Java zero-day exploit goes mainstream

Computerworld Security: August 30, 2012
===============================================================

Java zero-day exploit goes mainstream

Attackers using two recently-uncovered Java unpatched vulnerabilities, or
"zero-days," have quickly expanded their reach by going mainstream, security
experts said today.
http://cwonline.computerworld.com/t/8202013/823929835/578607/0/

~~~~~~~~~~~~~~~~~~~RESOURCE COMPLIMENTS OF: Amazon Web Services~~~~~~~~~~~~~~~~~~~~~

Become a Cloud expert at AWS re: Invent

Amazon Web Services invites you to AWS re:Invent, our first global customer and
partner conference. Hear how companies are migrating their IT applications to
the Cloud. Learn best practices for managing security, monitoring your
resources, optimizing performance, and cutting costs. Get your questions
answered by AWS experts to help you get started.

http://cwonline.computerworld.com/t/8202013/823929835/577965/0/

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


IN THIS ISSUE

1. Security can still make or break mobile-payment systems
http://cwonline.computerworld.com/t/8202013/823929835/578608/0/

2. Darlene Storm: Surveillance counter-measures expert exposes illegal court eavesdropping
http://cwonline.computerworld.com/t/8202013/823929835/578609/0/

3. Oracle knew about zero-day Java vulnerabilities for months, researcher says
http://cwonline.computerworld.com/t/8202013/823929835/578610/0/

4. Richi Jennings: Java zero-days take SIX MONTHS to patch? SRSLY, Oracle?
http://cwonline.computerworld.com/t/8202013/823929835/578611/0/

5. GOP platform seeks more aggressive U.S. cyber deterrence policies
http://cwonline.computerworld.com/t/8202013/823929835/578612/0/


~~~~~~~~~~~~~~~~~~~WHITE PAPER: Dell and VMware~~~~~~~~~~~~~~~~~~~~~

Cloud Control: Meet the Challenges Head-On

Looking for the "On" switch for your cloud computing deployment? Right. While
Cloud Computing is the gateway to business flexibility and agility, there's no
"On" switch. There's no "right" way. The benefits of cloud hold tremendous
promise, and challenges abound.

http://cwonline.computerworld.com/t/8202013/823929835/578613/0/?3e076d18=am9uc2FuOThAZ21haWwuY29t&x=cad525f5

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Security can still make or break mobile-payment systems

The market for these systems is getting crowded, but the only way to attract
customers to them is to make them inherently safe.
http://cwonline.computerworld.com/t/8202013/823929835/578608/0/

Darlene Storm: Surveillance counter-measures expert exposes illegal court eavesdropping


Technical surveillance counter-measures (TSCM) expert James
Atkinson exposed illegal court eavesdropping, hacking, privileged legal
defense strategies that had been unlawfully recorded, covert bugs that
illicitly spied on a jail, a courtroom and a judge. Atkinson advised that
this information could not only cause a mistrial, but also result in a Grand
Jury Indictment of several court officers, members of law enforcement, and
likely the Defendants as well. This could easily be turned into a conspiracy
thriller movie.


