Best Of Web
Best Of The Web
UPI.COM
Top Cyberthreats Outlined In Report
Georgia Tech report identifies physical security, botnets, mobile devices, and social networking as key threats
COMPUTERWORLD UK
Media Sites Target Of Politically Motivated DDoS Attacks
Attacks may reflect rage of readers who want to make political statements, observers say
KANSAS CITY.COM
New "Un-Hackable" System, (c2), Promises To Provide Solution For U.S. Cyber Command
Hun Technology promises "permanent" solution that doesn't rely on encryption
MOSCOW TIMES
Schools Spawning A Breed Of Hackers
In Russia, more university graduates turning to cybercrime
THE REGISTER
Feds Asked To Probe Google's Leaky Search Terms
FTC considers a complaint that Google conceals its practice of handing over users' search terms to the sites they visit
VOLTAGE
Security Professionals: A Personality Profile
Myers-Briggs testing of IT security pros might offer a clue about why they're not winning in the fight with the bad guys
BBC NEWS
Man Jailed Over Password Refusal
Teenager has been in jail more than 16 weeks after refusing to let police into his computer
SECURITY ORB
Webcams And Your Privacy
Video shows how hackers pose a threat to users with webcams
HELP NET SECURITY
Web Voting Option Suspended Due To System Flaw
Researchers expose vulnerabilities in D.C. voting system that could be exploited by attackers
FINEXTRA
UK Card Fraud Losses At Ten-Year Low
Online banking also sees a dip in financial losses, research says
HELP NET SECURITY
Security Updates For Adobe Reader And Acrobat
Critical vulnerabilities identified in popular software products; patches issued
BOSTON.COM
Akamai Employee Charged With Trying To Sell Secrets To A Foreign Government
Worker for Internet services company made 60 drops of sensitive data to undercover FBI agents
TURKISH PRESS
The Stuxnet Attack, And Its Mystery
As technical details of the exploit become public, motivations behind it become harder to divine
CNEWS
Facebook Spammer Fined $1 Billion
Montreal man is accused of sending more than 4 million messages to Facebook users during a two-month period
HOST EXPLOIT
The Top 50 Bad Hosts And Networks For Q3
Some hosts improving, but malicious activity is still a problem
THE TECH HERALD
Microsoft Proposes A Cyber CDC To Address Web Threats
Charney proposes quarantines of infected devices on Web
INTERNET EVOLUTION
War On Cybercrime Logs Three Victories
Law enforcement agencies across the globe crack down on Zeus-driven scams
BANK INFO SECURITY
Vishing: The Crooks Are Getting Better
Voice-based phishing attacks becoming more sophisticated -- and more effective
SOFTPEDIA
HTML Attachment Spam Exploded In Recent Months
HTML attachments accounted for between 2 and 8 percent of all spam in the past four months, Sophos says
HELP NET SECURITY
The Rise Of Crimeware
CA study identifies more than 400 new families of threats
ARS TECHNICA
ISPs Begin Fighting IP Lookup Requests In The Wake Of Data Leak
Anti-P2P law firm published ISP customer names, matched up with the names of pornographic films they had downloaded
FBI
Former Employee Of Fannie Mae Contractor Convicted Of Attempting To Destroy Data
Contractor faces up to 10 years in prison for transmitting malicious script
FEDERAL NEWS RADIO
Cyber Command Misses Operational Deadline
Department of Defense blames Senate for holding up appointment of new chief
DEMOCRATIC VOICE OF BURMA
Burmese Media Decries Ongoing Cyberattacks
Exiled media representatives say attacks are being launched by Burmese junta
NETWORK WORLD
October Is National Cybersecurity Awareness Month
If a special month falls on the calendar and nobody observes it, does it still make a noise?
UK PRESS ASSOCIATION
Cybercrime Gangs "On The Increase"
The modern Tony-Soprano-style crime lord will have a cyber boss, law enforcement official says
NEW YORK TIMES
A Code For Chaos
Stuxnet's spread raises questions about the danger of the threat -- and the likelihood of cyberwar
THREATPOST
Rethinking Stuxnet
Is the sophisticated malware overhyped or underappreciated?
GOVERNMENT COMPUTER NEWS
Council Of Foreign Relations Says U.S. Should Assert Itself On The Internet
As international bodies struggle for consensus, the U.S. has been largely silent, report argues
NEW YORK TIMES
Iran Says It Arrested Computer Worm Suspects
Damaging worm infected computers in country's nuclear program
CSO ONLINE
BlackBerry Backup Encryption Broken By Russians
Company claims it has broken the password protection that secures backups on popular handheld
PC WORLD
Despite Busts, Zeus Trojan Still Threatens
Even after widespread arrests, popular toolkit is still doing damage
CBS NEW YORK
Hackers Steal $600,000 From Jersey Shore Town's Bank Account
Multiple wire transfers may have been the result of a virus or fake Web page, authorities say
THE POST.IE
In Ireland, Company Directors To Be Held Liable For Cybercrimes
Top executives may fall if their companies fail to provide sufficient security
SC MAGAZINE
Education Sector Most Affected By Malware
Nearly half of all malware infections hit schools and universities, study says
HOMELAND SECURITY NEWS WIRE
Exploring The Effectiveness Of Supply Chain Security
Study attempts to measure the impact of security factors in supply chains
KREBS ON SECURITY
Comcast Pushes Bot Alert Program Nationwide
Service provider is warning customers when it finds infections on their PCs
CHINA POST
Stuxnet 'Cyber Superweapon' Infects Millions Of PCs In China
The Stuxnet worm has infected more than 6 million individual accounts and nearly 1,000 corporate accounts in China, the official Xinhua news agency reported
ZDNET BLOG
Facebook Offers Peek At Incoming Malware Attacks
The gang behind the Koobface malware attacks on social networks made around $35,000 a week, or $1.8 million a year, in 2009, Facebook security researcher Nick Bilogorskiy says
V3
Stuxnet Worm Could Have Been Inside Job
Graham Cluley, senior technology consultant at Sophos, says the worm may have been written by someone with detailed knowledge of Siemens' computer systems -- possibly a current or former employee
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-1612
Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2013-2866
The Flash plug-in in Google Chrome before 27.0.1453.116 does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
CVE-2013-2969
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
CVE-2013-2968
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
CVE-2013-4622 (droid_incredible)
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.