Best Of Web
Best Of The Web
SYMANTEC
October State Of Spam And Phishing Report
Spam comprised 89.40 percent of all messages in September, compared with 92.51 percent in August, a new report from Symantec shows
ZDNET
Chertoff Advocates Cyber Cold War
Former DHS secretary Michael Chertoff says governments should formulate a doctrine to stave off cyberattacks similar to the Cold War-era principle of nuclear deterrence
FOX NEWS
Federal Agents Urged To 'Friend' People On Social Networks, Memo Reveals
A government memo obtained by a privacy watchdog shows federal agents encouraged to 'friend' people on social networks in order to spy on them
OFFICE OF INADEQUATE SECURITY
Citibank Employee Stole Customers' Credit Card Numbers As Part Of 3-Woman Fraud Ring
A New York woman has been sentenced to 30 months in prison for identity theft and bank fraud to the tune of $1 million
YAHOO NEWS
Hackers In China Steal S.Korean Secrets
Seoul intelligence officials said hackers in China have stolen secrets on South Korea's defense and foreign affairs by using bogus emails claiming to come from Seoul officials and diplomats
COMPUTERWORLD
Update: School District Settles Webcam Spying Suit For $610,000
Lower Merion schools agree to pay after students' onboard cameras are used against them
PC WORLD
Human Error Gave Spammers Keys To Microsoft Systems
Software giant says people were to blame in hacks of two computers
ATM MARKETPLACE
Top Five Debit/Credit Card Skimming Attacks
Skimming alone costs businesses $350,000 daily, research says
THE NEW NEW INTERNET
Credit Card Crime Up As Unemployment Climbs
Poor economy, increasing ingenuity of fraudsters are both partly to blame, study says
PC WORLD
Think Your Twitter DM Is Private? Think Again
Any app that has been approved to access your Twitter account can also "see" private messages
TREND LABS
Black Hat "Search Engine Optimization" In Social Bookmarking Sites
Popular sites, such as Digg and Reddit, could be used to redirect traffic, researchers say
eWEEK
Hackers Increasingly Targeting Midsize Organizations
Attacks on the midsize are up, but security spending isn't, McAfee study says
MIRROR
Home Wi-Fi Networks Can Be Hacked In Less Than Five Seconds
Almost half of households are at risk, study says
GLOBAL SECURITY NEWSWIRE
Iran Detains Five On Spying Allegations
Iran says it has five individuals in custody for allegedly engaging in espionage on behalf of the nation's "enemies"
SOFTPEDIA
Multiple Vulnerabilities Addressed In Opera 10.63
New version of Opera browser addresses several same-origin policy issues that can lead to cross-site scripting attacks and data theft
COMPUTING
Security Language Barrier Exposes Business To Risk
A report presented today at the RSA Conference in London written by PricewaterhouseCoopers and (ISC)2 warns of the dangers to business if IT, security, and business managers fail to articulate their needs in language that they all understand
SPERO FORUM
Michigan Researchers Hack Washington DC Computer Voting System
University of Michigan researchers hacked into a test version of an Internet-based absentee voting system in Washington, D.C.
SECURITY WEEK
IT Salary Guide Shows Increase In Salaries For IT Security Professionals
Security pros in the U.S. will see higher salaries, anywhere from 3.5 to 5.2 percent, next year, according to a new report
COMPUTERWORLD
To Thwart Keyloggers, Facebook Introduces One-Time Passwords
Facebook will offer temporary passwords via users' mobile phones for when they log onto the network from public or other computers
THE GUARDIAN
50 Percent Of Second-Hand Mobile Phones Contain Personal Data
An experiment gathering a sample of phones sold on eBay found that more than half contained personal messages or photos, and more than 60 percent had phone numbers left on a call log
BKIS BLOG
Sophisticated Trick Impersonating YouTube To Spread Malware
Malicious link takes victims to a phony but convincing YouTube that requires the download and installation of "Adobe Flash Player," which is actually Autoit malware in disguise
MICROSOFT
Microsoft Issues 16 Patches In Big Patch Tuesday
Only four of the patches are rated "critical," software giant says
CRN
OmniQuad Rapped For Data Breach
Managed security services firm blasted by privacy watchdog after customer details leaked online
HEALTH INFO SECURITY
FTC: No Major Personal Health Record Breaches So Far
One year after the breach notification requirement took effect, no big breaches have been reported
SC MAGAZINE
Warning: Five Phone Scams To Avoid
A look at the latest "vishing" efforts, and how to hang up on them
CIO
Multi-Biometric IDs: Dream or Reality?
India's planned ID system tests the limits of practical biometrics
THE ECONOMIST
Biometrics: The Difference Engine: Dubious Security
Despite perceptions, biometric technology has never been foolproof
GLOBALPOST
Ukraine: Tracking Down The Hackers
Law enforcement closes in on one group of cybercriminals, but more work away
OFFICE OF INADEQUATE SECURITY
University Of Oklahoma Neurology Clinic Notifies Almost 20,000 Of Security Breach
Virus may have compromised records, officials say
THE WASHINGTON POST
Iran Acknowledges Espionage At Nuclear Facilities
Iran says some personnel at its nuclear facilities were lured by promises of money to pass secrets to the West
THE TECH HERALD
Radical Microsoft Wants To Quarantine Your Virus-Addled Computer
Scott Charney, corporate vice president of Microsoft's computing team, says infected PCs should have their Internet connection "throttled" and placed in quarantine until they are clean and get an official clean bill of health
NEW DELHI NEWS
India To Build Cyber Attack-Proof Operating System
The Defence Research and Development Organisation is creating a secure OS based on Windows that contains proprietary, secret source code to better protect systems and data
THREAT POST
Oracle Plans Monster Patch Tuesday Release
Oracle will patch 81 vulnerabilities, some serious enough to be remotely exploitable without authentication
CHINA TECH NEWS
Chinese Agency Warns Of Computer Virus
China's National Computer Virus Emergency Response Center says energy, traffic, and water agencies should beef up protection against Stuxnet
THE DAILY TARHEEL
Researcher Yankaskas Appeals Pay Cut, Demotion
A UNC researcher says the university is using her as a scapegoat for a security breach that exposed personal information of about 180,000 subject and patient mammography records
THE GLOBAL POST
Ukraine: Tracking Down The Hackers
Ukrainian authorities deny their country or region is a hotbed for cybercrime, despite security experts' claims to the contrary
THE REGISTER
Malware Forces Firefox To Save Passwords
Webroot has discovered malware that saves passwords even if Firefox users do not
COMPUTER BUSINESS REVIEW
AT&T Launches Carrier-Provided Two-Factor Authentication Service
Encrypted Mobile Voice offers new options for wireless security
BLUE COAT
Triple Clickjack Attack On Facebook
"Five things every girl does before she meets her boyfriend" message could lead to malware, researchers warn
SILICON REPUBLIC
World's "Sexiest Hacker" May Not Be A Hacker
Caught up in recent FBI arrests and hailed on the Web, young woman may have been a mule, experts say
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
- HP Newsletter with Gartner Research: Maximizing Your Infrastructure through Virtualization
- Understanding Holistic Database Security 8 Steps to Successfully Securing Enterprise Data Sources
- A How-To Guide on Using Cloud Services for Security-Rich Data Backup
- Holistic Risk Management: Perspectives from IT Professionals
- Aligning IT with strategic business goals: A proactive approach to managing IT risk to your business
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2012-4697
TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session.
CVE-2011-4520
Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4519
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4518
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2012-6563
engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.