Computerworld Virus & Vulnerability Roundup: June 17, 2010 ===============================================================
Hackers exploit Windows XP zero-day, Microsoft confirms Hackers are now exploiting the zero-day Windows vulnerability that a Google engineer took public last week, Microsoft confirmed today. http://cwflyris.computerworld.com/t/6508269/1691691/296240/0/ ~~~~~~~~~~~~~~~~~~~WHITE PAPER: Sepaton~~~~~~~~~~~~~~~~~~~~~ Achieving Lower TCO and Maximum ROI SEPATON recently conducted an analysis of the financial, operational and business aspects of data protection in an enterprise data protection environment. This included an evaluation of the total cost of ownership and return on investment as well as the overall business impact of using a virtual tape library. http://cwflyris.computerworld.com/t/6508269/1691691/296241/0/?3e076d18=YXJjaGl2ZUBtYWlsLWFyY2hpdmUuY29t&x=078d797f ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ IN THIS ISSUE 1. Google researcher gives Microsoft 5 days to fix XP zero-day bug http://cwflyris.computerworld.com/t/6508269/1691691/296242/0/ 2. iPad hacker arrested on multiple drug charges after FBI search http://cwflyris.computerworld.com/t/6508269/1691691/296243/0/ 3. AT&T 'dishonest' about iPad attack threat, say hackers http://cwflyris.computerworld.com/t/6508269/1691691/296244/0/ 4. AT&T apologizes, blames hackers for iPad e-mail breach http://cwflyris.computerworld.com/t/6508269/1691691/296245/0/ 5. Update: FBI probes AT&T's iPad 3G e-mail leaks http://cwflyris.computerworld.com/t/6508269/1691691/296246/0/ 6. iPad e-mail hackers defend attack as 'ethical' http://cwflyris.computerworld.com/t/6508269/1691691/296247/0/ 7. Enough blame to go around in iPad security breach http://cwflyris.computerworld.com/t/6508269/1691691/296248/0/ 8. After attacks, Adobe fixes Flash bug http://cwflyris.computerworld.com/t/6508269/1691691/296249/0/ 9. DNS security reaches 'key' milestone http://cwflyris.computerworld.com/t/6508269/1691691/296250/0/ 10. Security, compliance come before collaboration http://cwflyris.computerworld.com/t/6508269/1691691/296251/0/ 11. Amir Lev: AT&T iPad privacy breach: Goatse email "theft" thoughts http://cwflyris.computerworld.com/t/6508269/1691691/296252/0/ 12. Preston Gralla: Think Linux is free from malware? Think again; it's been hacked. http://cwflyris.computerworld.com/t/6508269/1691691/296253/0/ 13. Guidelines released for antivirus software tests http://cwflyris.computerworld.com/t/6508269/1691691/296254/0/ 14. Steven J. Vaughan-Nichols: Why are you still running Windows XP SP2!? http://cwflyris.computerworld.com/t/6508269/1691691/296255/0/ 15. Mitch Wagner: 9 tips for securing your iPad http://cwflyris.computerworld.com/t/6508269/1691691/296256/0/ 16. Election hacking http://cwflyris.computerworld.com/t/6508269/1691691/296257/0/ ~~~~~~~~~~~~~~~~~~~RESOURCE COMPLIMENTS OF: Microsoft~~~~~~~~~~~~~~~~~~~~~ DirectAccess and UAG: Better Together Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess http://cwflyris.computerworld.com/t/6508269/1691691/243858/0/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Google researcher gives Microsoft 5 days to fix XP zero-day bug A Google engineer today published attack code that exploits a zero-day vulnerability in Windows XP, giving hackers a new way to hijack and infect systems with malware. http://cwflyris.computerworld.com/t/6508269/1691691/296242/0/ iPad hacker arrested on multiple drug charges after FBI search One of the hackers in the group that snatched more than 100,000 iPad owner e-mail addresses from AT&T's servers was arrested Tuesday on felony drug charges after the FBI searched his Arkansas home http://cwflyris.computerworld.com/t/6508269/1691691/296243/0/ AT&T 'dishonest' about iPad attack threat, say hackers The hackers who harvested more than 100,000 Apple iPad 3G owner e-mail addresses blasted AT&T as "dishonest" today, and said the group has an exploit it or others could have used against all iPad owners. http://cwflyris.computerworld.com/t/6508269/1691691/296244/0/ AT&T apologizes, blames hackers for iPad e-mail breach AT&T issued an apology on Sunday for a hack that exposed thousands of iPad customers' e-mail addresses last week and vowed to work with law enforcement to prosecute those responsible. http://cwflyris.computerworld.com/t/6508269/1691691/296245/0/ Update: FBI probes AT&T's iPad 3G e-mail leaks The U.S. Federal Bureau of Investigation has opened an investigation into the leak of an estimated 114,000 Apple iPad user e-mail addresses. http://cwflyris.computerworld.com/t/6508269/1691691/296246/0/ iPad e-mail hackers defend attack as 'ethical' The hackers who harvested an estimated 114,000 Apple iPad 3G owner e-mail addresses defended their actions Friday as "ethical" and said they did nothing illegal. http://cwflyris.computerworld.com/t/6508269/1691691/296247/0/ Enough blame to go around in iPad security breach The leader of a security research firm and AT&T traded angry words Monday in the wake of last week's data breach that exposed the e-mail addresses of 114,000 iPad 3G users. The carrier called the behavior of Goatse Security "malicious," while the security firm countered that AT&T was "being dishonest about the potential for harm." But both sides have plenty to answer for in how they've handled this security situation. http://cwflyris.computerworld.com/t/6508269/1691691/296248/0/ After attacks, Adobe fixes Flash bug Less than a week after fielding