Best Of Web
Best Of The Web
FORBES
Hacker Charged With Using 3,000 Nude Photos To Victimize 350 Women
Man hacked into online accounts, changed victims' passwords, and then searched e-mails or other files for naked or semi-naked pictures of the victims, as well as other information, such as passwords
SMART DATA COLLECTIVE
HIPAA Violation Penalties Rise In Response To Data Breaches
Repeat HIPAA violations within the same year can hold a fine of $1.5 million across all HIPAA violation categories, up from what was once a $250,000 minimum
THREAT POST
New Ransomware Encrypts Victim Data
An odd ransomware variant actually does what it says it will do, and encrypts data on infected machines so victims can't access it
BBC
Apple Users Launch Privacy Campaign Against Google
Safari users claim Google bypassed their security settings to install cookies
NBC NEWS
Google Pledges Fight Over Government Access To Users' Email
Search engine giant will lobby Washington to make it harder for law enforcement to gain access
SOFTPEDIA
27 Government Sites Belonging To Brazil's State Of Maranhao Hacked
Hackers of Ashiyane Digital Security Team breach government sites in Brazilian state
FINEXTRA
Hacktivists Suspend Bank DDoS Campaign
Hacktivist group says it has suspended DDoS after controversial film disappears from YouTube
TOOLBOX.COM
ACH Fraud Hurts Bank Reputations
Small and midsize businesses growing increasingly restive over account takeovers from ACH fraud
THE HILL
Blood Bank Settles FTC Charges For Failing To Protect Personal Information
Weak security practices led to exposure of some 300,000 customers' personal data, commission says
BLOOMBERG
Israeli Troops Swap Guns For Computers
Israel builds up cyberdefense force
SOFTPEDIA
Team GhostShell Targets African Organizations, Leaks 700,000 Records
Hacktivists initiate Project Sunrise, targeting organizations in South Africa and other countries
HELP NET SECURITY
Trojan Uses Anti-Spam System To Keep In Touch With C&C Servers
Symantec discovered a Trojan that uses the Sender Policy Framework (SPF) to retain the connection between malware and C&C servers
THE WASHINGTON POST
FBI Is Increasing Pressure On Suspects In Stuxnet Inquiry
Federal investigators looking into leaks of classified information about Stuxnet have increased pressure on current and former senior government officials suspected of involvement, according to people familiar with the investigation
SECURITY WEEK
Anonymous Downs U.S Government Site
Anonymous says it disabled the U.S. Sentencing Commission's website this weekend in retaliation for the death of Aaron Swartz and says it will leak government data it obtained
FORBES
More Than A Dozen Brands Of Security Camera Systems Vulnerable To Hacker Hijacking
Some 18 brands of security camera digital video recorders (DVRs) can be exploited such that an attacker could remotely gain control of the devices to watch, copy, delete, or alter video streams and also use the machines as a stepping-stone to access other computers behind a company's firewall
NPR
Google Explains How It Handles Police Requests For Users' Data
Google says police need a search warrant before accessing some customer information from the search giant
GOV INFOSECURITY
Defending DHS As Cybersecurity Leader
DHS official Mark Weatherford defended the agency's role in protecting civilian agencies amid criticism by Congress
THE ECONOMIST
Atavistic Androids
Around three-fifths of Androids today run older versions of the mobile operating system, prior to 4.0, mostly because the devices don't make it easy or possible in some cases to update
RT.COM
President Putin Orders FSB To Protect Media Sites From Cyber Attack
Russian President Vladamir Putin has ordered the nation's federal security service to set up a system that would detect, counter, and prevent computer attacks on state information resources
FOREIGN POLICY.COM
John Kerry Acknowledges Cyber As One Of The World's Greatest Threats
Sen. John Kerry during his confirmation for Secretary of State said he’d call cyber the '21st-century nuclear weapons equivalent' and it's a space that will require cyberdiplomacy and negotiation
SOFTPEDIA
GitHub Forced To Disable Search After Exposing Private SSH Keys
GitHub's enhancements to its code search engine inadvertently exposed the private Secure Shell (SSH) keys of some repositories
