Best Of Web
Best Of The Web
RSA RESEARCH
Zeus 2.1: Stronger And More Secure, But Will Fraudsters Upgrade?
Technology improves, but deployment of next-gen Trojan is not widespread
REUTERS
Limewire Says "Unauthorized" Applications Using Its Name
Forced to shut down, application file-sharing service says its name lives on
YAHOO! NEWS
New Cyberattack Linked To Nobel Peace Prize
Fake invitation to this year's ceremony is making the rounds, researchers say
COMPUTERWORLD
Microsoft Explains Missing Mac Office Patches
Software giant defends move, but won't say when it will fix Office for Mac
SYMANTEC RESEARCH
Percentage Of Spam Dropped Last Month, Study Says
Spam accounted for less than 87 percent of email data in October, down from more than 89 percent in September
ZDNET UK
Europe Hobbled By Lack Of Cyber-Contact Knowledge
In cyberattack simulation, differences between countries make unified responses difficult
CANADA FREE PRESS
Canadian Security Breaches Rose 29 Percent, Study Says
Cost of breaches actually dropped, researchers say
TG DAILY
Neural Cybernetic Implants Could Arrive Within A Decade
Hands-free hacking could reach a whole new level, experts say
IT KNOWLEDGE EXCHANGE
Barracuda Announces Bug Bounty For Its Security Products
Hackers can make $500 to $3,000 for finding vulns in company's software
THREATPOST
SpyEye Not Yet Zeus-like In Stature
New Trojan still doesn't have the reach of Zeus, experts say
IT WORLD
Workers Free Style With Tech On Office Time
Employees tend to apply their own rules to using personal technology in the office, study says
HUFFINGTON POST
V For Vendetta Hacker Infiltrates Washington State University
Unknown hacker broadcasts squirrel video all over campus
WALL STREET JOURNAL
Virus Leads To $20 Million Scam
Millionaire is fleeced in online fraud
BANK INFO SECURITY
New ID Theft Council Aims At Awareness
Grassroots group aims to touch every U.S. community
PANDA RESEARCH BLOG
Microsoft Doesn't Get It--Security Is About Diversity
Pushing only MSE from Windows Update is a bad idea, security experts say
HELP NET SECURITY
G20-Related Malicious Spam Campaign
Hackers take advantage of economic summit to launch targeted campaign
THE REGISTER
Bank Insiders Charged In Zeus Cybercrime Smackdown
Money mules suspects arrested in Moldova
COMPUTERWORLD
Danger To IE Users Increases As Hacker Kit Adds Exploit
Security expert calls for emergency update
EXPLOIT DATABASE
Google Hacking Database Reborn
Tool to help penetration testers use Google gets a new life
ADOBE
Adobe Issues Flash Player Security Update For Android
Patch is added to previous patches for Flash Player flaw
MICROSOFT
Microsoft Issues Three Security Bulletins In Slow Patch Tuesday
Only one of the 11 vulnerabilities identified is considered critical, software giant says
SHANGHAI DAILY
In China, Hackers Take Control Of 1 Million Mobile Phones
�Virus turns mobile phones into spam-sending zombies
MICROSOFT BLOG
Forefront Endpoint Protection 2010 Release Candidate Now Available
Microsoft's Forefront Endpoint Protection 2010 is now available in release candidate form, and will be available in manufacturing form by the end of the year
THE NEW YORK TIMES
U.S. Workers Are On Alert After Breach Of Data
General Services Administration employees have been exposed to identity theft after an employee sent the names and Social Security numbers of all of the agency's 12,000 people to a private e-mail address
TREND MICRO
Latest Adobe Zero-Day Exploit Leads To Trojan Dropper
A new "critical" vulnerability in Adobe Reader and Acrobat lets the attacker execute code remotely on the victim's machine
THE INQUIRER
Zeus The King Of Botnets
Kaspersky Lab's October malware statistic show that Zeus has become one of the most commonly used and best-selling tools on the online black market, and that fake archiving programs are the latest threat
THREAT POST
Researcher Publishes Android Browser Exploit
A researcher with Alert Logic released code that could be used to hack some versions of Google's Android OS
ABUSE
Introducing: SpyEye Tracker
A researcher has released a new tool for ISPs, CERTs, and law enforcement that tracks the new crimeware kit SpyEye, which could become the new super-banking Trojan
SOPHOS NAKED SECURITY BLOG
Hacker Forces Royal Navy To Suspend Website
'TinKode' says he broke into the main website run by the British Royal Navy, www.royalnavy.mod.uk, revealing usernames and passwords of administrators
CHICAGO TRIBUNE
State Department Official Admits Looking At Passport Files For More Than 500 Celebrities
A State Department official confessed to viewing the passport files of more than 500 celebrities without authorization
PC MAGAZINE
'Anonymous' Takes Down Copyright Office Site Via DDoS
Hactivist group against copyright advocates took down the U.S. Copyright Office's website this week, according to TorrentFreak
THE REGISTER
IE Bug Fix Not Included In Light Patch Tuesday
Microsoft Patch Tuesday for November includes fixes for 11 security vulnerabilities--including a patch for a critical Office vulnerability--but no patch yet for the new IE zero-day bug
ADOBE PRODUCT SECURITY RESPONSE TEAM BLOG
Potential Issue In Adobe Reader
A proof-of-concept posted on Full Disclosure demonstrating a denial-of-service against Reader is being investigated by Adobe
NETWORK WORLD
Financial Services Firms Expand Online Fraud Defense
A look at how some banks are hunkering down in the face of increased security challenges and Trojan attacks
HELP NET SECURITY
Myanmar Cut Off The Internet Ahead Of Elections
Myanmar, formerly known as Burma, was hit with a major DDoS attack that started last last month and crippled most network traffic in and out of the country
IT NEWS
U.S. Military Ready For War In Cyberspace
New U.S. Cyber Command, tasked with protecting 15,000 military computer networks from intruders, is now fully operational, the Defense Department says
BLOOMBERG NEWS
Bank Of America, Citigroup Said To Test IPhone For Mobile E-Mail
Bank of America and Citigroup are testing software that would let employees use the iPhone rather than the BlackBerry for corporate e-mail
SOPHOS NAKED SECURITY BLOG
Two Suspected Zbot Mules Arrested In Wisconsin
Two 21-year-olds, both originally from Moldova, were arrested in Wisconsin for alleged bank fraud as part of the Zbot gang's activities
MICROSOFT
Vulnerability In Internet Explorer Could Allow Remote Code Execution
Software giant offers workarounds until a full patch can be rolled out
YAHOO!
Europe Tests Cyber Defenses Against Hackers
First cross-continental cyber simulation tests the defenses of 30 European countries
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3744
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.
CVE-2013-3743
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CVE-2013-2473
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, and CVE-2013-2472.
CVE-2013-2472
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, and CVE-2013-2473.
CVE-2013-2471
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2472, and CVE-2013-2473.