Microsoft Binary Planting Bug: What You Need to Know

	Hacking your Web browser in 7 easy steps | Rustock botnet ditches encryption to ramp spam
	Network World Security				Forward this to a Friend >>>
	Microsoft Binary Planting Bug: What You Need to Know Microsoft released a security advisory in response to a potential exploit, known as DLL preloading or binary planting, which has been found to impact hundreds of third-party Windows applications--possibly including software developed by Microsoft itself. Unfortunately, this isn't a simple Windows vulnerability that Microsoft can fix with its next patch release, so it's important that you understand the flaw and what is at risk, as well as what you can do to protect your systems. Read More WHITE PAPER: Tripwire Where Compliance and Data Protection Overlap Today's CISOs face more challenges than ever, including increased and more sophisticated threats, complex IT environments, decreased budgets, and greater compliance pressures. But these challenges present opportunity. Learn how CISOs can play these challenges to their advantage to meet both data protection and compliance demands. Read More! In this Issue Hacking your Web browser in 7 easy steps Rustock botnet ditches encryption to ramp spam I Can Stalk U: Geotagged Pics Worth More Than 1,000 Words TDE vs Column Encryption Survey highlights wish list for communication systems Worried About ID Theft? Join the Club Hackers bait Zeus botnet trap with dead celeb tales iTunes Scam: How to Protect Yourself Philadelphia wants bloggers to start paying taxes LDAP misconceptions live on Giant W.A.S.P Sniffs Out Insecure Wi-Fi Researcher arrested for alleged voting machine theft WHITE PAPER: ArcSight Building a Successful Security Operations Center This paper outlines industry best practices for building and maturing a security operations center (SOC). For those organizations planning to build a SOC or those organizations hoping to improve their existing SOC this paper will outline the typical mission parameters, the business case, people considerations, processes and procedures, as well as, the technology involved. Building a Successful Security Operations Center Hacking your Web browser in 7 easy steps Plug-ins, extensions, add-ons -- leading browsers are fast becoming rich platforms for customizing your Web experience Read More Rustock botnet ditches encryption to ramp spam The Rustock mega-botnet appears to have ditched the experimental use of TLS (transport layer security) to obscure its activity, Symantec has reported. Read More I Can Stalk U: Geotagged Pics Worth More Than 1,000 Words Have stalkers found paradise at the "I Can Stalk U" site which reveals exact geotagged locations when people tweet their photos? Read More TDE vs Column Encryption SQL Server 2008 introduced a great new feature called TDE, Transparent Data Encryption. It allowed a database to be completely encrypted without having to change the applications that access it. It is referred to as encryption for "data at rest". But what about data in motion? That's where column-level encryption pays off to provide end-to-end encryption. Read More WHITE PAPER: Websense Seven Criteria for Evaluating SaaS The right Security-as-a-Service solution can perform reliably and effectively and deliver the flexibility and control associated with on-premise solutions — at a significantly lower cost — without compromising privacy and security. Read More Survey highlights wish list for communication systems ShoreTel announced the results of a recent survey that identifies the latest communications system needs and priorities of CIOs and IT/Telecom Professionals. The survey was taken from prospective ShoreTel customers, and the 475 participants clearly spelled out many of the issues vendors must address if they are to satisfy customer communication needs. Read More Worried About ID Theft? Join the Club Nearly two-thirds of Americans are concerned that information about their bank accounts, credit cards and identity may be stolen from their computers, according to a survey released today by a provider of identity theft protection services. Read More Hackers bait Zeus botnet trap with dead celeb tales Spam messages touting fictional tales of celebrity deaths are prompting users to open attachments that are adding their machines to the Zeus botnet. Read More iTunes Scam: How to Protect Yourself In recent weeks, more and more iTunes users have been reporting fraudulent activity on their Apple accounts, reporting hundreds or even thousands of dollars worth of bogus purchases. With the reports of this type of fraud on the uptick in recent weeks, many users have been quick to blame Apple or PayPal, as many of the affected iTunes accounts were linked to PayPal accounts. Read More WHITE PAPER: Tripwire Where Compliance and Data Protection Overlap Today's CISOs face more challenges than ever, including increased and more sophisticated threats, complex IT environments, decreased budgets, and greater compliance pressures. But these challenges present opportunity. Learn how CISOs can play these challenges to their advantage to meet both data protection and compliance demands. Read More! Philadelphia wants bloggers to start paying taxes If you're a blogger in the city of Philadelphia and make money from your writing, be forewarned. City officials want you to register as a business and pay your fair share of taxes. Read More LDAP misconceptions live on It's that time of the month when we pause and reflect on what we were talking about in this newsletter (and in the IdM community in general) 10 years ago -- in this case, August 2000. Read More Giant W.A.S.P Sniffs Out Insecure Wi-Fi A pair of hackers have created the ultimate gadget for finding unsecured Wi-Fi connections--one made with a surplus US Army drone. "Mike" and "Rich", also known as Rabbit Hole, created the autonomous W.A.S.P (Wi-Fi Aerial Surveillance Platform) to fly around and find people's insecure Internet connections. Read More Researcher arrested for alleged voting machine theft A security researcher who investigated electronic voting machines (EVM) used in Indian elections was arrested by police in Mumbai on Saturday. He is charged with stealing one of the machines, police sources said Monday. Read More
	Join us on LinkedIn Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today! - Jeff Caruso, Executive Online Editor SLIDESHOWS Cloud storage lives up to the hype We tested five cloud-based storage services under real-world conditions. We set up accounts, connected with the vendor storage network, uploaded and downloaded files, measured performance and analyzed cost structures. Our conclusions are that cloud-based storage can save you money. And cloud-based storage can be fast. However, there are still security concerns that you need to be aware of. Wireless networks and mobility quiz iPhones and other handhelds bought for home use are infiltrating corporate networks, but there's a host of other wireless technologies that comprise a wave of mobile computing that is creating sweeping changes in business infrastructure. How well versed are you in the technical and not-so- technical details? MOST-READ STORIES Zero-day Windows bug problem worse than first thought Linux community finally fixes 6-year-old critical bug Intel-McAfee deal baffles security analysts Android 2.2: How to install Flash on Froyo Intel buys McAfee: My two cents Microsoft won't showcase Hyper-V at VMworld Cameron Diaz could wreck your PC, McAfee warns Decorate with Linux Intel to buy McAfee in $7.68 billion blockbuster Does Intel buying McAfee have any impact on open source
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **