Best Of Web
Best Of The Web
BELFAST TELEGRAPH
Google Boss Eric Schmidt's Warning Over Online Privacy
Google CEO Eric Schmidt said with the amount of personal data people leave on the Internet, many will be forced one day to change their names in order to escape their cyberpast
HB GARY
FGET v1.0 Goes Live
HBGary releases a free forensics tool that gathers forensically sound files from remote Windows machines
SYMANTEC BLOG
Targeted Scam Threatening DDOS Attacks
New spam campaign claims to be a hacker owning a huge network capable of a DDOS attack, and threatens users that their websites will be brought down if they don't pay $200
THE REGISTER
Malware Protection For The Rest Of Us
Home users and SMBs don't have much access to DNS blacklist information
SOPHOS BLOG
New Facebook Clickjacking Worm
A new form of clickjacking tricks users into using the Facebook "Share" feature without their knowing they did
SMH.COM
Twitter Hacker Cancels Guns N' Roses Tour
Axl Rose's Twitter page was hacked by someone who announced that the upcoming Guns N' Roses tour had been cancelled
NETWORK WORLD
Hacked Smartphones Pose Military Threat
Compromised smartphones could endanger troops by sending location data to the enemy using mechanisms similar to those employed by recently discovered Android malware, experts say
THREAT POST
New Firefox iFrame Bug Bypasses URL Protections
Newly found bug in Mozilla's Firefox browser could be used to lure user to hand over login credentials for a website by using an obfuscated URL
SUASNEWS
Wi-Fi Aerial Surveillance Platform, WASP Drone
A group of hackers has created an airborne platform designed to sniff out WiFi networks
SILICON.COM
Oracle Shutters OpenSolaris
Five years after Sun Microsystems tried to rejuvenate Solaris by attracting outside programming involvement, Oracle apparently is scrapping OpenSolaris project
INFORMIT
Software Security Crosses the Threshold
Software security is a much bigger issue than Web application security alone, and this will be another big year for software security
GOOGLE NEWS
New Victim In India-Pakistan 'Cyberwar'
A group calling itself the Pakistan Cyber Army said it hacked into the website of independent Indian MP Vijay Mallya, who is head of Kingfisher Airlines and the Force One Formula One racing team
THE REGISTER
Short Passwords 'Hopelessly Inadequate,' Say Boffin
Password-cracking tools using powerful graphics processors crack passwords of less than seven characters -- Georgia Tech researchers recommend passwords of at least 12 characters
INFOSECURITY
Many Anti-Virus Products Fail Vista Security Test
One-third of anti-malware products don't secure Microsoft's Windows Vista Business Edition, according to security research company Virus Bulletin
SOPHOS BLOG
Facebook Dislike Button Scam Spreads Virally
Latest survey scam spreading across Facebook lures users to "Dislike" button and app
FEDERAL COMPUTER WEEK
VA Data Breach Reports Available Online
The Department of Veterans Affairs is now publishing monthly online accounts of its data breaches, lost BlackBerry devices, and laptop computers as part of its open government program
COMPUTERWORLD
Update: Apple Exec Charged With Taking $1 Million In Kickbacks
An Apple global supply manager was arrested for accepting kickbacks from Asian suppliers of iPhone and iPod accessories
SUBELSKY BLOG
Why You Might Not Want That Cybersecurity Job
Insights on what government cybersecurity jobs entail, such as how in classified positions you're heavily restricted in the types of technologies you can use
ENTERPRISE NETWORKING PLANET
Understanding The Russian Hacker Underground
Research finds that many of these organizations are mostly unprofessional groups and geeks, not gangsters
AV-TEST.ORG
AV-Test Product Review and Certification Report - 2010/Q2
Second quarter 2010 test of 19 security products for protection, repair, and usability resulted in 13 products getting an AV-Test certificate, and four not
H ONLINE
RIM Offers Indian Government Surveillance Tools
Research in Motion has offered the Indian government with information and a number of tools for monitoring email and text messages sent using BlackBerry mobile device
SUCURI
