attacks.The firm’s iGuardian product, which the company hopes will be mass produced starting in February, is a small device that can be installed in front of a router to analyze incoming and outgoing network traffic for signs of malicious activity.To read this article in full or to leave a comment, please click here Read More Gartner: Think twice before deploying Windows 7 Gartner warns IT to think about upgrade problems down the road. Read More
	SLIDESHOWS Black Hat 2014: How to crack just about everything From cell phones and cars to IPv6 security researchers have turned their skills against a world of technology. JOIN THE NETWORK WORLD COMMUNITIES As network pros you understand that the value of connections increase as the number of connections increase, the so called network effect, and no where is this more evident than in professional relationships. Join Network World's LinkedIn and Facebook communities to share ideas, post questions, see what your peers are working on and scout out job applicants (or maybe find your next opportunity). Network World on Facebook Network World on LinkedIn MOST-READ STORIES of 2014 1. Netscout sues Gartner over Magic Quadrant rating 2. Why TCP/IP is on the way out 3. Amazon Fire Phone: Nice but nothing to get fired up about 4. Rackspace bows out commodity IaaS market in favor of 'managed cloud' 5. Cisco's new UCS fabric interconnect: no ACI? 6. Smartphone kill-switch bill passes California assembly 7. Emerging networking technology used by Apple, Cisco will frustrate firewalls 8. IBM/DARPA turn out brain-like 5-billion transistor superchip 9. 10 ways to get noticed at Black Hat 10. Top 20 colleges for computer science majors, based on earning potential JOIN THE IDG CONTRIBUTOR NETWORK The IDG Contributor Network is a collection of blogs written by YOU -- leading IT practitioners -- about the technology, business opportunities and challenges you face everyday. We invite you to become a contributor or participate by joining the conversations your peers spark. Apply now to become a member
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy When accessing content promoted in this email, you are providing consent for your information to be shared with the sponsors of the content. Please see our Privacy Policy for more information. If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2014 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **