'Oleg Pliss' hack makes for a perfect teachable IT moment

	'Oleg Pliss' hack makes for a perfect teachable IT moment | Israel-based software company claims police call recording software fixed
	ITworld Security Strategies				Forward this to a Friend >>>
	Flaws in popular SEO plug-in put WordPress websites at risk Many WordPress websites could be at risk of compromise if their administrators don't upgrade a popular search engine optimization (SEO) plug-in to a newly released version that fixes serious vulnerabilities. Read More WHITE PAPER: LifeLock Combating Identity Theft in a Mobile, Social World As mobile devices and social media become more deeply intertwined, identity thieves are finding new ways to target victims with disastrous efficiency. Offering identity theft protection and remediation allows businesses to give their workforce the confidence to efficiently engage while bringing financial reward to the company at large. Learn More In this Issue 'Oleg Pliss' hack makes for a perfect teachable IT moment Israel-based software company claims police call recording software fixed Future of secure messenger in doubt after Pirate Bay arrest 10 IT security risks that small businesses can't afford to ignore Microsoft debuts personalized patch dashboard for IT pros Advisory firm wants majority of Target board members voted out over breach New attack methods can 'brick' systems, defeat Secure Boot, researchers say Hackers put security tool that finds payment card data into their arsenal In baffling move, TrueCrypt open-source crypto project shuts down Iranian group created fake news organization as part of hacking campaign Tech giants throw money at OpenSSL in response to Heartbleed Latest eBay flaw is a rookie mistake for a website Core Infrastructure Initiative to delve into security of OpenSSL, OpenSSH, Network Time Protocol Global mobile roaming hub accessible from the Internet and vulnerable, researchers find House panel investigating FTC data breach enforcement WEBCAST: CA Technologies The End of Data Protection As We Know It. Traditional backup is going away, but where does this leave end-users? Learn more! 'Oleg Pliss' hack makes for a perfect teachable IT moment In this era of BYOD, IT shops should talk to employees about how to bolster security. Read More Israel-based software company claims police call recording software fixed Nice Systems of Israel said it patched remaining critical flaws in its call recording software used by law enforcement, but the consultancy that discovered the risky flaws hasn't verified the fixes. Read More Future of secure messenger in doubt after Pirate Bay arrest The arrest of Peter Sunde for his involvement with The Pirate Bay has put the future of his latest project, a spy-proof text messaging app, in doubt. Read More 10 IT security risks that small businesses can't afford to ignore While small- to midsized businesses (SMB) don't have the luxury of information security teams and resources that large enterprises can afford, they still face many of the same threats. Read More Microsoft debuts personalized patch dashboard for IT pros Web-based myBulletins organizes security updates; gets a 'C' grade from one professional. Read More Advisory firm wants majority of Target board members voted out over breach Members of Target's audit and corporate responsibility committees should have done more, ISS says. Read More New attack methods can 'brick' systems, defeat Secure Boot, researchers say The Secure Boot security mechanism of the Unified Extensible Firmware Interface (UEFI) can be bypassed on around half of computers that have the feature enabled in order to install bootkits, according to a security researcher. Read More WHITE PAPER: Intigua Systems Management Virtualization Discover how virtualizing the management layer, by de-coupling agents from the underlying server infrastructure, eliminates the need to install physical agents on servers and makes ongoing management tasks such as provisioning and updating agents as simple as copying a single "virtual agent" file to all required servers. Read more. Learn More Hackers put security tool that finds payment card data into their arsenal Like a crowbar, security software tools can be used for good and evil. Read More In baffling move, TrueCrypt open-source crypto project shuts down In a bizarre move, the anonymous managers of the TrueCrypt open-source encryption project abruptly pulled the plug on the effort without explanation. Read More Iranian group created fake news organization as part of hacking campaign A suspected Iranian hacker group seeded Facebook and LinkedIn with bogus profiles of attractive women and even created a fake online news organization to get digitally closer to more than 2,000 people whom it wanted to spy on. Read More Tech giants throw money at OpenSSL in response to Heartbleed Crucial open-source projects including OpenSSL will get at least $5.4 million in funding over three years. Read More Latest eBay flaw is a rookie mistake for a website Though XSS vulnerabilities are common, there are tools and techniques available to test for them so they can be resolved before the code is used on a live website. Read More Core Infrastructure Initiative to delve into security of OpenSSL, OpenSSH, Network Time Protocol The Linux Foundation today announced the first protocols that it wants to address as part of its open-source code testing and security review. Not surprisingly, OpenSSL, where the infamous Heartbleed bug was discovered, is among them. Read More Global mobile roaming hub accessible from the Internet and vulnerable, researchers find The GPRS Roaming Exchange (GRX) network, which carries roaming traffic among hundreds of mobile operators worldwide, contains Internet-reachable hosts that run vulnerable and unnecessary services, recent security scans reveal. Read More House panel investigating FTC data breach enforcement A U.S. House of Representatives committee has reportedly launched an investigation into the Federal Trade Commission's use of information from a peer-to-peer security vendor to bring a data breach complaint against a medical testing laboratory. Read More
	SURVEY Take ITworld's cloud survey and you could win $500 ITworld is conducting a brief survey regarding cloud computing initiatives, and we value your input. The survey will take you about 10 minutes to complete. And there's a reward! Respondents who complete the survey will be entered in a sweepstakes to win a $500 cash prize. Take the survey now! GIVEAWAYS: Enter today for your chance to win! The Rails 4 Way Through detailed code examples, you'll dive deep into the Rails 4 code base, discover why Rails is designed as it is, and learn how to make it do exactly what you want. Enter now! JavaScript Essentials LiveLessons (Video Training) In 4 hours of video instruction, JavaScript Essentials LiveLessons provides a solid foundation on which to build skills, from the perspective of a web developer. Enter now! DON'T MISS... 10 tech products that are built to last 16 terrible computer pranks that could get you fired Your new PC needs these 22 free programs Pants on fire: 9 lies that programmers tell themselves History's 15 most popular computer scientists
	Get more peer perspective online Google+ | LinkedIn | Facebook | Twitter You are currently subscribed to itworld_security_strategies as garn14.tech@blogger.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy If you are interested in advertising in this newsletter, please contact: sean_weglage@itworld.com To contact ITworld, please send an e-mail to online@itworld.com. Copyright (C) 2014 ITworld, 492 Old Connecticut Path, Framingham, MA 01701. ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to online@itworld.com.