Computerworld Security: October 22, 2014 ===============================================================
Staples confirms data breach investigation Investigative journalist Brian Krebs reported that multiple banking sources were seeing a pattern of credit and debit card fraud. The common thread between each case were purchases made at Staples Inc. stores in the Northeastern U.S. http://cwonline.computerworld.com/t/9048673/114916/699752/17/ ~~~~~~~~~~~~~~~~~~~WHITE PAPER: Box~~~~~~~~~~~~~~~~~~~~~ A Mobile Security Checklist Todays most productive employees are not tied to a desk. These top producers are experts at finding new ways to integrate mobile devices into their daily workflow. Your challenge is to build an IT strategy and architecture that can support this new way of working with easy, reliable, 24/7 access to information, from anywhere in the world. http://cwonline.computerworld.com/t/9048673/114916/699753/18/?3e076d18=YXJjaGl2ZUBtYWlsLWFyY2hpdmUuY29t&x=4fae7b3f ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ IN THIS ISSUE 1. Flash vulnerability exploited in large-scale attacks http://cwonline.computerworld.com/t/9048673/114916/699754/19/ 2. INSIDER: HTTPA: New tech transforms transparency into privacy http://cwonline.computerworld.com/t/9048673/114916/699755/20/ 3. Google extends two-factor authentication with physical USB keys http://cwonline.computerworld.com/t/9048673/114916/699756/21/ 4. Microsoft warns of Windows zero-day; hackers serve exploits in PowerPoint files http://cwonline.computerworld.com/t/9048673/114916/699757/28/ 5. iCloud's man-in-the-middle is from China -- and might work for the gub'mint http://cwonline.computerworld.com/t/9048673/114916/699758/29/ 6. Researcher creates proof-of-concept worm for network-attached storage devices http://cwonline.computerworld.com/t/9048673/114916/699759/30/ ~~~~~~~~~~~~~~~~~~~RESOURCE COMPLIMENTS OF: Akamai Technologies, Inc.~~~~~~~~~~~~~~~~~~~~~ Early birds! Get the Q3 2014 Global DDoS Attack Report We are preparing a complete analysis of DDoS attacks from July to September. Among the news in the Q2 2014 DDoS Global Attack Report will be details of the resurgence of a powerful botnet thought to have been taken down. http://cwonline.computerworld.com/t/9048673/114916/699760/31/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Flash vulnerability exploited in large-scale attacks If you haven't updated your Flash Player with the fixes released Oct. 14, you may be vulnerable to new attacks using a commercial exploit kit called Fiesta, security researchers warn. http://cwonline.computerworld.com/t/9048673/114916/699754/32/ INSIDER: HTTPA: New tech transforms transparency into privacy Privacy by obscurity is dead; long live privacy by transparency http://cwonline.computerworld.com/t/9048673/114916/699755/33/ Google extends two-factor authentication with physical USB keys Google is letting users protect their accounts against password compromises by adding support for two-factor authentication based on physical USB keys. http://cwonline.computerworld.com/t/9048673/114916/699756/34/ ~~~~~~~~~~~~~~~~~~~WEBCAST: Enterprise Management Associates~~~~~~~~~~~~~~~~~~~~~ Best Practices for Automation and Limiting Risk Everyone knows that effective network management practices start with establishing a full foundational understanding of the network. But simply monitoring individual elements can only get you so far. http://cwonline.computerworld.com/t/9048673/114916/699761/35/?3e076d18=YXJjaGl2ZUBtYWlsLWFyY2hpdmUuY29t&x=509a33cd ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Microsoft warns of Windows zero-day; hackers serve exploits in PowerPoint files Microsoft warned users Tuesday that cyber criminals are exploiting a zero-day flaw using malicious PowerPoint documents sent as email attachments. http://cwonline.computerworld.com/t/9048673/114916/699757/36/ iCloud's man-in-the-middle is from China -- and might work for the gub'mint Certain folks in China may be used to hearing someone breathing when they pick up their phones (party line?), but new reports suggest Apple's iCloud service is susceptible to the same level of protection by Chinese authorities. It's all true, according to the China's censorship watchdog group GreatFire. http://cwonline.computerworld.com/t/9048673/114916/699758/37/ Researcher creates proof-of-concept worm for network-attached storage devices Network-attached storage (NAS) devices are riddled with vulnerabilities that can put the security of sensitive data and networks at risk, a researcher has found. To prove his point, he has created a proof-of-concept worm that can infect devices from three different manufacturers. http://cwonline.computerworld.com/t/9048673/114916/699759/38/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ DIGITAL