Up and down Zeus botnets; Schneier's latest privacy effort

	Schneier: Fight for privacy or kiss it good-bye | Practical priorities in PCI DSS logging
	Network World Compliance Alert				Forward this to a Friend >>>
	After takedown, botnet-linked ISP Troyak resurfaces Last week FBI Director Robert Mueller called the fight against hackers "the cyber equivalent of cat-and-mouse." On Wednesday security experts trying to take down the Zeus botnet got a taste of what he meant. Read More ARTICLE: IBM NWW Improving the security of web applications starts by building software securely.IBM Rational AppScan is a suite of Web application vulnerability scanners that include dynamic and static analysis capabilities. Now you can engage more testers earlier in the development cycle. Try it for yourself.Download an evaluation copy of IBM Rational AppScan. Click to continue In this Issue Schneier: Fight for privacy or kiss it good-bye Practical priorities in PCI DSS logging What Are the Most Overrated Security Technologies? PCI DSS logging: A must for compliance Biometrics: What, Where and Why Pennsylvania fires CISO over RSA talk Tighter security coming for .org names IE zero-day exploit code goes public Cyberattacks raise e-banking security fears Hackers love to exploit PDF bugs, says researcher Former TSA analyst charged with computer tampering Kaspersky invents security suite for 'expert' user Phishers widen their net to target new businesses WHITE PAPER: Qwest Connecting to Better Customer Service Less than a third of surveyed IT executives believe their companies are "highly effective" at adapting to changing customer needs and priorities. Businesses that build a robust voice and data network infrastructure can achieve a high level of responsiveness, and transform customer information and feedback into actionable results. Click here. Schneier: Fight for privacy or kiss it good-bye If the public wants online privacy it had better fight now for laws to protect it because businesses won't and individuals don't have the clout, security expert Bruce Schneier told RSA Conference. Read More Practical priorities in PCI DSS logging PCI security guidance mandates not only the creation of logs and retention, but also their review. It is essential that your logging policy and procedures cover such daily review tasks, whether using log management tools or manually. Read More What Are the Most Overrated Security Technologies? Which security technologies are IT shops putting too much faith in? Some readers weigh in. Read More PCI DSS logging: A must for compliance The PCI DSS continues its march from the largest to the smallest merchants, affecting the way thousands of organizations approach security. PCI DSS applies to all organizations that handle credit-card transactions or that store or process payment-card data. Read More WHITE PAPER: IBM NWW Profiting from PCI Compliance Working together, the major payment card providers have developed a set of data security standards and created a council for enforcing them. For many companies, regulatory compliance can already be an overwhelming and confusing area to navigate, and the need to comply with the PCI DSS might feel like yet another burden. Learn More Now Biometrics: What, Where and Why Biometrics encompasses a variety of methods for ensuring identity based on physical or behavioral traits. Conventional identifying traits include fingerprints, face topology, iris structure, hand geometry, vein structure, voice, signature and keystroke recognition. Emerging technologies analyze characteristics such as gait, odor, and ear shape. Rather than being used in isolation, biometrics systems are increasingly becoming multimodal, an approach that serves both to increase security and overcome failure-to-enroll problems. Read More Pennsylvania fires CISO over RSA talk Pennsylvania's chief information security officer, Robert Maley, has been fired, apparently for talking publicly at the RSA security conference last week about a recent incident involving the Commonwealths online driving exam scheduling system. Read More Tighter security coming for .org names The Public Interest Registry will add an extra layer of security known as DNS Security Extensions (DNSSEC) to the .org domain in June -- a move that will protect millions of non-profit organizations and their donors from hacking attacks known as cache poisoning. Read More IE zero-day exploit code goes public An Israeli researcher has published exploit code for an Internet Explorer zero-day vulnerability that Microsoft had just disclosed on Tuesday. Read More WEBCAST: St. Bernard Get the Instruments You Need to Become an IT Security Hero This online demo shows how you can quickly bullet-proof your internet security with the new iPrism 6.4 web filter, and you'll be entered to win one of the hottest music video games! Learn more Cyberattacks raise e-banking security fears Increasing cyberattacks against the online bank accounts of small and mid-size businesses has prompted growing calls for improved online banking security. Read More Hackers love to exploit PDF bugs, says researcher Hackers adore Adobe Reader, and have pushed it into first place as the software most often exploited in targeted attacks, F-Secure said today. Read More Former TSA analyst charged with computer tampering A U.S. Transport Security Administration analyst has been indicted with tampering with databases used by the TSA to identify possible terrorists who may be trying to fly in the U.S. Read More Kaspersky invents security suite for 'expert' user Kaspersky Lab has invented a new security product that combines bits of its current consumer security suite with new capabilities such as encryption, backup, password management, and the ability to manage the product across a network. Read More Phishers widen their net to target new businesses Cybercriminals are expanding the types of organisations they exploit in phishing attacks, says the Anti-Phishing Working Group (APWG). Read More
	Join us on LinkedIn Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today! - Jeff Caruso, Executive Online Editor The Future of Big Iron Do your IT plans include mainframes? Participate in this Aberdeen survey and see how your plans stack up to those of peers in terms of on what core applications are staying on mainframes and where the industry is headed in operating and software architecture. The goal is to get an accurate picture of the opportunity for expanded utilization, the role of 3rd-party support, and overall objectives with respect to distributed, outsourced, heterogeneous and centralized computing paradigms. Aberdeen will also establish a baseline for performance and a set of best practices for improving the efficiency and utilization of mainframe computing technologies. All survey respondents will receive a free copy of the resulting research. Today from the Subnet communities Massive giveaway from Cisco Subnet: 50 copies of the Cisco Press CCNP Cert Kits kits are up for grabs. Deadline March 31. NEW! 15 books on Microsoft System Center Operations Manager (OpsMgr) 2007 R2 available, too. SLIDESHOWS 21 apps Apple doesn't want on your 3.0 iPhone The following 21 apps today run only on jailbroken iPhones. Some may even prove precursors to features released in future Apple iPhone firmware updates. 10 geeky items you're embarrassed to admit you want Most of us love gadgets. But there is a certain eye-popping reaction when we find a gadget that speaks to our technological selves. Owning such devices would surely be the subject of teasing from those who deny their inner geek, but it would also be the cause of more than a little envy. MOST-READ STORIES Facebook pushing 'Suicide Machine' into an open-source afterlife Shutdown of Zeus botnet controller has researchers wondering Cisco, Microsoft certifications increase high-tech salaries Ex-Sun chief dishes dirt on Gates, Jobs Time flies dept.: Dot-com craze peaked 10 years ago Street Fighter IV for iPhone now available for $10 After takedown, botnet-linked ISP Troyak resurfaces 10 geeky items you're embarrassed to admit you want Tech debate: Google Gmail vs. hosted Microsoft Exchange 10 iPhone wellness apps for comically lazy
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_compliance_alert as networking.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **