Friday, July 23, 2010

Black Hat talk on hacker fingerprints; New "Kraken" GSM-cracking software released

New 'Kraken' GSM-cracking software is released | 15 summer vacation ideas for geeks

Network World Compliance

Forward this to a Friend >>>


Black Hat talk to reveal analysis of hacker fingerprints
Looking deeper within malware yields fingerprints of the hackers who write the code, and that could result in signatures that have a longer lifetime than current intrusion-detection schemes, says one Black Hat 2010 speaker. Read More


WHITE PAPER: MessageLabs

Top Ten Web Threats and how to eliminat
This paper raises real challenges for IT managers who have to protect the business against malware, keep internet bandwidth available for legitimate business needs and enforce acceptable use policies for the human resource department. Read Now.

In this Issue


WHITE PAPER: Qualys

Justifying IT Security
The goal of a security program is to choose and implement cost effective countermeasures that mitigate the vulnerabilities that will most likely lead to loss. This paper discusses the management of Risk and how Vulnerability Management is one of the few counter-measures easily justified by its ability to optimize risk. Read now!

New 'Kraken' GSM-cracking software is released
The (Global System for Mobile Communications) technology used by the majority of the world's mobile phones will get some scrutiny at next week's Black Hat security conference, and what the security researchers there have to say isn't pretty. Read More

15 summer vacation ideas for geeks
From Star Trek and Space Camp to baseball minutiae, vintage video games, anime, pirates, Harry Potter and They Might Be Giants, there's a vacation option for any type of geek this summer Read More

IBM device secures online banking
IBM this week rolled out a security device it says will protect online banking and keep cyber-criminals from being able to make fraudulent funds transfer even from a compromised PC. Read More

VeriSign takes new tack with malware scanning and SSL certificates
VeriSign has begun offering free malware scanning services to customers that use its SSL certificates. The goal is to make sure those customers' Web sites aren't inadvertently hosting malware that could infect visitors. Read More

Dell offering free Web browser security tool
Dell, through its Kace unit, is making available free Web browser security software that works by creating a protective "sandbox" on the desktop to isolate the user's desktop from malware or other harmful actions that might be encountered browsing the Web. Read More


WEBCAST: Infoblox

Learn 4 Concepts to Network Automation
Join this webinar to learn where to start introducing network automation into your organization so you can: • Address Hidden IT Costs • Support Key Initiatives • Achieve Operational Optimization • Apply IT Resources More Strategically View Now!

Fake femme fatale shows social network risks
Social networking pages featuring the profile of a fake Navy cyberthreat analyst attracted some 300 friends in the intelligence, military and security communities in an experiment conducted by a security researcher. Read More

Gain the upper hand on governance and compliance with SaaS-based SecureGRC
Most of the governance, risk and compliance automation tools on the market are aimed at large enterprises with complex environments and deep resources. But smaller companies need governance and must meet compliance mandates, too. Now these companies have the option of a SaaS-based GRC solution that comes with a low subscription rate rather than a high purchase price. Read More

Defcon social engineering contest stirs concerns
A capture-the-flag-style competition slated to take place at Defcon later this month has raised eyebrows at a number of companies who are concerned they will be embarrassed or negatively impacted in some way. CSO first reported the CTF challenge earlier this month in Defcon contest to spotlight social engineering. The challenge asks contestants to collect information about a "target" company, which they are assigned to by contest coordinators at the web site social-engineer.org. Read More

Design that ensures security, also emphasizes style
Can security, often seen as obvious and ugly, actually be stylish and suitable for a building? Architect Rick Reeder gives us a tour of a property he designed with artful security as the goal Read More

Corporate ID theft hits Georgia businesses
Just days after Colorado officials warned businesses about scammers who are forging corporate identities to commit financial fraud, an official in Georgia said the same has been happening in that state as well. Read More


WHITE PAPER: MessageLabs

The Wild, Wild Web: How to Ensure 360-Degree Border Security
Managing the security and availability of Web, email, and IM is complex. This paper will discuss the modern threat of blended attacks from web, email and IM. and highlight how a comprehensive hosted solution by Symantec Hosted Services can secure your networks from these threat vectors. Read Now

Google calls, raises Mozilla's bug bounty for Chrome flaws
Google this week hiked bounty payments for Chrome bugs to a maximum of $3,133, up almost $2,000 from the previous top dollar payout of $1,337. Read More

Security Claim: Most Home Routers Vulnerable to Hack
An engineer from security firm Seismic claims he will soon release instructions on how to hack millions of wireless routers commonly used in residential Internet connections. The how-to hack instructions are part of what has become an annual chest-beating by speakers at the Black Hat security conference that hype their keynotes with end-of-PC-security-as-we-know-it promises. Read More

Drop 'responsible' from bug disclosures, Microsoft urges
Microsoft today pitched its own proposal for how software makers react to bugs reported by researchers, calling for a name change to describe the process it prefers. Read More

Mozilla patches 16 security bugs in Firefox 3.6
Mozilla on Tuesday patched 16 vulnerabilities, nine of them critical, in Firefox 3.6, the largest update for the open-source browser since March. Read More

After worm, Siemens says don't change passwords
Although a newly discovered worm could allow criminals to break into Siemens' industrial automation systems using a default password, Siemens is telling customers to leave their passwords alone. Read More

DHS, vendors unveil open source intrusion detection engine
An open source foundation partially funded by the U.S. Department of Homeland Security unveiled an open source engine it said improves on past technologies built to detect and prevent network intrusions. Read More

Zscaler adds e-mail to security service
Security service provider Zscaler has added e-mail filtering to its Web filtering product. Read More



Join us on LinkedIn

Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today!
- Jeff Caruso, Executive Online Editor

Books for you from Microsoft Subnet and Cisco Subnet

Throw your name in the hat for a complete CompTIA Security+ study guide and the SharePoint bible, Essential SharePoint 2010. Deadline July 31. Enter today!

SLIDESHOWS

Say what?
Earlier this month, Microsoft's chief operating officer made a statement that sent everyone's jaws a-dropping. "It looks like the iPhone 4 might be their Vista, and I'm OK with that," he said during a keynote speech at the company's annual partner conference. It got me thinking about quotes that have and will go down in history from the industry's most famous executives. Can you guess who made the following statements?

15 summer vacation ideas for geeks
From Star Trek and Space Camp to baseball minutiae, vintage video games, anime, pirates, Harry Potter and They Might Be Giants, there's a vacation option for any type of geek this summer.

MOST-READ STORIES

  1. Fake femme fatale shows social network risks
  2. Is open source Snort dead? Depends who you ask
  3. Dell warns of malware on server motherboards
  4. Is ubiquitous encryption technology on the horizon?
  5. Firefox lets hackers grab your passwords
  6. USB 3.0: Five Things You Need to Know
  7. Defcon social engineering contest stirs concerns
  8. Say what?
  9. Nearly 13 Million Have Been Hit With Identity Theft
  10. Is Windows Phone 7 really a "disaster"?

Do You Tweet?
Follow everything from NetworkWorld.com on Twitter @NetworkWorld.

You are currently subscribed to networkworld_compliance_alert as networking.world@gmail.com.

Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Network World, please send an e-mail to customer_service@nww.com.

Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **


No comments: