- HP buys EDS for $13.9 billion
- 10 ways the Chinese Internet is different
- What EDS is telling its people about HP deal
- Sprint loses nearly 1.1 million customers
- Desktops of the future here today
Rss FeedRss Feed
Crackin' the Kraken bot. Listen now!
Wireless dangers at airports. Listen now!
The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry regulations imposed by the major credit card companies to ensure the safety, security, and integrity of cardholder data. Any business that processes, stores, and transmits cardholder account data must comply with this complex new standard, and must be able to demonstrate that compliance through automated and manual audits of their systems. This white paper looks at the key challenges and requirements of PCI DSS as it relates to Microsoft Windows and Active Directory, and shows you how a third-party software solution can help with PCI compliance.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
There are many compelling reasons for virtualizing Windows and Linux applications. Virtualization improves server utilization by allowing you to run multiple workloads on a single physical server. It reduces the number of physical servers you have to maintain, while allowing you to use less physical space and power while still improving scalability. All of these capabilities translate directly into lower costs, less complexity, and greater flexibility in your mixed IT environment. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
I think the only thing I like about sprint is EVDO rev.A. Their data network is awesome, other than that...- Matt V
Researcher finds new way to hack Oracle database
Security researcher David Litchfield has released technical details of a new type of attack that could give a hacker access
to an Oracle database. Called a lateral SQL injection, the attack could be used to gain database administrator privileges
on an Oracle server in order to change or delete data or even install software, Litchfield said in an interview on Thursday.
IDG News Service, 04/24/08.
David Litchfield's blog: A New Class of Vulnerability in Oracle: Lateral SQL Injection
**********
Three new updates from Debian:
xulrunner (programming error, code execution)
perl (heap overflow, code execution)
**********
Two new fixes from Mandriva:
OpenOffice.org (heap overflows, code execution)
**********
Three new patches from Gentoo:
SILC (multiple flaws)
**********
Today's malware news:
Fly Phishing
Some phishing gangs have a new technique. They're using trojan-spy applications. F-Secure blog, 04/25/08.
Huge Web hack attack infects 500,000 pages
Attacks on legitimate Web domains, including some belonging to the United Nations that began earlier this week, have expanded
dramatically, security researchers said Friday, with hundreds of thousands of pages hacked by Friday. Computerworld, 04/27/08.
F-Secure: Mass SQL injection
iFrame attacks surge, security firm says
A flood of SQL injection attacks on Microsoft Internet Information Servers are leaving Web pages with malicious iFrames in
them, and Panda Security is urging network managers to make sure their Web pages haven't been infected. Network World, 04/24/08.
**********
From the interesting reading department:
Microsoft mislabels Skype as adware
Skype users who have been getting strange error messages from Microsoft's security products over the past week can breathe
easy now. It was all a mistake. IDG News Service, 04/23/08.
ISPs' Error Page Ads Let Hackers Hijack Entire Web, Researcher Discloses
Seeking to make money from mistyped website names, some of the United States' largest ISPs instead created a massive security
hole that allowed hackers to use web addresses owned by eBay, PayPal, Google and Yahoo, and virtually any other large site.
Wired, 04/19/08.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