http://cwonline.computerworld.com/t/8202013/823929835/578609/0/

~~~~~~~~~~~~~~~~~~~WEBCAST: IBM~~~~~~~~~~~~~~~~~~~~~

Improving Governance, Risk and Compliance

In this webcast you'll learn how your organization can become more responsive to
financial market challenges while reassuring decision makers the accuracy of
execution.

http://cwonline.computerworld.com/t/8202013/823929835/578614/0/?3e076d18=am9uc2FuOThAZ21haWwuY29t&x=30592285

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Oracle knew about zero-day Java vulnerabilities for months, researcher says

Oracle knew since April about the existence of the two unpatched Java 7
vulnerabilities that are currently being exploited in malware attacks, according
to Adam Gowdiak, the founder and CEO of Polish security firm Security
Explorations.
http://cwonline.computerworld.com/t/8202013/823929835/578610/0/

Richi Jennings: Java zero-days take SIX MONTHS to patch? SRSLY, Oracle?


There are some zero-day vulnerabilities in Java that are already being
exploited. However, these aren't new bugs: Oracle (NASDAQ:ORCL) has known about
them since early April, and doesn't plan to fix them until October. In IT
Blogwatch, bloggers wonder why it takes six months to fix critical security
holes.
http://cwonline.computerworld.com/t/8202013/823929835/578611/0/

GOP platform seeks more aggressive U.S. cyber deterrence policies

The 2012 Republican Party platform adopted this week calls for a more aggressive
U.S. cyber deterrence policy for dealing with security threats against
government and civilian targets.
http://cwonline.computerworld.com/t/8202013/823929835/578612/0/



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PREMIER 100 -- CALL FOR NOMINATIONS

Seeking the very best IT leaders! Now's your chance to nominate a worthy CIO or
other top IT executive for the 2013 Premier 100 IT Leaders awards. Computerworld
has launched its annual search for technology professionals who have
demonstrated leadership in their organizations through the use of information
technology and have the strategic vision to align IT with business goals.
Nominations are being collected now through August 29, 2012. Nominate an IT
leader today:

http://cwonline.computerworld.com/t/8202013/823929835/566534/0/

SHARK TANK OF THE DAY
______________________

Which is, of course, why it's the last resort

This pilot fish is the de facto "expert" for the ad-hoc database and reporting
software his company uses, and he spends a year training one employee on the
system -- who then leaves to go work for the software vendor.

http://cwonline.computerworld.com/t/8202013/823929835/578598/0/

CAST YOUR VOTE IN THIS WEEK'S QUICKPOLL

While Samsung and Apple thrive in the overall smartphone market, the situation
is uncertain, perhaps dire, for several cell-phone vendors, including Research
In Motion, Nokia and Motorola. Which of the smartphone rivals is most
endangered?

http://cwonline.computerworld.com/t/8202013/823929835/575015/0/

COMPUTERWORLD'S IT SALARY SURVEY 2012

A majority of IT workers say they're under pressure to increase productivity and
take on new tasks. But the vast majority are still happy they picked IT as their
career.

http://cwonline.computerworld.com/t/8202013/823929835/558670/0/

NEW COMPUTERWORLD JOB BOARD
______________________________

Search multiple listings now and get new job alerts as they are posted.

http://cwonline.computerworld.com/t/8202013/823929835/156832/0/


Get more IT peer perspective online:

LinkedIn Group: http://cwonline.computerworld.com/t/8202013/823929835/311619/0/

Facebook: http://cwonline.computerworld.com/t/8202013/823929835/311620/0/

Twitter: http://cwonline.computerworld.com/t/8202013/823929835/311621/0/

===============================================================

CONTACTS/SUBSCRIPTIONS

You are currently subscribed to computerworld_security as: jonsan98@gmail.com.

To unsubscribe from this newsletter, go to:
http://cwonline.computerworld.com/t/8202013/823929835/131135/0/?90482085=aHR0cDovL2N3b25saW5lLmNvbXB1dGVyd29ybGQuY29tL3U%2faWQ9ODIzOTI5ODM1LmZiMjM3OGMxMDdkZDhkNzE2Mzk0N2I5ZTU5NWE0Mjc5Jm49VCZsPWNvbXB1dGVyd29ybGRfc2VjdXJpdHkmbz04MjAyMDEz&x=e57ec92d

To manage your subscription preferences, go to:
http://cwonline.computerworld.com/t/8202013/823929835/72510/0/

To subscribe to a newsletter, go to:
http://cwonline.computerworld.com/t/8202013/823929835/231613/0/

Computerworld's online privacy policy is at:
http://cwonline.computerworld.com/t/8202013/823929835/72509/0/

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Computerworld, please send an e-mail to online@computerworld.com.

Copyright (C) 2011 Computerworld, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly,
send an e-mail to online@computerworld.com **