DARPA targets complex software algorithm vulnerabilities

	Home Depot confirms breach of its payment systems | OpenSSL warns vendors against using vulnerability info for marketing
	Network World Security
	DARPA targets complex software algorithm vulnerabilities Talk about finding a needle in a haystack. The Defense Advanced Research Projects Agency says it wants to develop sophisticated code that can find faults in key algorithms used to anchor major software packages that for example implement hash tables or conduct password checks. Read More RESOURCE COMPLIMENTS OF: SMS PASSCODE Are You Protecting Your Data With Just a Password? Weak or stolen passwords are hackers' preferred weapon, and are exploited in 76 percent of all network intrusions. This infographic highlights some of the most relevant statistics about Hacking today and why passwords are no longer enough to keep your systems safe. In this Issue Home Depot confirms breach of its payment systems OpenSSL warns vendors against using vulnerability info for marketing Hackers launch Apple ID phishing campaign playing on iCloud security worries 5 business uses for wearable technology Rotten Apple: Apple's 11 biggest failures 6 Hot New IT Roles for 2015 Popular Android apps fail basic security tests, putting privacy at risk IBM secures SoftLayer with Intel trusted modules : Riverbed | Orange A CIO's Guide to Better Network Performance IT consolidation is putting significant strains on the traditional network paradigm. The videos in this Knowledge Vault provide executive overviews of how to meet branch consolidation goals with an eye to a seamless hybrid networking architecture that is application-aware, simple to manage, and leverages application visibility and WAN optimization. Learn More Home Depot confirms breach of its payment systems Home Depot said Monday that its payment systems had been breached, potentially affecting any customers who shopped at its stores in the U.S. and Canada since April.There’s no evidence yet that debit card PIN numbers had been compromised, the company said, though it was still figuring out the scope and scale of the attacks.Home Depot doesn’t believe people who shopped online at HomeDepot.com, or at its physical stores in Mexico, were affected, it said.The company didn’t specify what information tied to people’s cards may have been compromised, and a spokeswoman declined to comment further.Home Depot made the announcement after nearly a week-long investigation conducted with IT security firms, banking partners and the Secret Service, it said. The investigation focused on the period from April onward.To read this article in full or to leave a comment, please click here Read More OpenSSL warns vendors against using vulnerability info for marketing Security advisories for OpenSSL should not be used for competitive advantage, according to the development project behind the widely used cryptography component.The warning comes from the OpenSSL Project, which has published for the first time guidelines for how it internally handles security problems, part of an ongoing effort to strengthen the project following the Heartbleed security scare in April.High severity issues such as remote code execution vulnerabilities will be kept private within OpenSSL’s development team, ideally for no longer than a month until a new release is ready.To read this article in full or to leave a comment, please click here Read More : Samsung Is your smartphone secure enough? Learn how Samsung KNOX's multi-layered approach to mobile security protects against malicious apps, prevents attacks from one domain spreading to another domain and more. Learn More Hackers launch Apple ID phishing campaign playing on iCloud security worries The hackers behind the Kelihos botnet are trying to capitalize on users’ increased awareness about the security of Apple online accounts through a new phishing campaign.According to security researchers from Symantec, the Kelihos botnet has started sending spam emails that purport to be security alerts from Apple informing recipients that a purchase was made using their Apple ID from the iTunes Store. Apple IDs are the accounts that customers use to access Apple’s online services.The rogue emails bear the subject “Pending Authorisation Notification” and claim that the purchase was made from a computer or a device not previously linked to the user’s Apple ID, the Symantec researchers said Friday in a blog post. The emails list an IP (Internet Protocol) address from where the purchase was allegedly initiated and a corresponding physical location of Volgograd, Russia, they said.To read this article in full or to leave a comment, please click here Read More 5 business uses for wearable technology As we wait for Apple's rumored iWatch, now is a good time to think about how wearable computing might find a home in the business world. Read More : McAfee Needle in a Datastack Report The volume of security-related data today can make identifying a threat like looking for a needle in a haystack. Yet collecting more data also plays a transformational role in information security. Organizations need to learn how to harness and sift through this wealth of information to protect themselves from the threats they face every day. Learn more >> Rotten Apple: Apple's 11 biggest failures Apple sets the standard -- for both success and failure. Here's a look at 11 major screwups, some of which almost derailed the company Read More 6 Hot New IT Roles for 2015 The pace of change in IT has always been brisk, but technology advances such as virtualization, the cloud, service management and a focus on information management and collaboration have forced businesses into a dead sprint to keep up. And as technology changes, so do the skills, knowledge and job roles needed to design, build, implement and manage these cutting-edge technologies. The majority of IT organizations aren't prepared for the battle, even as the war for talent rages on.A Continuing Talent Crisis According to a report by the Corporate Executive Board (CEB), a member-based advisory and consulting company, almost 80 percent of IT organizations don't provide training, coaching or education for skills they expect will increase in importance, and 61 percent don't have skills forecasts for IT as a whole. Organizations without a clear plan to address these needs risk getting left behind, says Andrew Horne, managing director of CEB.To read this article in full or to leave a comment, please click here Read More Popular Android apps fail basic security tests, putting privacy at risk Instagram and Grindr stored images on their servers that were accessible without authentication Read More IBM secures SoftLayer with Intel trusted modules Intel's Trusted Execution Technology helps the IBM cloud service meet stringent compliance and auditing regulations Read More
	SLIDESHOWS 7 sexy smartphone technologies coming your way A slew of new technological features are (or could be) coming to future smartphones. Here are seven that have been in the news over the last few years. JOIN THE NETWORK WORLD COMMUNITIES As network pros you understand that the value of connections increase as the number of connections increase, the so called network effect, and no where is this more evident than in professional relationships. Join Network World's LinkedIn and Facebook communities to share ideas, post questions, see what your peers are working on and scout out job applicants (or maybe find your next opportunity). Network World on Facebook Network World on LinkedIn MOST-READ STORIES of 2014 1. Debunking the top open source myths 2. UCLA, Cisco & more join forces to replace TCP/IP 3. Internet of Overwhelming Things 4. iPhone 6 rumor rollup for the week ending Sept. 5 5. Windows Phone 8.1 and its first update could appear this week 6. 11 open source security tools catching fire on GitHub 7. Just five gangs in Nigeria are behind most Craigslist 8. Top 20 colleges for computer science majors, based on earning potential 9. Popular Android apps fail basic security tests, putting privacy at risk 10. Why you shouldn't change your password
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy When accessing content promoted in this email, you are providing consent for your information to be shared with the sponsors of the content. Please see our Privacy Policy for more information. If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2014 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **