Best Of Web
Best Of The Web
COMPUTERWORLD
Gaping Security Flaw Exposed On Anti-Tamper Devices
"Tamper-evident" devices used in transportation, packaging, and other purposes contain a major vulnerability, Black Hat DC researchers revealed
INTERNET EVOLUTION
Attribution: Finger-Pointing In Cyber-Crime
IP tracing, Whois, network filtering, honeypots, and watermarking tools are helpful, but still don�t help unmask those behind the malware and where they are located
SOPHOS
Security Threat Report 2011
Some 40 percent of social networking users have received malware, such as worms, via social networking sites -- a 90 percent increase since the summer of 2009 -- and 43 percent have been hit by phishing attacks, two times more than in 2009
DATABREACHES.NET
Tulane University�s Breach Report To The NH AG�s Office
A Tulane University employee�s laptop contained unencrypted W-2 data and was stolen from the employee�s car trunk
THE WASHINGTON POST
Feds Charge Two In Connection With IPad Hacks
Andrew Auernheimer and Daniel Spitler have each been charged with one count of conspiracy to access a computer without authorization and one count of fraud in connection with personal information, related to an alleged conspiracy to hack
AT&T's servers
McAFEE LABS BLOG
Combined Zeus/SpyEye Toolkit Announced
Merger of malicious technologies could create more sophisticated bots
THE REGISTER
Windows 7 Phone Glitch Spews Phantom Data
Microsoft investigates data mystery that affects customer accounts
HOST EXPLOIT
Employee Of Government Contractor Jailed For Attempting To Corrupt TSA Database
Former contractor goes to prison for sabotaging database after he was terminated
COMPUTERWORLD
Top Ten Tech Scares Of The Decade
Y2K, Conficker, MyDoom -- this list isn't pretty
NETWORK WORLD
Fruit Fly Looks To Be One Good Bug For Computer Networks
CMU, Israeli researchers create algorithm that could boost wireless and other distributed networks
MARKETWIRE
Application Security Done Right The First Time: Secure At The Source
A new report from Aberdeen looks at the results of building a secure application development environment
THE ATLANTIC
Blacklisting WikiLeaks
Congressional leader pushes for ruling that would make it illegal to do business with WikiLeaks or its founder
NETWORK WORLD
Google Pays Record Bounty For Chrome Bug
Vulnerability is one of 16 patched by Google
AUSTRALIAN IT
Vodafone Fires Staff Over Security Breach
Employees allegedly made unauthorized access of customer details
FRENCH TRIBUNE
China Denies Having Anything To Do With Renault Spying Case
Reports say electric car plans were stolen and sold to China
THREATPOST
High-Profile Education, Government Websites Hacked
Legitimate sites offered links to phony online stores, Zscaler research says
TRENDLABS MALWARE BLOG
SMS Ransomware Tricks Russian Users
End users are willing to pay to get control of their PCs back
CNN
Hospital Personnel Fired For Accessing Records Of Tucson Victims
Employees inappropriately peeked into records of Arizona shooting victims
COMPUTERWORLD
Microsoft Turns To Creative Tactic To Block IE Attacks
Security experts applaud "shim" for Windows Application Compatibility Toolkit
BBC NEWS
Sony Launches Legal Action Against PlayStation Hackers
Hackers allegedly published security codes to PlayStation 3
ITAC BLOG
Cyber Thieves Steal Pennies At A Time From Consumers
Exploit is surprisingly similar to the one executed in the movie "Office Space"
HELP NET SECURITY
Third-Party Software Responsible For Most Vulnerabilities
Secunia says vulnerabilities in Microsoft's products are less a worry than those in third-party software
TREND MICRO BLOG
January Patch Tuesday Fixes Three Vulnerabilities
What's significant is what's not being patched, namely two zero-day vulnerabilities--one in IE and another in the Graphics Rendering Engine of Windows
WTIC NEWS
Data Breach At UConn Co-op's 'HuskyDirect' Site
The University of Connecticut Co-op reported a data breach of its HuskyDirect.com website�s customer database, which exposed 18,000 customers� names, addresses, e-mail, telephone numbers, and credit card numbers
IGN
Sony Going After PS3 Hackers
Sony Computer Entertainment America filed with a California court yesterday for injunctive relief and a motion for a temporary restraining order against George Hotz, members of the hacker group fail0verflow, and a number of John Does for allegedly cracking PlayStation 3's protection measures
BANGOR DAILY NEWS
UMS Beefs Up Data Security After Breach
Last summer�s breach at the University of Maine�s counseling center that exposed more than 4,500 students� personal information has led to a major overhaul of the seven-campus university system�s security, including a Web portal for students, faculty, and staff
HALBEER BLOG
Cybercrime As A Service--Our Future?
A big challenge will be ensuring that criminals don�t abuse a cloud infrastructure while researchers can still retain their confidentiality using the services, Microsoft�s security executive Roger Halbeer says
TECHWORLD
Intrusion Protection Systems Improve On Poor Test Performance
New NSS Labs test of 13 IPS products from 11 different vendors found these products are improving in stopping attacks, but still need work
COLORADO SPRINGS GAZETTE
Springs Man Sent To Prison For Hacking Into TSA Computer
A Colorado Springs man who worked for a TSA contractor and was terminated in 2009 was sentenced to two years in prison for inserting malicious code into the TSA's airline passenger-screening computer system that would have sabotaged its ability to vet passengers against its "no fly" list
TECH EYE
Irish Political Party Website Hacked By Anonymous
Between 2,000 and 4,000 users' personal details stolen
MICROSOFT
Microsoft Issues Two Security Bulletins On Quiet Patch Tuesday
One update is considered critical, software giant says
NETWORK WORLD
RIM To Block Access To Porn On Blackberry In Indonesia
Smartphone provider agrees to follow rules set for ISPs in Indonesia
FEDERAL BUREAU OF INVESTIGATION
Keeping Kids Safe Online
FBI program to be offered in schools
PC PRO
Tuesdays In December Worst For Security Threats
Tuesdays are productive for hackers, too, study says
GOVERNMENT INFORMATION SECURITY
Is Anyone Really Doing Continuous Monitoring?
Finding the right definition of the term would help
THREATPOST
China Sleeps On A Stuxnet-Like SCADA Bug
Vulnerability could allow attackers to execute remote code, researchers say
BROOKINGS
Online Identity And Customer Trust: Assessing Online Risk
A detailed analysis of identity issues and trust among consumers
EWEEK
Twitter Hit With WikiLeaks Subpoena
A federal court has ordered Twitter to turn over details of accounts tied to several WikiLeaks supporters as part of the government's investigation into the whistle-blower site, including that of Julian Assange, Dutch hacker Rop Gonggrijp, and Bradley Manning
SOFTPEDIA
Worm Uses Photo Lure To Spread Via Facebook Chat
Worm spreads by posting spam messages via Facebook chat in an attempt to trick users to download and run malicious code
LOOKOUT SECURITY BLOG
Geinimi Trojan Technical Analysis
LookOut Security says the Trojan can also read, collect, send, and delete specific SMS messages, place a phone call, download files, and launch a Web browser, for instance
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-1022 (quicktime)
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted mvhd atoms in a movie file.
CVE-2013-1021 (quicktime)
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG data in a movie file.
CVE-2013-1020 (quicktime)
Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG data in a movie file.
CVE-2013-1019 (quicktime)
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.
CVE-2013-1018 (quicktime)
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.