reports that hackers were targeting a bug in its Flash Player software, Adobe Systems has rushed out a fix for the problem. http://cwflyris.computerworld.com/t/6508269/1691691/296249/0/ ~~~~~~~~~~~~~~~~~~~WHITE PAPER: Sepaton~~~~~~~~~~~~~~~~~~~~~ Foxwoods, the Worlds Largest Resort Casino Bets on SEPATON Foxwoods turned to SEPATON for a simple and effective way to store, protect and manage their data when their tape-based data protection systems could no longer handle the volume of data being generated by these systems and the complexity of their infrastructure could no longer handle tape backup. http://cwflyris.computerworld.com/t/6508269/1691691/296258/0/?3e076d18=YXJjaGl2ZUBtYWlsLWFyY2hpdmUuY29t&x=f1431857 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ DNS security reaches 'key' milestone The dream of bolting security onto the Internet's Domain Name System takes one step closer to reality Wednesday as Internet policymakers host a ceremony in Northern Virginia to generate and store the first cryptographic key that will be used to secure the Internet's root zone. http://cwflyris.computerworld.com/t/6508269/1691691/296250/0/ Security, compliance come before collaboration Enterprise 2.0 strategies are becoming more popular among companies today, but there are serious logistical and legal challenges along with the expected benefits of using social collaboration tools. http://cwflyris.computerworld.com/t/6508269/1691691/296251/0/ Amir Lev: AT&T iPad privacy breach: Goatse email "theft" thoughts In this week's Security Levity, I want to talk about the recent AT&T Apple iPad privacy breach, as discovered by Goatse Security. I also want to talk more generally about how companies often leak their customers' email addresses. http://cwflyris.computerworld.com/t/6508269/1691691/296252/0/ Preston Gralla: Think Linux is free from malware? Think again; it's been hacked. Linux fans frequently deride Windows as being malware-ridden, while claiming their favorite operating system is free from such threats. That simply isn't true. The most recent Linux version of the open-source Unreal IRC server is infected with a Trojan. The Windows version? It's malware-free. http://cwflyris.computerworld.com/t/6508269/1691691/296253/0/ Guidelines released for antivirus software tests A coalition of security companies and researchers have agreed on guidelines for how security software products should be tested, which may help put an end to long-running disputes about different testing methodologies. http://cwflyris.computerworld.com/t/6508269/1691691/296254/0/ Steven J. Vaughan-Nichols: Why are you still running Windows XP SP2!? People are still running this almost obsolete version of Windows, to which I ask "Why!?" http://cwflyris.computerworld.com/t/6508269/1691691/296255/0/ Mitch Wagner: 9 tips for securing your iPad The recent AT&T data leak underscores the need for iPad security precautions. A few simple steps can help protect confidential data. http://cwflyris.computerworld.com/t/6508269/1691691/296256/0/ Election hacking Voting is a sacred right and an awesome responsibility. My Greek heritage makes me proud of the origin of voting, while my American citizenship makes me a beneficiary of its strongest instantiation. As a security expert, I am deeply suspicious of electronic voting machines, especially those that do not have auditable logs. So it is no surprise to me that the rush to adopt paperless, non-auditable electronic voting machines has subverted trust in the process and outcome of elections. The most recent example comes from the South Carolina primary. http://cwflyris.computerworld.com/t/6508269/1691691/296257/0/ =============================================================== SHARK TANK OF THE DAY ______________________ Why yes, now that you mention it It's a hot day in the un-air-conditioned building where this IT pilot fish works, and the temperature is getting to almost everyone. So fish isn't surprised to get a call about something that's not working. http://cwflyris.computerworld.com/t/6508269/1691691/296062/0/ NEW COMPUTERWORLD JOB BOARD ______________________________ Search multiple listings now and get new job alerts as they are posted. http://cwflyris.computerworld.com/t/6508269/1691691/156832/0/ Do You Tweet? Follow everything from Computerworld.com on Twitter @computerworld http://cwflyris.computerworld.com/t/6508269/1691691/126780/0/ =============================================================== CONTACTS/SUBSCRIPTIONS You are currently subscribed to computerworld_virus_roundup as: arch...@mail-archive.com. To unsubscribe from this newsletter, go to: http://cwflyris.computerworld.com/t/6508269/1691691/131135/0/?90482085=aHR0cDovL2N3Zmx5cmlzLmNvbXB1dGVyd29ybGQuY29tL3U%2faWQ9MTY5MTY5MS4zZjg4NTg2YzU1YWU4ZTA0YWRkYjk5YmY5NDNlNjViNiZuPVQmbD1jb21wdXRlcndvcmxkX3ZpcnVzX3JvdW5kdXAmbz02NTA4MjY5&x=c25a0111 To manage your subscription preferences, go to: http://cwflyris.computerworld.com/t/6508269/1691691/72510/0/ To subscribe to a newsletter, go to: http://cwflyris.computerworld.com/t/6508269/1691691/72511/0/ Computerworld's online privacy policy is at: http://cwflyris.computerworld.com/t/6508269/1691691/72509/0/ If you are interested in advertising in this newsletter, please contact: bgl...@cxo.com To contact Computerworld, please send an e-mail to onl...@computerworld.com. Copyright (C) 2010 Computerworld, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to onl...@computerworld.com **
