Dark Reading | Security | Protect The Business

Large Attacks Hide More Subtle Threats In DDoS Data

May 18, 2013

While distributed denial-of-service attacks topping 100Gbps garner the headlines, they are not the threat that should worry most companies

| Read Article >>
More >>

Pushdo Botnet Morphs To Elude Hunters

May 16, 2013

U.S., other national government agencies, contractors, and military networks found housing new Pushdo bots as botnet adds stealthier features to evade detection, takedown

| Read Article >>

Strategies For Improving Web Application Security

May 20, 2013

Web apps are essential to your business -- and easy targets for hackers. Here are some tips for keeping them secure

| Read Article >>
More >>

Websense Signs Definitive Agreement To Be Acquired By Vista Equity Partners

May 20, 2013

Shareholders to receive $24.75 per share in cash in transaction valued at approximately $1 billion

| Read Article >>
More >>

Today from Dark Reading

Vincent Liu

Know Your Pen Tester: The Novice

Beware of the tool-obsessed pen-tester

| Read Article >>

Commentary

Security War Games

By David Schwartzberg
Sophos

Information security keeps evolving but our educational methods are not evolving rapidly enough to win the cold cyberwar.

| Read Article >>
Why Databases Monitoring?

By Adrian Lane

Hoping other people detect your breach before you lose millions

| Read Article >>
Use A Human Trust Model For Endpoints

By Tim Rohrbaugh

Use anthropomorphic references to engage your brain and strengthen your approach to security

| Read Article >>
The Dragon In The Room

By Kelly Jackson Higgins

China, China, China

| Read Article >>
I Think We're All Botnets On This Bus

By Wendy Nather

How many undercover researchers can fit under one cover?

| Read Article >>
Five Questions To Ask When Choosing A Threat Intelligence Service

By Tim Wilson

Threat intelligence services are becoming an essential weapon in the enterprise security arsenal. Do you know how to choose one?

| Read Article >>
Panic Now

By Glenn S. Phillips

There is a big difference between panic and anxiety

| Read Article >>
Security Minor Leagues

By Mike Rothman

The security skills gap continues to expand as more companies realize what they need and, more importantly what they don't have. We need a security minor league system to meet the demand

| Read Article >>

More >>

Labs Insights

David Schwartzberg
Sophos

Security War Games

Information security keeps evolving but our educational methods are not evolving rapidly enough to win the cold cyberwar.

| Read Article >>

More SophosLabs Insights >>

Products & Releases

More >>

Best of the Web

More >>

Security Video

More >>

Dark Reading Slideshows

More >>

News

The Future Of Web Authentication

After years of relying on passwords, technology vendors -- and enterprises -- are ready for new methods of proving user identity.

| Read Article >>
Large Attacks Hide More Subtle Threats In DDoS Data

While distributed denial-of-service attacks topping 100 Gbps garner the headlines, they are not the threat that should worry most companies

| Read Article >>
Black Hat USA 2013 Rolls Out SIM Card, Femtocell Hacking Talks

Organizers have confirmed some early details on Briefings talks

| Read Article >>
Mapping Compliance Proof To Risk-Based Controls

Risk-based security decisions usually yield more secure environments, but some harmonization with regulations needs to be done to prove compliance

| Read Article >>

More >>

Quick Hits

Strategies For Improving Web Application Security

Web apps are essential to your business -- and easy targets for hackers. Here are some tips for keeping them secure

| Read Article >>
Pakistan Hit By Targeted Attack Out Of India

Information-stealing malware campaign spreads via phishing email attachments posing as Indian military secrets

| Read Article >>

More >>

Events

Last Post

Maybe that's what used up all of the IPv4 addresses. They are all being used as honeypots

Follow Dark Reading

Free Research and Reports

What's this?From the Editors of DarkReading

More >>

Box Icon

Whitepapers

What's this?

More >>

Box Icon

Dark Reading Digital Magazine

Dark Reading May 2013 Digital Supplemental Issue

Back Issues

In This Issue

The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.

Download Now

Tech Insight

04.26.2013
Time To Set Up That Honeypot

03.12.2013
Securing Cisco IP Telephony

02.17.2013
Attribution Is Much More Than A Source IP

02.14.2013
New CA Group Has Big Names, Small Impact

02.04.2013
How To Build An IT Security Budget

01.22.2013
5 Approaches To Decaffeinating Java Exploits

06.01.2012
Making Data Leak Prevention Work In The Enterprise

Bugs

Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database

CVE-2013-3342 (acrobat_reader)
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 do not properly handle operating-system domain blacklists, which has unspecified impact and attack vectors.
CVE-2013-3341 (acrobat_reader)
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, and CVE-2013-3340.
CVE-2013-3340 (acrobat_reader)
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, and CVE-2013-3341.
CVE-2013-3339 (acrobat_reader)
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3340, and CVE-2013-3341.
CVE-2013-3338 (acrobat_reader)
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.

First Name*:
Last Name*:
Email Address*:
Job Title:
Company/Organization/Gov't Dept.:
*Required field
Privacy Statement

Today from Dark Reading

Commentary

Products & Releases

Best of the Web

Security Video

Dark Reading Slideshows

News

Quick Hits

Events

UBM Tech Events

Black Hat Events

Other Security Events

Last Post

Follow Dark Reading

Dark Reading Newsletter

Sign up for the Dark Reading Daily email newsletter

Free Research and Reports

Whitepapers

Upcoming Events

Dark Reading Digital Magazine

In This Issue

Tech Insight

Bugs

Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database