- HP buys EDS for $13.9 billion
- 10 ways the Chinese Internet is different
- What EDS is telling its people about HP deal
- Sprint loses nearly 1.1 million customers
- Desktops of the future here today
Rss FeedRss Feed
Crackin' the Kraken bot. Listen now!
Wireless dangers at airports. Listen now!
The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry regulations imposed by the major credit card companies to ensure the safety, security, and integrity of cardholder data. Any business that processes, stores, and transmits cardholder account data must comply with this complex new standard, and must be able to demonstrate that compliance through automated and manual audits of their systems. This white paper looks at the key challenges and requirements of PCI DSS as it relates to Microsoft Windows and Active Directory, and shows you how a third-party software solution can help with PCI compliance.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
There are many compelling reasons for virtualizing Windows and Linux applications. Virtualization improves server utilization by allowing you to run multiple workloads on a single physical server. It reduces the number of physical servers you have to maintain, while allowing you to use less physical space and power while still improving scalability. All of these capabilities translate directly into lower costs, less complexity, and greater flexibility in your mixed IT environment. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
Its not hard to keep on eye on how much bandwidth that you are using, check out this page for more info:
http://technicianspot.blogspot.com/2008/05/monitor-bandwidth.html- Anonymous
The SANS Institute has uncovered what they've termed a "rare gem" as far as computer security investigations go that sheds new light on how up to 20,000 Web sites have been hacked since January.
They found a sneaky software tool that uses Google's search engine to hunt for Web sites running certain kinds of vulnerable applications, wrote Bojan Zdrnja, on the institute's blog.
"While we had a general idea about what they do during these attacks, and we knew that they were automated, we did not know exactly how the attacks worked, or what tools the attackers used," Zdrnja wrote.
When the tool finds a site that is vulnerable, it kicks into action. "The exploit just consisted of an SQL statement that tried to inject a script tag into every HTML page on the web site," Zdrnja wrote.
That SQL statement was crafted to target Web sites running Microsoft's Internet Information Server and SQL Server. Once compromised, the Web sites were then rigged to serve malicious software to visitors using JavaScript, which tried various exploits based on known software vulnerabilities.(Compare Secure Web Gateway products.)
Among the malicious programs served up was a password-stealing program for the game "Lord of the Rings Online," security vendor McAfee said last month.
SANS said the software tool also reports to a server based in China, a feature that may be used to count the number of infections in order for the person using the tool can get paid, Zdrnja wrote. The tool may have other functions, but SANS is still analyzing it.
Among the victims from these attacks were the Web sites of security vendor Trend Micro as well as CA.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
