Best Of Web
Best Of The Web
NEXTGOV
Researcher Reveals GPS Vulnerabilities
GPS timing signals that control the base stations in some cellular networks and other gadgets are vulnerable to spoofing attacks, according to a University of Texas researcher
TECHDIRT
Court Rejects Probation Rules On Teen That Ban Him From Using Social Networks Or Instant Messaging Programs
Teenager who had received a stolen motorcycle was given probation as well as restrictions on computer usage--including using encryption
VERIZON POLICY BLOG
A Proposal For Model Cyber Security, Part I
Government should use its buying power to force vendors to provide best-of-breed security features, which can make these tools available sooner and at a lower cost
SOPHOS BLOG
IPv6 And Cybercrime -- What's The Story?
A better, faster infrastructure with IPv6 could increase exposure to cybercrimine, but also provides opportunity to build security and privacy
ADOBE PRODUCT SECURITY INCIDENT RESPONSE TEAM BLOG
New Critical Zero-Day Found In Shockwave Player
Adobe has issued a security advisory warning of a critical flaw in in Adobe Shockwave Player 11.5.8.612 and earlier versions on the Windows and Macintosh that can crash the app and let an attacker take over the victim's machine
FOX NEWS
Feds Slow In Protecting Computer Networks From Cyberthreats, Study Says
GAO report says agencies have much work to do in order to catch up
CYBER SECURITY FORUM INITIATIVE
CSFI Report: Stuxnet
Cyber Security Forum releases 15-minute video explaining Stuxnet and its implications for cyberwar
SEARCH SECURITY
Rogue Antivirus Spoofs Firefox, Google Attack Warning Pages
Scam attempts to trick users with a phony browser update
HOST EXPLOIT
ITU Estimates That 2 Billion People Will Be Online By End Of 2010
Record numbers of end users will be on the Web, study says
IT PRO PORTAL
Italy Is Main Source Of Mobile Cyberattacks, Says Akamai
One-quarter of all mobile attacks detected in Q2 came from Italy, report says
WARNER ROBINS PATRIOT
Local Man Arrested For Breach Of Houston Medical Center Database
Police believe young man hacked the system in order to impress potential employers
BLOGGING WINDOWS
Celebrating Windows At One Year
After selling more than 240 million licenses, Microsoft calls Windows 7 "the best-selling OS in history"
PC WORLD
Facebook Sues Over Free Gift Card, "Dislike" Button Scams
Social networking site gets tough with fraudsters in court
US CERT
Mozilla Releases Firefox 3.6.11
Mozilla Foundation fixed multiple vulnerabilities in Firefox with this new update, including ones that let an attacker to execute arbitrary code, obtain sensitive information, or cause a denial-of-service
THREAT POST
The Inside Story Of SQL Slammer
David Litchfield, who discovered the SQL Slammer bug and wrote an exploit code that was later used by the attackers who used that code as part of the SQL Slammer worm, gives the lowdown on the real story
BKIS BLOG
Posing As Stuxnet Removal Tool To 'Remove' Hard Disk's Data
A fraudulent tool is spreading that claims to remove Stuxnet but instead cleans off a victim's entire C drive
TECH NEWS WORLD
Time To Dust Off That Breach Disclosure Plan
As risks change, planning for breaches must also change and be updated to address the newest threats and exposures
PANDA LABS BLOG
Rogueware Targets Russians With Pay Via SMS Scam
A new Russian-language Fake AV site claims to protect computers and social networking profiles against spam, phishing, viruses, and hacking attempts
PCWORLD
IBM Uses 'Virtual Doorman' To Lock Down Cloud Computing
IBM has developed a new rootkit-detection system for virtualized data centers that finds malware when it lands on any VMs
NETWORK WORLD
New Rules For Employees' Mobile Device Privacy
The recent Supreme Court decision on how CIOs must approach data privacy when managing company-provided mobile devices raises new issues for how to handle employee mobile device privacy
CHOSUN
N.Korean Hackers 'Snooping Around G20 Summit Venue'
