New Twitter worm targets celebrities
A worm referencing celebrities such as Ashton Kutcher and Oprah Winfrey is rapidly spreading across microblogging site Twitter, security firm Sophos said on Friday. Read more...

iWork '09 Trojan horse turning Macs into zombies?

Researcher finds possible bug in Apple's iPhone

Oracle delivers 43 security patches

VMware bug allows Windows hack to attack Macs

'Mebroot' rootkit slides further under the security radar, researcher says

Microsoft patches 'insane' number of bugs

'Mafiaboy' spills the beans at IT360 on underground hackers

Amazon says gay-books listing snafu was an error, not a hack

1 in 5 Windows PCs still hackable by Conficker

More Spam, Malware and Vulnerabilities Stories

UC security: When the shoe won't fit, compress the foot
If your security model is location-centric and depends on keeping things separate, how do you respond to a disruptive technology like unified communications? This is a pattern that keeps repeating in many different areas: the security paradigm looked good until a technology comes along, changes the assumptions and reveals the inadequacy of the model.

Security Software: Protection or Extortion?
As the Conficker worm sprang to life on April 1, talk here at the PC World offices turned to some interesting debates about how best to protect PCs from malware threats. In recent weeks we've run several helpful articles offering tips, tricks, and insights to keep you and your PC safe from Conficker and other malware on the Internet. At the same time, a few among us have revealed that they don't run any security software at all on their own machines--and have no intention of starting now.

Does Social Networking Require User Policy Changes?
IT security administrators have had a fairly easy case to make against such social networking sites as Myspace in the past. Myspace in particular tends to be a place for the mostly personal, and some profiles are simply front companies for online mobsters and malware pushers. [Read more about the challenges faced by MySpace's CSO in Hemanshu Nigam: Mr. Safety for MySpace.]

Conficker, IBM-Sun redux, Italy quakes
Security researchers have found that the Conficker worm has been updated to make it harder to fight, and it is also aiming to invade more PCs (3 million to 12 million not being enough, obviously). While security vendors work to fend off the worm, analysts say that Sun is not likely to fend off other suitors now that it has rejected IBM. A major earthquake in central Italy underscored once again how important mobile communications and the Internet are in helping survivors appeal for help and in getting out information.

Re-perimeterization, Part 2
In Part 1 of this article we examined how enterprises could gain application visibility and control to accommodate programs hosted outside the enterprise, and where they might implement that.

Conficker, the Internet's No. 1 threat, gets an update
Security researchers say a worm that has infected millions of computers worldwide has been reprogrammed to strengthen its defenses while also trying to attack more machines.

Reputation scoring changes the enterprise security game
Reputation-scoring services are headed for playing time in perimeter devices and alongside identity and authentication programs.

Turning tough times to your advantage
Although vendor-written, this contributed piece does not advocate a position that is particular to the author's employer and has been edited and approved by Network World Editor in Chief, John Dix.

Diary of a Data Breach Investigation
Monday

Conficker Worm Is Much Ado About Nothing
The Conficker Worm is like the Paris Hilton of computer security: Famous solely for being famous. Neither has actually ever done anything of note. But, at least Paris has a sense of humor about her celebrity. Conficker just wastes people's time.

Editors' Picks

Linux, Mac, Windows XP: Whatever your choice of operating system, we have some fun things for you to try. The operating systems of yesteryear weren't all sunshine and roses. Cyber cynic Steven J. Vaughan-Nichols names his picks for some of the worst OSs of all time. Apple's newest Mac Pro takes a significant step forward with the move to Intel's new Nehalem processor and an infrastructure that should be able to squeeze the utmost out of the upcoming Mac OS X 10.6. Satellite radio will die soon anyway, but Apple will accidentally perform a mercy killing of Sirius XM Radio this summer, says Mike Elgan.

hot topics

Get the latest news, reviews and more about Microsoft's newest desktop operating system.

• Windows 7
• Voting Technology
• Google's Chrome browser
• Economy in turmoil: Latest news and tips
• iPhone 3G
• Bill Gates moves on
• Windows Vista A to Z
• Mac A to Z

special report topics

Find wage data for 50 IT job titles.

Virtualize Servers with Microsoft Hyper-V and NetApp (Source: NetApp) Learn how NetApp technologies help provide data protection, disaster recovery, deduplication, thin provisioning, and efficient cloning for faster virtual server provisioning when using Microsoft's Hyper-V virtualization solutions. Best Practices for Backing Up VMware® with Veritas NetBackup™ MarketVibe: The State of Data Governance in Enterprises Today 500% Improvement in Data Processing! Always-on Windows® Server - Mission Impossible? Think Again. Business Data You Can Believe In Employee Web Use and Misuse Creating Predictable IT Strategies in an Unpredictable Business Climate Bad Broker Data is Bad for Business Email Security Buyer's Guide Critical Data Protection Innovate Faster with Oracle Database 11g Oracle Database 11g: Real Application Testing & Manageability Overview Oracle Data Guard 11g The Next Era in Data Protection and Availability Keep Them Separated Best Practices for Symantec NetBackup (NBU) Design Data Domain for Symantec OpenStorage Primer Inventory Management Clustering System on JBoss Enterprise Middleware Ritz Camera Centers Snap "Common Sense" Image for PCI Compliance Retail Grocery Chain Checks out Whitelisting Security Common Pitfalls in Server Virtualization More White Papers

If you are faced with the complexity of meeting stringent privacy policies and continually changing government requirements, the new Novell® Compliance Management Platform will provide welcome relief. Only the Novell Compliance Management Platform integrates identity, access, and security information and event management technology to provide a real-time, holistic view of all network events across an enterprise. This tight integration eases implementation while creating the ultimate governance solution; ensuring business policy becomes automated IT practice. Identity and Security Management and Strong Information Technology Governance: Novell's Solution Suite Automates the Approach to the Perfect Union This IDC White Paper examines Novell's identity and security management (ISM) solutions and how these integrated offerings can play a key role in enforcing security compliance for enterprise organizations. Success Story: New York City Transit One of the top priorities of New York City Transit is to ensure that its employees have secure and timely access to information. With a Novell® solution, the agency has automated identity management for 85,000 users, giving 49,000 employees secure, single sign-on to applications and providing 36,000 retirees with online access to benefit information. Balancing Security Against Productivity What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About detecting attacks or preventing them? Security is a balancing act of all three of these and requires a holistic, integrated approach. All three disciplines must interact automatically and seamlessly to ensure an effective level of service that enables good business. View Entire Zone

E-mail Address: (Required)  Security  Networking Security  Virus and Vulnerability Roundup  Security: Issues and Trends  Infrastructure & Control

"For years, Apple fans have claimed that Macs are invulnerable to attack, while belittling Windows as being full of security..." Read more "There are four approaches to dealing with malware-infested Windows machines, and too many articles on the subject only consider the..." Read more More Security Blogs See all Computerworld Blogs

In Security Stripping away the trappings of applications, systems and networks, information is the core asset of most organizations. Our columnist describes how asserting the importance of information governance is crucial to making that asset tangible, addressable and protected. Click here to read the latest column by Jon Espenschied

The Spy Files For Congress to do anything that helps protect consumers and the critical Internet infrastructure as a whole, it must pass laws that require proactive processes to protect computers, not that tell people how to deal with the resulting mess, says Ira Winkler. Click here to read the latest column by Ira Winkler