HUFFINGTON POST
Demystifying Rocra
Targeted attacks such as Red October may seem irrelevant to most people, but expect the number of such targeted attacks to grow in 2013 and beyond
COMPUTERWORLD
Former Anonymous Members Jailed In U.K. For PayPal, Visa DDoS Attacks
Three men were sentenced Thursday in the U.K. for their roles in a series of distributed denial-of-service (DDoS) attacks launched against financial and music industry organizations in 2010 -- Christopher Weatherhead, 22, Ashley Rhodes, 28, and Peter Gibson, 24
THREAT POST
Senate Introduces Cybersecurity Bill That Prioritizes Information Sharing
Senators John D. Rockefeller IV (D-WV), Chairman of the Senate Commerce, Science, and Transportation Committee, Tom Carper (D-DE), Chairman of the Senate Homeland Security and Governmental Affairs Committee, and Dianne Feinstein (D-CA), Chairman of the Senate Select Committee on Intelligence, introduced The Cybersecurity and American Cyber Competitiveness Act of 2013
WIRED
Feds Pile On More Charges Against Anonymous Agitator Barrett Brown
Barrett Brown, who has claimed to be a spokesman for Anonymous, faces new charges by authorities in Texas for concealing evidence
SECURITY WEEK
DARPA To Study Network Traffic To Stay Ahead Of Attackers
The Defense Advanced Research Projects Agency (DARPA) has launched a project to turn the massive amounts of network data collected into useful intelligence to stay ahead of attackers
POPULAR MECHANICS
How To Keep Your Webcam Secure
Create a strong password and register the camera with the vendor to ensure updates
WIRED
Google Declares War On The Password
Research paper outlines alternative means of authentication
SC MAGAZINE
The Tactics Behind A Spear Phishing Attack
Attackers now target individual customers, expert says
BLOOMBERG
One Third Of Cyber Attack Traffic Originates In China, Akamai Says
China's percentage doubles over previous quarter, study says
HUFFINGTON POST
Anonymous Hackers Jailed: Hacktivists Sentenced For Attacks On Visa, MasterCard, And PayPal
Christopher Weatherhead gets 18-month sentence in London after being found guilty
NETWORK WORLD
White House Announces "National Day Of Civic Hacking"
U.S. government asks citizens to roll up their sleeves in June and help with hacking challenges
ARS TECHNICA
How The Feds Put A Bullet In A 'Bulletproof' Web Host
A look at how authorities took down the Gozi Virus and its distributor
COMPLIANCE EX
Cyber Crime Ring Targeted U.S. Bank Accounts, Feds Say
Three foreign nationals charged with creating and distributing virus that affected 40,000
COMPUTER WEEKLY
UK Office Workers Swamped With Phishing Emails, Study Finds
Nearly 60 percent of U.K. office workers say they receive phishing emails every day
THE NEW YORK POST
Tribeca Waiter Busted For Swiping Credit Card Info
A waiter was arrested after allegedly using a skimming device to steal debit and credit card numbers from more than 120 patrons in the Kutsher’s Tribeca Restaurant in New York City
WIRED
Student Expelled For Hacking After Investigating Security Hole
A college student at Dawson College in Canada was expelled after finding and helping fix a vulnerability in the college's computer system, and later checking via a Web scanning tool whether the flaw had been fixed
OHS ONLINE
Air Force Space Command To Add 1,000 Cyber Pros
The U.S. Air Force Space Command head says the Air Force will 1,000 new employees, mainly civilians, to its base of about 6,000 cyberprofessionals during fiscal year 2014
ZDNET BLOG
A Close Look At How Oracle Installs Deceptive Software With Java Updates
Over the past 18 months, Oracle has released 11 updates, and with each one, Java actively tries to install unwanted software -- why it has to stop
BANK INFOSECURITY
Visa Issues ATM Cash-Out Warning
Visa warned U.S. payment card issuers to be alert for suspected ATM cash-out fraud schemes
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3744
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.
CVE-2013-3743
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CVE-2013-2473
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, and CVE-2013-2472.
CVE-2013-2472
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, and CVE-2013-2473.
CVE-2013-2471
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2472, and CVE-2013-2473.