Apple delivers record monster security update

	Cisco releases semiannual security advisories | Sourcefire to add blocking capabilities to virtualization security wares
	Network World Security				Forward this to a Friend >>>
	Apple delivers record monster security update Apple today patched 92 vulnerabilities, a third of them critical, in a record update to its Leopard and Snow Leopard operating systems. Read More WEBCAST: Oracle Identity and Access Governance – What You Need to Know Live Webcast: Wednesday, May 5th at 1pm ET/10 am PT. Oracle presents a timely event featuring the Burton Group's, Kevin Kampman, who will provide an overview of the latest technology for identity management. Get guidance on compliance, security, identity management and other topics and participate in a live Q&A. Register Today! In this Issue Cisco releases semiannual security advisories Sourcefire to add blocking capabilities to virtualization security wares Tech Secrets: 21 Things 'They' Don't Want You to Know Facebook Mulls Privacy Changes, Causes More Outrage Microsoft to patch IE zero-day with emergency fix Tuesday N.Y. man sues McAfee over antivirus auto-renewal fees Bugs & Fixes: Patch Problem Uncovers Hidden Infection JC Penney tried to block publication of data breach Managing iPad Security Weaknesses Geolocation 101: How It Works, the Apps, and Your Privacy Directory service wish list still rings true How to protect access to Web-based applications WHITE PAPER: ArcSight Building a Successful Security Operations Center This paper outlines industry best practices for building and maturing a security operations center (SOC). For those organizations planning to build a SOC or those organizations hoping to improve their existing SOC this paper will outline the typical mission parameters, the business case, people considerations, processes and procedures, as well as, the technology involved. Building a Successful Security Operations Center Cisco releases semiannual security advisories Cisco this week published its semiannual IOS software security advisory, which actually includes seven advisories on 11 vulnerabilities. The vulnerabilities could result in remote code execution or a denial of service, Cisco says. Cisco says it also issued software releases that correct all 11 vulnerabilities. Read More Sourcefire to add blocking capabilities to virtualization security wares Sourcefire's software for protecting VMware and Xen virtualization environments is limited to monitoring and intrusion detection. Full-blown intrusion protection with blocking capability is in the works. Read More Tech Secrets: 21 Things 'They' Don't Want You to Know Yes, the truth is out there. But they don't want you to know about it. Read More Facebook Mulls Privacy Changes, Causes More Outrage Facebook users are expressing strong disapproval of proposed privacy changes that will let the site share some user information with third-party Web sites and applications. Read More E-GUIDE: HP ProCurve Standards to Soothe Networking Headaches Is you network comprised of multiple switching tiers running proprietary protocols capable of handling next-generation applications? This Network World eBook looks at open, virtual switching, unified fabrics and bandwidth of 10 Gigabit Ethernet and more. Get expert advice on how to turn your network into a more simplified, open infrastructure. Read Now. Microsoft to patch IE zero-day with emergency fix Tuesday Microsoft today announced it will issue an emergency security update for Internet Explorer tomorrow to patch a zero-day vulnerability that has been used to launch drive-by attacks for at least several weeks. Read More N.Y. man sues McAfee over antivirus auto-renewal fees The New York man who sued Symantec two months ago for automatically renewing his subscription to that company's antivirus software has doubled down by suing rival McAfee over the same practice. Read More Bugs & Fixes: Patch Problem Uncovers Hidden Infection The infamous Blue Screen of Death made a surprise appearance in February--as a malware herald. Read More JC Penney tried to block publication of data breach Retailer JC Penney fought to keep its name secret during court proceedings related to the largest breach of credit card data on record, according to documents unsealed on Monday. Read More WHITE PAPER: Splunk Make IT Data a Strategic Asset This paper outlines the struggles organizations face managing silos of IT data and how, using Splunk, users are changing the way they do their jobs and elevating the role of IT in their organizations. Learn More! Managing iPad Security Weaknesses Apple is like the Disney of technology--always adding a dash of "magic" to its products. Apple has an established base of dedicated fans of the user experience on its various Mac OS X products, and it has had the Midas touch when it comes to portable devices like the iPod, and the iPhone. However, Apple still needs to come up with a spell that wards off evil spirits. Read More Geolocation 101: How It Works, the Apps, and Your Privacy Facebook wants to know "What's on your mind?" Twitter asks "What's happening?" But that's getting old already. The burning question for the next wave of social networking is "Where are you?"--and services like Foursquare, Gowalla, Brightkite, and Loopt want you to use your smartphone to answer it. Read More Directory service wish list still rings true In our periodic look back to what was happening 10 years ago, it's always fascinating to see some of the same topics show up that are in the forefront of our discussions today. The newsletters from March 2000 are no exception. Read More How to protect access to Web-based applications As more companies begin to rely on Web-based applications, questions arise about the security of such applications. One weak link in the security chain is user authentication. User IDs and passwords are insufficient to protect your business from unauthorized access. This article describes a Web-based service that provides multi-factor authentication for applications in the cloud. Read More
	Join us on LinkedIn Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today! - Jeff Caruso, Executive Online Editor The Future of Big Iron Do your IT plans include mainframes? Participate in this Aberdeen survey and see how your plans stack up to those of peers in terms of on what core applications are staying on mainframes and where the industry is headed in operating and software architecture. The goal is to get an accurate picture of the opportunity for expanded utilization, the role of 3rd-party support, and overall objectives with respect to distributed, outsourced, heterogeneous and centralized computing paradigms. Aberdeen will also establish a baseline for performance and a set of best practices for improving the efficiency and utilization of mainframe computing technologies. All survey respondents will receive a free copy of the resulting research. Today from the Subnet communities Massive giveaway from Cisco Subnet: 50 copies of the Cisco Press CCNP Cert Kits kits are up for grabs. Deadline March 31. NEW! 15 books on Microsoft System Center Operations Manager (OpsMgr) 2007 R2 available, too. SLIDESHOWS 5 things we love/hate about Novell's SUSE Studio Users might have a love/hate relationship with Novell's SUSE Studio. Here are five things we love and five things we disliked about the product. CEO payday: What tech's top execs made in '09 The recession took its toll on tech CEOs' compensation in 2009, but not everyone lost. MOST-READ STORIES CEO payday: What tech's top execs made in '09 Microsoft to patch IE zero-day with emergency fix Tuesday Apple now shipping iPads Video surveillance deployed inside London public bathrooms N.Y. man sues McAfee over antivirus auto-renewal fees Sprint readies big internal announcement? Is Cisco 'too big to fail?' Yahoo proposes 'really ugly hack' to DNS Microsoft defends Windows 7 security after Pwn20wn hacks IT managers could avoid grief by curtailing admin rights in Windows
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **