Microsoft's feature-rich SSL-VPN; Internet hit by wave of ransom malware

	Internet hit by wave of ransom malware | Energizer Bunny's software infects PCs
	Network World Security Alert				Forward this to a Friend >>>
	Network World test: Microsoft delivers feature-rich SSL-VPN We tested Whale Communications' SSL VPN back in 2003 and the product didn't fare very well. Microsoft bought Whale in 2006, jettisoned some of the strange idiosyncracies of the product, dramatically simplified management, and subsequently integrated several Vista and Windows 7 technologies. Read More WHITE PAPER: Qwest Connecting to Better Customer Service Less than a third of surveyed IT executives believe their companies are "highly effective" at adapting to changing customer needs and priorities. Businesses that build a robust voice and data network infrastructure can achieve a high level of responsiveness, and transform customer information and feedback into actionable results. Click here. In this Issue Internet hit by wave of ransom malware Energizer Bunny's software infects PCs PCI DSS logging: A must for compliance Software development and quality assurance How we tested Microsoft Forefront UAG Thailand approves credit card hacker's extradition to US Hold Vendors Liable for Buggy Software IBM looks to pair security technologies for software development FBI Director: Hackers have corrupted valuable data DHS Crowdsources Ideas for Cybersecurity Campaign Password application gives wrong info to fraudsters Microsoft's tax-for-hacks 'horrible' idea, say security experts Implicit whitelisting blocks malware instead of productivity Does your laptop's Wi-Fi make it more vulnerable to thieves? RSA Conference 2010 and Security B-Sides Recap E-GUIDE: Compuware 5 Tips for Getting the Best Web App Performance This eBook, compiled by Network World, explores the pressing issues, from dealing with outages and evaluating performance monitoring services, to the impact of virtualization. Get expert tips to optimize your Web apps. Click to continue Internet hit by wave of ransom malware Criminals re-used an attack from 2008 to hit the Internet with a huge wave of ransomware in recent weeks, a security company has reported. Read More Energizer Bunny's software infects PCs The Energizer Bunny infects PCs with backdoor malware, the Department of Homeland Security's US-CERT said. Read More PCI DSS logging: A must for compliance The PCI DSS continues its march from the largest to the smallest merchants, affecting the way thousands of organizations approach security. PCI DSS applies to all organizations that handle credit-card transactions or that store or process payment-card data. Read More Software development and quality assurance SQA must aim to uncover all program problems even though in practice, that's not possible for most programs. At best, we are reducing the likelihood that defective programs will enter production. Since the cost of rectifying errors grows by about ten times with each stage of development, it's sensible to incorporate SQA at every step of the system development life cycle. Read More How we tested Microsoft Forefront UAG We tested Forefront UAG using Microsoft's virtualization technology. Microsoft brought in a set of virtual machines which included the UAG server itself, as well as a set of pre-installed Microsoft business applications, including Exchange (2007 and 2010) and Sharepoint. Read More WHITE PAPER: BeyondTrust Building a Secure and Compliant Windows Desktop While removing administrator rights from end users may be the Holy Grail of desktop security, doing so can have an impact on what end users need to do their jobs. Read this white paper to discover powerful strategies to effectively remove administrator rights and improve desktop security. Read Now Thailand approves credit card hacker's extradition to US A Thai court has approved the extradition to the U.S. of a Malaysian man allegedly involved in hacking credit card information, causing massive losses for victims in the U.S. Read More Hold Vendors Liable for Buggy Software A security coalition offers enterprises contract language that requires software vendors to use programming techniques that close common security loopholes. Read More IBM looks to pair security technologies for software development Former Watchfire and Ounce Labs capabilities would be partnered in an enterprise-level product to be released later this year Read More FBI Director: Hackers have corrupted valuable data Hackers breaking into businesses and government agencies with targeted attacks have not only stolen intellectual property, in some cases they have corrupted data too, the head of the U.S. Federal Bureau of Investigation said Thursday. Read More DHS Crowdsources Ideas for Cybersecurity Campaign The U.S. Department of Homeland Security is looking to Internet users for new ways of getting its cybersecurity message out, and before you ask, the agency says that the method chosen "may under no circumstance create spam." Read More WHITE PAPER: Microsoft Direct Access and UAG Better Together Direct Access (DA) is a game-changing technology for remote access in your company; removing the need for a VPN all together. Within Microsoft, we've seen great productivity benefits to end users. We surveyed users from our DA pilot and over 87% saw instant productivity gains, overall resulting in net benefit of ~1 hour each day for users. Furthermore, Microsoft operations is saving costs by things such as not having to convert internet connected sites to dedicated lines. For more information on the business value of DA and Microsoft's implementation, watch the Direct Access MSIT video. Learn More Now Password application gives wrong info to fraudsters Germany's Fraunhofer Institute for Secure Information Technology is selling a mobile phone application that offers a unique feature over other password-storage applications. Read More Microsoft's tax-for-hacks 'horrible' idea, say security experts Microsoft's idea that the fight against malware could be funded by an Internet tax is "horrible," an analyst said Thursday as other experts weighed in on a recent comment by the company's security chief. Read More Implicit whitelisting blocks malware instead of productivity Application whitelisting is one way to ensure that unwanted software doesn't execute in your environment. Traditional whitelisting products are often too restrictive; they inhibit productivity when workers can't access the applications they need. Savant Protection offers a whitelisting solution that takes its cue from the applications your users already have installed. This helps you get control without breaking the endpoint. Read More Does your laptop's Wi-Fi make it more vulnerable to thieves? It was a startling claim: Like a virtual trail of cookie crumbs, your laptop could be beaming out invisible signals that are attracting intrepid thieves armed with a common $5 gadget. Read More RSA Conference 2010 and Security B-Sides Recap Didn't make it to this year's RSA conference or B-Sides San Francisco? Here's what you missed. Read More
	Join us on LinkedIn Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today! - Jeff Caruso, Executive Online Editor Forrester Research and Network World want to hear from you! We are collaborating to conduct an on-line-based study focused around data center strategy. The survey should take approximately 12 to 15 minutes to complete. This is both a confidential and anonymous survey and your results will only be used in aggregate. As a special thankyou, all respondents will receive a free copy of the resulting research report from Forrester – a $500 value! Thank you for taking the time to fill out the survey. Today from the Subnet communities Massive giveaway from Cisco Subnet: 50 copies of the Cisco Press CCNP Cert Kits kits are up for grabs. Deadline March 31. 15 books on Microsoft PerformancePoint business analytics available, too. SLIDESHOWS 7 most useful Firefox add-ons Some "add-on apps" work well enough to replace a standalone desktop application. Here are seven add-ons that transform Firefox into a fully functioning application. Fave raves: IT pros' favorite products We asked readers about their favorite must-have network products and found there's a lot of love for products that can automate manual processes, improve visibility and management, and speed performance for end users. Products that save money are also, not surprisingly, big favorites. MOST-READ STORIES Report: North Korea develops own Linux distribution Researchers find way to zap RSA security scheme 19 weird but real gadgets and gizmos Former NSA tech chief: I don't trust the cloud The man behind Microsoft's Windows Phone design More speculation on Cisco's March 9 announcement Sony takes aim at Apple iPhone, iPad and iTunes New exploit technique nullifies major Windows defense Ten of the world's strangest social networks Q&A: Verizon's LTE road map for 2010 and beyond
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **