| The Cloud Security Newsletter |
| The most trusted source for security and IT professionals | August 2010 Edition |
| |
| | | | | | | | | | LEAD STORY OF THE MONTH | | RESEARCH REPORT: State of the Web Q2 2010 |
|  |
| During the second quarter of 2010, attackers once again took advantage of opportunities just as quickly as they emerged. These opportunities included both the emergence of new vulnerabilities in popular technologies as well as current events that drew the attention of millions around the globe. They were quick to leverage the biggest news stories of the quarter, including the World Cup and release of the iPad. 'Likejacking' and Twitter follower scams continued to rise. Analysis of web traffic revealed that China has surged to a #2 ranking, up from #5 in Q1, when looking at countries hosting the most malicious sites. The State of the Web report details the enterprise threat landscape and the variety of web based issues plaguing internet users.. Learn More  | | | | TECH TALK | | 34 Microsoft Vulnerabilities – Are You Protected? | | On Aug 10, Microsoft released one of its largest monthly patch cycles to date, covering a total of 34 vulnerabilities in 14 advisories including commonly used products such as Silverlight and Internet Explorer. Such patch cycles create a daunting task for enterprises, which must quickly deploy patches to individual systems before exploits emerge, allowing attackers to compromise machines. This challenge is made even more difficult for companies with a mobile workforce where laptop computers may not be online at any given time to permit patches to be pushed to road warriors. In contrast, a cloud delivered security service is able to offer immediate and transparent protection to all users. Learn More | | | | SECURITY INNOVATIONS | Blackhat SEO Victimizing Your Users?
FREE Security Tool Available | | Attackers are abusing SEO in order to ensure that malicious websites are included within the top search results. They target popular search terms and given the resources at their disposal, the attackers are extremely effective injecting malicious results. The pages injected include malicious content that will target and infect PCs using a variety of techniques such as delivering fake antivirus, Flash/Java upgrades, codecs, etc. Unfortunately, search engines are having limited success in blocking such attacks and anti-virus vendors are failing at deploying signatures to detect the malicious binaries included in the attacks due to the rate at which they change. The new security tool will prevent Blackhat SEO attacks by masking the source of requests to malicious pages, ensuring that the attacks are never delivered. Learn More | | | | NEWS HIGHLIGHTS | | Hackers Infiltrate Red Cross Website – Again | | eSecurity Planet | | A new malware scam targeted the Red Cross of Serbia – the second time in five months that hackers have zeroed in on one of the international humanitarian organization's public websites. | | | | Old and Insecure, IE6 Still Popular in the Enterprise | | Threatpost | | the Old Blue Lady of the Web is still a force among enterprise users and that IE6, the notoriously security plagued version, is the browser of choice for one in five employees. | | | | Security Vendors In The Cloud | | CRN | | Channelweb editors look at why the cloud is so important for security vendors today, and call out examples of creative approaches to the cloud. | | | | Zscaler Offers Secure Web Gateway as a Service | | eWeek | | For a look at Zscaler's service in action, check out the gallery by eWeek and read review. | | | | CSA Sets Industry Standard with New User Certification | | Marketwire | | The Cloud Security Alliance today unveiled the industry's first user certification program for secure cloud computing. | | | | SECURITY PRACTITIONER'S COLUMN | | Ulster-Greene ARC Implements Bi-directional Threat Protection |  Ulster-Greene ARC is a non-profit agency that offers a full array of services from birth through adulthood to people who have autism and other developmental and intellectual disabilities. Bart Louwagie, Director of IT, deemed the legacy URL filtering solution ineffective in light of the dynamic nature of Web 2.0. In addition, protection of Personal Health Information (PHI) was a growing concern due to compliance mandates such as HIPAA. Learn More | | | | "We had blocked a lot of websites because we feared the chance that they may contain rogue elements like botnets, even if the website was legitimate." | | - Bart Louwagie, Director of IT | | | | | EDUCATIONAL RESOURCES | | | | Key Differentiators of a Best-of-breed Security Solution | | View Video | | | | Live Webinar: SaaS Web Security | | Date: August 31, 2010 at 11 AM PST / 1 PM EST | | Register Now | | | | Other On-demand Webcasts | | View Webcast | | | | | | | | | If you or your colleagues would like to receive this newsletter, please sign up.
| | | | | | Copyright 2010 Zscaler, Inc.
392 Potrero Avenue, Sunnyvale, CA 94085 | 1.866.902.7811 | webcast@zscaler.com. |  | | |
 |
Note: Your e-mail is in our mailing list as security.world@gmail.com, if you wish to be removed from our mailing list please use the link below to unsubscribe from any future mailings. We will respect all unsubscribe requests Unsubscribe 
No comments:
Post a Comment