Pharma Hack And Their Command And Control Server
A look at the infamous Pharma Hack and how to fix it
TOWN HALL
FAA Computers Still Vulnerable To Cyberattack
Department of Transportation's Inspector General says systems not being upgraded quickly enough
ABC NEWS
India To Shut Blackberry If Security Not Addressed
Indian government objects to sealed email and messaging services
EWEEK
Smartphone Security Vulnerable To Touch-Screen Smudges, Researchers Report
Smudges from fingers could help reveal passwords, university study finds
IT SECURITY PORTAL
The Security Message About Encryption Is Finally Getting Through
Survey indicates that even small businesses are making strides in encrypting data
FLEET OWNER
Cyberwar And You
A look at the government's approach to cyberwar -- and how it might affect your organization
V3.CO.UK
Virus Bulletin Fails 35 Percent Of Security Suites On Vista
One-third of software systems fail under pressure; many return high numbers of false positives
THE REGISTER
Facebook Bug Spills Name And Pic For All 500 Million Users
Flaw in login system allows attackers to match unknown email addresses with first and last names
SOPHOS
Jailbreak Me: Apple Issues Emergency iPhone/iPad Patch
Patch closes the door on vuln first exposed on JailbreakMe.com
REUTERS
RIM To Share Some Blackberry Codes With Saudis
Code would let Saudi authorities monitor handheld devices, source says
SYMANTEC
Health Category Spam Increases By 13 Percent
Phishing numbers are down overall, according to latest Symantec spam and phishing report
TECH REPUBLIC
Hiring Hackers: The Good, The Bad, And The Ugly
A look at the arguments for and against hiring ethical hackers to test your defenses
GOVERNMENT INFO SECURITY
Social Media Policy: The Six Essentials
Key strategies for protecting the enterprise from dangers presented by social media use in the workplace
SEARCH SECURITY
McAfee: New Computer Virus Threats Reach All-Time High
Amount of malware in the wild has never been higher, study says
IT WORLD
Workarounds: Five Ways Employees Try To Access Restricted Sites
A short list of popular methods for working around company security policies
TG DAILY
Saudi Arabia Lifts Ban On BlackBerry, Details Uncertain
After a ban on BlackBerry service throughout Saudi Arabia, RIM apparently cooperated with state leaders
MASHABLE
South Korean Police Raid Google Offices Over Privacy Concerns
Google Korea's offices were raided today by local police as part of an investigation into Google's Street View data-collection
IT WIRE
SMS Trojan Steals From Android Owners
A Trojan posing as a media player for Android smartphones automatically sends text messages to premium rate numbers, according to Kaspersky Lab
COMPUTERWORLD
Registry Hack Allows Windows XP SP2 Patching
Users on the Windows XP Service Pack 2 can trick the operating system into installing security updates, says a researcher from F-Secure
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
- Strategy: Building and Maintaining Database Access Control Permissions
- Best Practices: Using Apple's Global Proxy to Boost Mobile Security
- InformationWeek 2013 IT Spending Priorities Survey
- Take the InformationWeek 2013 Database Technology Survey
- Strategy: How to Conduct an Effective IT Security Risk Assessment
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2012-6563
engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.
CVE-2012-6562
engine/lib/users.php in Elgg before 1.8.5 does not properly specify permissions for the useradd action, which allows remote attackers to create arbitrary accounts.
CVE-2012-6561
Cross-site scripting (XSS) vulnerability in engine/lib/views.php in Elgg before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the view parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2012-6560
SQL injection vulnerability in deviceadd.php in FreeNAC 3.02 allows remote attackers to execute arbitrary SQL commands via the status parameter.
CVE-2012-6559
Multiple cross-site scripting (XSS) vulnerabilities in FreeNAC 3.02 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) mac, (3) graphtype, (4) name, or (5) type parameter to stats.php; or (6) comment parameter to deviceadd.php.