Thursday 14 April 2011

FBI, DoJ bomb Coreflood botnet

Did You Hear The One About The Hacker Who Broke In To Steal The Open Source Code? | Firewall security issue raised in report ignites vendors' ire

Network World Security

Forward this to a Friend >>>


FBI, DoJ bomb Coreflood botnet
The US Department of Justice and FBI said today they had filed a civil complaint, executed criminal warrants, and a temporary restraining order as part of what they called the most comprehensive enforcement action ever taken by US authorities to disable an international botnet. The target of this massive effort is Coreflood, which the DOJ labels a particularly harmful type of malicious software that... Read More


RESOURCE COMPLIMENTS OF: Sophos

FREE Data Leakage for Dummies Book from Sophos
You need to protect your company's most valuable asset – your data. Request a book today!

WHITE PAPER: Dell

Guidelines for Choosing a QSA
The independent white paper in this security KnowledgeVault is just one of the resources to help you make the right decision. It details the top 5 questions to ask a prospective QSA firm and offers guidelines on everything from making sure they adequately handle compensating controls to assessing their expertise with virtualization. Learn more.

Did You Hear The One About The Hacker Who Broke In To Steal The Open Source Code?
Sounds like a dumb (take your pick - blonde, nationality, etc.) joke. The hacker who breaks in to steal the source code to an open source project. Pretty stupid you would think, huh? Reminds me of my honeymoon, I was ocean kayaking off the beach in Hawaii. I fell out of the boat and was floundering around on some sharp coral and stuff. I yelled to the lifeguard for help and he yelled back, STAND UP!... Read More

Firewall security issue raised in report ignites vendors' ire
A test by NSS Labs that found firewalls from five vendors are subject in one way or another to remote exploit by hackers has ignited furious response from vendors Fortinet and SonicWall. That NSS Labs study, released this week, says that independent security testing of six separate vendor firewalls showed five of them to be vulnerable to what's known as the "TCP Split Handshake Attack" that lets a hacker fool the firewall into thinking an IP connection is a trusted one behind a firewall. Read More

Microsoft bolsters Office 2003, 2007 security
Microsoft on Tuesday beefed up security in Office 2003 and Office 2007 on Windows by adding a feature that first appeared in the newer Office 2010 last year. Read More


WHITE PAPER: Dell

Defending the Assault on Your Data
Learn how turning to outside help, specifically designed for small and midsized businesses, can affordably provide the protection you need. It's just one of the resources, along with expert Webcasts and IDG security survey results, you'll find in this data security KnowledgeVault. Learn more.

Did Google lie about FISMA? ... Lie is such an ugly word
It's one of those inside-baseball arguments that will make your head hurt if you spend too much time trying to sort through the details, claims and counterclaims. ... Trust me, I've spent too much time on it today. Read More

Sleeping air traffic controllers get federal wake-up call
After yet another incident where an air traffic controller fell asleep on an overnight shift, causing airliners to divert to other airports and raising general havoc, the FAA said today it will add controllers to 27 airports currently staffed by one person at night. One has to wonder what took so long? Read More

Researchers out to defend Android users from privacy thieves
For Google Android, the best selling mobile OS in the world by some accounts, that popularity comes with a predictable price: Hackers, malware writers and other ne'er-do-wells are all over it. Read More


WHITE PAPER: Sophos

Why Hackers have turned to Malicious JavaScript Attacks
Reaching unsuspecting users through the web is easy and effective and hackers now use sophisticated techniques—like injecting inline JavaScript—to spread malware. Learn more about this threat, how it works and how cybercriminals make money with these types of attacks. Read now.

Epsilon breach: When should almost public info be private?
A press feeding frenzy followed the somewhat vague April Fools Day announcement by Epsilon Data Management that someone had hacked into its systems and stolen a bunch of email addresses. The addresses were of people who had "opted in" for email marketing by a bunch of major vendors such as Target and Red Roof Inns, and many of the vendors sent announcements of the breach to their customers (I got such an announcement from a vendor I had purchased a present from for my wife. The announcement did not say all that much, essentially it told me to "be careful".). Read More

Privacy activist to challenge BT, Phorm decision
A privacy activist plans to ask for a judicial review of British prosecutors' decision not to bring a case against BT and the online advertising company Phorm for running secret trials of a system that monitored peoples' Internet use without their consent. Read More

Electronic messaging inherently insecure
Electronic messaging has made us all more connected and more productive. No longer do we have to wait for the mailman to arrive or arrange a mutually convenient time to meet or speak on the phone. Read More

Record-breaking Microsoft patch day affects all versions of Windows
As expected, Microsoft released a record-breaking, massive number of patches today that affects all versions of Windows and Office -- including its cloud apps -- and addresses some long-standing holes that hackers have been exploiting in the wild. Read More

SOURCE Boston: Two views on infosec interviewing, hiring
It's one thing to be a capable infosec professional. It is something else to be capable at managing your own career -- knowing how to land the right job yourself or, as a manager, to spot and hire the kind of talent that will improve both your organization and your career prospects. Read More



GOODIES FROM THE SUBNETS
Up for grabs from Microsoft Subnet: a 5-day Microsoft Licensing Tricks class teaching negotiation tips; a Polycom system. From Cisco Subnet: 15 copies of Cisco Unity books. Enter here.

SLIDESHOWS

Internet2's Top 10 firsts and other achievements
As Internet 2 celebrates its 15th anniversary, here are 10 major achievements and firsts.

MOST-READ STORIES

  1. Hacker 'handshake' hole found in common firewalls
  2. Why didn't Cisco attempt to sell the Flip unit?
  3. Cisco urged to fold more than Flip
  4. IRS e-filing system turns 25
  5. Berners-Lee: Web access is a 'human right'
  6. Military wants full disk encryption for smartphones
  7. VMware's Cloud Foundry opens PaaS
  8. What would a revamped Cisco look like?
  9. 7 dirty consultant tricks (and how to avoid them)
  10. Can IPS appliances remain useful in a virtual-machine world?

Do You Tweet?
Follow everything from NetworkWorld.com on Twitter @NetworkWorld.

You are currently subscribed to networkworld_security_alert as lisab509.pcnews@blogger.com.

Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Network World, please send an e-mail to customer_service@nww.com.

Copyright (C) 2011 Network World, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **


No comments:

Post a Comment