Best Of Web
Best Of The Web
SOFTPEDIA
US Hacker Earns $8 Million From German Dial-Up Fraud Scheme
A New Hampshire man will be sentenced later this month for installing malware on the computers of German dial-up users
TMCNET
Cyber Criminals Attack ChronoPay.com Through DNS Hijacking
New report reveales that the DNS of ChronoPay.com, a payment processor from Russia, had been hijacked on Dec. 25-26, 2010, for a number of hours and the domain redirected to a phony site that gathered credit card information from around 800 accounts
GOVERNMENT COMPUTER NEWS
Contrary To Popular Opinion, FISMA Can Improve Security, Agency Officials Say
Federal officials at the RSA Conference say the Federal Information Security Management Act itself isn�t the problem, but rather how people are implementing it
COMPUTERWORLD
Stuxnet Struck Five Targets In Iran, Say Researchers
Researchers at Symantec say the Stuxnet worm targeted five separate organizations in Iran, starting in June 2009, more than a year before independent experts
BCS
Internet Registry Considers Plan To Take Down Infected Websites
British agency says it will think about taking down sites considered infected or having criminal intent
HEALTH CARE INFO SECURITY
New York Breach Affects 1.7 Million
Incident is largest ever reported under the HITECH Act
FINEXTRA
Cosmetics Firm Lush Forced To Shut Down More Hacked Websites
Sites in Australia, New Zealand affected
eWEEK
Identity Finder Locates, Quarantines Sensitive Documents To Prevent Identity Theft
New technology can eradicate or protect sensitive data to ensure it doesn't fall into the wrong hands
HOST EXPLOIT
Spanish Hacker Is Accused Of Trying To Blackmail Nintendo
Attacker allegedly threatened to expose personal details of 4,000 Nintendo customers
PC WORLD
Salesman Denies Assisting Hacking Of Oil Companies
Chinese worker says he doesn�t know anything about hacks described by McAfee
FORBES
Anonymous Ready To Dump More HB Gary Emails, Launch AnonLeaks
Hacker group continues attack on security firm; prepares to launch its own WikiLeaks initiative
ZDNET
Privacy Protection And IE9: Who Can You Trust?
Microsoft's Tracking Protection technology offers new options for privacy-conscious users
MANUFACTURING BUSINESS TECHNOLOGY
Chinese Company Linked To Hackers That Target U.S. Firms
A Chinese man identified by McAfee as being linked to cyberspying on Western oil companies said his company rents server space to hundreds of hackers, but he declined to comment on McAfee's report
COMPUTERWORLD BLOG
Hackers Use Hidden Device To Manipulate News At Wi-Fi Hotspots
�Newstweek� device plugged in at a wireless hotspot lets an attacker modify news content read via the WiFi network
FORBES BLOG
Anonymous Claims Possession Of Insidious Stuxnet Virus
A member of hacker group Anonymous tweeted this weekend that the group was in possession of the Stuxnet worm
COMPUTERWORLD
Microsoft Accuses Former Manager Of Stealing Confidential Plans
Microsoft alleges a former market development manager took hundreds of megabytes of confidential company material when he left the firm for a new position at CRM rival Salesforce.com
SHADOWSERVER BLOG
Andre' DiMino, CoFounder Of Shadowserver, Resigns
DiMinon will leave his post at the volunteer organization as of March 31, citing increasing administrative challenges
SYMANTEC BLOG
Symantec Intelligence Quarterly Report: Targeted Attacks On Critical Infrastructures
Researchers at Symantec documented 10 public SCADA vulnerabilities in the fourth quarter of 2010, out of a total of 15 for the year
SOFTPEDIA
Rootkit.com Compromise Poses Risks To Other Sites
The recently leaked rootkit.com database compromise has implications for accounts on other sites due to password reuse --- the passwords were hashed with the vulnerable RC5 algorithm, which was relatively easy to crack
FEDERAL TIMES
Jurisdiction Issues Complicate Defense Cybersecurity Role
The question of who is in charge complicates prevention and response to cyberattacks, intelligence and DoD officials told Congress in hearings on the Hill
USA TODAY
Bank Of America Denies Connection To Proactive Tactics To Silence Wikileaks
Spokesman for bank says Bank of America has never seen the now-leaked presentation on proactive tactics to neutralize WikiLeaks and has no "interest in it"
WIRED
Researcher Makes Free Phone And Text Encryption Available To Egypt