SPOTLIGHT: MOBILE SECURITY Read how to make your workers smart about mobile security by moving beyond policies and penalties and embracing an approach designed to identify and correct specific problem behaviors. [Registration required] http://cwonline.computerworld.com/t/9048673/114916/693449/39/?3e076d18=YXJjaGl2ZUBtYWlsLWFyY2hpdmUuY29t&x=72471d83 TAKE OUR SALARY SURVEY! Computerworld's 2015 Salary Survey: How will your salary compare with your IT peers? Computerworlds 29th Annual Salary Survey will feature the latest IT salary trends and advice on where to find the best-paying jobs. This year's survey participants can enter a drawing to win one of 3 American Express gift cards for $500 each! The drawing is open to legal U.S. residents, age 18 or older. Take our annual Salary Survey today! tinyurl.com/m9erxtl JOIN THE IDG CONTRIBUTOR NETWORK The IDG Contributor Network is a collection of blogs written by leading IT practitioners about the technology, business opportunities and challenges you face everyday. We invite you to participate by applying to be a contributor today. http://cwonline.computerworld.com/t/9048673/114916/689530/40/ COMPUTERWORLD DIGITAL MAGAZINE Computerworld's new monthly Digital Magazine showcases articles, analysis and commentary on important trends in enterprise IT, in core departments such as News Analysis, Features, Opinions and Shark Tank. The new digital format offers seamless navigation, with easy scrolling and zooming, and links to useful related stories. The October edition is available now [Registration required]: http://cwonline.computerworld.com/t/9048673/114916/697637/41/ FREE SHARK TANK T-SHIRT Clueless Consultants? Bungling Bosses? Useless Users? Tell me your tale. If it gets published, you get a sharp Shark shirt. Submissions mailto:sha...@computerworld.com Shark Tank FAQ http://cwonline.computerworld.com/t/9048673/114916/641183/42/ INTERNET OF THINGS: GET THE LATEST! Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the Internet of Things (IoT). Subscribe now and stay up to date! http://cwonline.computerworld.com/t/9048673/114916/689330/43/ SUBSCRIBE TO COMPUTERWORLD DAILY NEWS Sign up for our popular, twice-daily tech news newsletter. You'll get Computerworld's up-to-the-minute top stories of the day, both first thing in the morning and late in the afternoon (ET). We deliver breaking news on topics like the latest security threats and the newest mobile devices, in-depth features about enterprise technologies and IT careers, and authoritative analyses of moves made by tech companies like Google, Microsoft, Apple, IBM and HP. Sign up now: http://cwonline.computerworld.com/t/9048673/114916/689330/44/ JOIN THE COMPUTERWORLD CONVERSATION ON GOOGLE + Be sure to add Computerworld to your Google+ circles to keep track of breaking news, features, blogs, tech reviews and career advice. http://cwonline.computerworld.com/t/9048673/114916/598565/45/ CAST YOUR VOTE IN THIS WEEK'S QUICKPOLL Apple is releasing its first public beta of OS X Yosemite. Is that a smart move? http://cwonline.computerworld.com/t/9048673/114916/682409/46/ NEW COMPUTERWORLD JOB BOARD ______________________________ Search multiple listings now and get new job alerts as they are posted. http://cwonline.computerworld.com/t/9048673/114916/156832/47/ Get more IT peer perspective online: LinkedIn Group: http://cwonline.computerworld.com/t/9048673/114916/311619/48/ Facebook: http://cwonline.computerworld.com/t/9048673/114916/311620/49/ Twitter: http://cwonline.computerworld.com/t/9048673/114916/311621/50/ =============================================================== CONTACTS/SUBSCRIPTIONS You are currently subscribed to computerworld_security as: archive@mail-archive.com. To unsubscribe from this newsletter, go to: http://cwonline.computerworld.com/t/9048673/114916/131135/51/?90482085=aHR0cDovL2N3b25saW5lLmNvbXB1dGVyd29ybGQuY29tL3U%2faWQ9MTE0OTE2LmQwMjdhOTc3ZDZmMmEyYzkwZjlkN2ZmNDllMWFlMjg4Jm49VCZsPWNvbXB1dGVyd29ybGRfc2VjdXJpdHkmbz05MDQ4Njcz&x=280cc3c1 To manage your subscription preferences, go to: http://cwonline.computerworld.com/t/9048673/114916/689329/52/ To subscribe to a newsletter, go to: http://cwonline.computerworld.com/t/9048673/114916/689329/53/ When accessing content promoted in this email, you are providing consent for your information to be shared with the sponsors of the content. Please see our Privacy Policy for more information. Computerworld's online privacy policy is at: http://cwonline.computerworld.com/t/9048673/114916/689331/54/ If you are interested in advertising in this newsletter, please contact: bgl...@cxo.com To contact Computerworld, please send an e-mail to onl...@computerworld.com. Copyright (C) 2014 Computerworld, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to onl...@computerworld.com **