Government officials in Seoul say North Korean hackers are trying to gather information about water supply and drainage systems, pathways of toxic materials, and traffic control near the venue of the G20 Summit in Seoul
ESECURITY PLANET
Top Ten Ways To Avoid An Evil Twin Attack
A look at the symptoms of an evil twin attack -- and how to avoid falling for it
SC MAGAZINE
Hackers Waiting For IP Addresses To Run Out
Plan is to pounce on IPv6, security experts warn
IT WEB
Britain Threatened By Cyberattacks
Online threats are a top priority as country develops plans for defense cuts
COMPUTING.CO.UK
Reports Warn Of Rise In Cyber Threats
Midsize companies face as many dangers as large companies, McAfee study says
COUNTERMEASURES
Kaspersky Download Site Hacked To Spread Fake AV
Breach exploited a third-party application used for site administration, security firm says
IT PRO PORTAL
U.S. Looking To Implement Australian Cybersecurity Model
System allows ISPs to warn users when their PCs have been infected -- and limits access for those who don't fix the problem
OFFICIAL GOOGLE ENTERPRISE BLOG
Virus Volume Skyrocketed 241 Percent In August, Postini Says
Researchers at Google's email security unit call it the greatest recorded surge in viral activity since 2008
YAHOO!
Finnish Firm Finds Hard-To-Detect Online Attacks
"Advanced Evasion Techniques" are a threat to enterprises, Stonesoft says
ADOBE BLOG
Adobe Rolls Out Reader X With 'Sandboxing' Security
Reader X will be available for download next month and includes Protected Mode for safer viewing of PDF files
VALLEY WAG
World's Most Considerate Computer Thief Backs Up Victim's Data, Mails It To Him
A Swedish professor whose computer was stolen received a USB drive in the mail with a backup of data from his pilfered computer
MICROSOFT TECHNET BLOG
An Early Look At The Impact Of MSRT On Zbot
Since adding Zbot detection to the MSRT on Tuesday, Microsoft says it has removed Zbot 281,491 times from 274,873 computers
GOOGLE ONLINE SECURITY BLOGSPOT
Protecting Your Data In The Cloud
Google has released a checklist for users to protect themselves online that includes tips on password-changing and checking Google Accounts regularly
WALL STREET JOURNAL ONLINE
Al Qaeda, Cyber Attacks Top U.K. Security Threats
British authorities say Al Qaeda remains the most "potent threat" to the U.K., followed by cyberattacks by another country, terrorists, or organized crime
COMPUTERWORLD
Zeus Botnet Gang Targets Charles Schwab Accounts
Researchers at Fortinet say a new wave of phony LinkedIn reminders contain malicious links that infect victims with the Zeus Trojan and steal money from Charles Schwab investment accounts
THREAT POST
CERT Issues Advisory On RealPlayer Holes
Many of these vulnerabilities let attackers run malicious code on systems running vulnerable versions of RealPlayer with or without user interaction, using specially crafted media files or by duping users into clicking on malicious URLs
THE MIAMI HERALD
Someone Hacks Into Fla. University Computer System
Authorities believe an overseas attacker has stolen the personal information of nearly 107,000 students from the University of North Florida
US CERT
RIM Releases Security Advisory For BlackBerry Enterprise Server
Advisory addresses a vulnerability in the PDF distiller of the BlackBerry attachment service for the BlackBerry Enterprise Server
GOOGLE SECURITY BLOGSPOT
Phishing URLs And XML Notifications
Google has added phishing URLs to its notification messages for network administrators
THREAT POST
New Malware Murofet Following Conficker's Lead
Murofet is using some of Conficker's techniques, including generating thousands of new domains for updates every day
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2012-4697
TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session.
CVE-2011-4520
Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4519
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4518
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2012-6563
engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.