Moxie Marlinspike is making his phone and text-message encryption software available mostly to U.S. users available in Egypt
THE ATLANTIC
U.S.-China Cyber War Scenario In The Eyes Of A Chinese Student
The U.S. and China should be cautious not to overexaggerate the threat from the other, and the United States could benefit from trying to understand China's cyberstrategy by analyzing Beijing's own political priorities -- a good first step toward working together on issues like cybercrime and copyright enforcement, student says
ITWORLD
Visa Excludes U.S. Merchants To Spur Secure Card Adoption
Visa announced it will soon stop requiring merchants outside the U.S. to validate their compliance with the Payment Card Industry Data Security Standard (PCI DSS) if at least 75 percent of the merchant's annual Visa card transactions originated on smart-card-enabled terminals
THREAT POST
Microsoft Releases IE9 Release Candidate With Tracking Protection
The Internet Explorer 9 release candidate version issued this week comes with Microsoft's implementation of a new privacy technology that makes it easier for users to prevent sites from tracking their activity online
BANK INFOSECURITY
NASDAQ Breach: Lesson For Banks
Most banks and credit unions are vulnerable in the same way NASDAQ was and need better visibility, instrumentation to respond quickly to attacks
DARKNET
Tunisia Running Country Wide Facebook, Gmail & Yahoo Password Capture
Government of Tunisia appears to be basically phishing users with fake versions of login pages for Facebook, Gmail, and Yahoo
SALON.COM
The Leaked Campaign To Attack Wikileaks And Its Supporters
A look at the emails hacked and published by Anonymous that indicate a report on how to neutralize WikiLeaks was part of a proposal to be submitted to the Bank of America
THE LAST WATCHDOG
Most Facebook, Google Users Worry About Privacy, Security
Americans concerned about possible leaks of personal data
TG DAILY
32 Percent Of Americans Admit To 'Borrowing' Unencrypted Wi-Fi
Many users still mooch from neighbors, study says
ATLANTIC WIRE
Why The Financial World Is Spooked By The Nasdaq Cyber Attack
Researchers still unsure whether the malware was an act of terrorism or simple data theft
OFFICE OF INADEQUATE SECURITY
Credit Report Resellers Settle FTC Charges
Security failures allowed hackers to access consumers' personal information
THE REGISTER
Hack Of Irish Job Site Exposes Users' Names, Addresses
Employment site forced to close briefly following breach
FINEXTRA
Global Card Fraud On The Rise -- ACI
Nearly one-third of people have been victims of fraud in the past five years, study says
NATIONAL JOURNAL
Hatch To Re-Introduce Cybersecurity Bill
Legislation is designed to boost international cooperation on digital threats
WASHINGTON POST
Thousands To Be Contacted In UK Hacking Case
News of the World used cell phone hack to try to tap into celebrity phones, witnesses say
ZDNET BLOG
Report: AV Users Still Get Infected With Malware
The European Union's statistics agency says one-third of Internet users in the EU were infected with malware, despite the fact that 84 percent of users run antivirus, anti-spam, or firewall software
METASPLOIT
Metasploit Framework 3.5.2 Released
The new version fixes a privilege escalation vulnerability discovered on multiuser Windows installations of the Metasploit Framework
THE NEW NEW INTERNET
Lawmaker Calls For Hacker Crackdown After Nasdaq Intrusion
Sen. Bob Menendez (D-NJ), a member of the Senate Banking Committee, is urging U.S. securities regulators to crack down on cybercriminals in the wake of a hack into the trading systems run by Nasdaq OMX Group
FCW
Alleged White House E-Mail Cyber Incident Now Called Attack From China
Officials in the United Kingdom now suggest that a cyberattack from purported White House e-mail accounts actually originated from China, and the perpetrator used a phony e-mail address that posed as a White House account
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3744
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.
CVE-2013-3743
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CVE-2013-2473
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, and CVE-2013-2472.
CVE-2013-2472
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, and CVE-2013-2473.
CVE-2013-2471
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2472, and CVE-2013-2473.