Best Of Web
Best Of The Web
COMPUTERWORLD
Browsers' Private Modes Leak Info, Say Researchers
The private browsing mode actually leaves traces that can reveal some of the websites a user has visited
SC MAGAZINE
Claims That Anti-Virus Detections Are Inadequate Are Dismissed By Vendors
Most popular antivirus products detect less than 19 percent of malware threats, according to a report Cyveillance
UPI
Comcast Hacker Gets 4 Months From Judge
A federal judge has sentenced James Black, 20, to four months' detention and $128,000 in damages due to Comcast for damages caused by a 2008 hacker intrusion
ARS TECHNICA
Cars Hacked Through Wireless Tire Sensors
Tire-pressure monitors built into late-model cars can be abused to track vehicles or feed bad data into the electronic control units, according to researchers
NETWORK WORLD
Recipients Not The Only Victims Of Spammers
Some senders have been ripped off as well, researchers say
HOSPITALITY TECHNOLOGY
Outsmart Hospitality Hackers
Hospitality industry is one of the most targeted industries, study says; here's what to do about it
MICROSOFT
Microsoft Issues 15 Patches On Huge Patch Tuesday
Eight vulnerabilities ranked as "critical," software giant says
GOVERNMENT INFO SECURITY
A Call For Tougher InfoSec Certifications
Are security professionals getting the right training? One expert raises some questions
THE REGISTER
Germany Bans Blackberrys And iPhones On Snooping Fears
German government reports "dramatic increase" in attacks
SOPHOS
Anaconda Coughs Up A Hippo? It's A Facebook Scam, Actually
Promise of queasy video could lead to some queasy PCs, researchers say
SEARCH SECURITY
Fake Antivirus Pop-Up Scams: Forming A Security Awareness Plan
Why does scareware work so well? A look at how it works and how to respond
ADOBE
Out-Of-Band Security Updates For Adobe Reader And Acrobat
Critical security issues raised at Black Hat to be repaired, company says
DOMAINB
WorldPay Hacker Extradited To U.S. By Estonia
One of the alleged attackers who hacked into Royal Bank of Scotland's WorldPay in Atlanta and stole $9.4 million in a 12-hour period was extradited to the U.S. to face trial
EWEEK
Malware Stealing Digital Certificates Raises Security Concerns
Two recent examples of malware utilizing digital signatures belonging to legitimate companies put spotlight on the question of what to do about it
SC MAGAZINE
Microsoft And Adobe Ready Patches For Tomorrow, As Administrators Prepare For A Busy Day
Microsoft will release 14 bulletins to address 34 vulnerabilities, while Adobe patch vulnerabilities in its Reader and Acrobat
HELP NET SECURITY
Top 5 Undiscovered Vulnerabilities Found On Enterprise Networks
Network segments not properly monitored or protected by an IPS/IDS, vulnerability management tools inadvertently only scanning subsets of networks among mistakes
INFO SECURITY
Webroot Spots Its Own IT Security Software Being Tapped For Drive-By Downloads
Webroot finds own products being used as subscription lures in spammed messages that lead to website that performs drive-by downloads
FEDERAL COMPUTER WEEK
DHS Wants More Teams That Respond To Cyber Threats
The Department of Homeland Security has formed small teams of experts to respond to cyber threats against industrial control systems in facilities such as factories and power plants
FAIRWARNING.ORG
Flaws Plague Electronic Patient Records, Analysis Finds
The $27 billion push for every patient to have a digital record file by 2014 does not address safeguards to prevent, report, and fix electronic glitches that might put patients at risk, according to The Huffington Post Investigative Fund reports
CNET
RIM To Let Saudis Monitor Blackberry Data
Under a preliminary agreement, Research In Motion will let the government of Saudi Arabia access BlackBerry users' messages to avoid a ban on the device in the country
ZDNET
Met Police: UK Botnet Command Server Taken Out
Server, which ran as many as 100,000 Zeus 2.0 nodes, is no longer a threat, according to police
THE REGISTER
Private Browsing Modes In Four Biggest Browsers Often Fail
Research paper says private settings could lull users into a false sense of security
HELP NET SECURITY
Six Arrested For Compromising 10,000 Online Bank Accounts
Group is suspected of conducting a major online phishing network
WINDOWS IT PRO
DEFCON Redux Or Hacking The Gender Gap
Hackers' grandest ball was missing a key portion of the population, observer says
REUTERS
BlackBerry's Armor Has Cracks, Security Experts Say
RIM refuses to give government access to its network, but authorities could probably crack it anyway
V3.CO.UK
Employee Misuse Taking Up A Quarter Of Bandwidth
Workers hogging the pipeline, says Symantec/MessageLabs report
HOMELAND SECURITY NEWS WIRE
Criminals, Spies Dominate Cyberworld, With Little To Deter Them
Top federal security officials say many businesses still have little grasp of the threat
COMPUTERWORLD
Hackers Find A New Target In Payroll Processing
Attempted hack points to a new entry point for the bad guys
MICROSOFT
Microsoft To Issue 14 Security Updates On Huge Patch Tuesday
Eight of the patches are considered "critical," software giant says
ADOBE
Out-Of-Band Security Patch Issued For Adobe Reader And Acrobat
Patch resolves "critical" security issues, company says
THREATPOST
Two Unpatched Flaws Show Up In Apple iOS
"Jailbreak" hack takes advantage of two separate, previously unknown vulnerabilities
COMPUTERWORLD
Fighting Today's Malware
If malware were biological, the world would be fighting the worst pandemic in history
TRENDLABS MALWARE BLOG
Certificate Snatching: Zeus Copies Kaspersky's Digital Signature
Fraudulent certificate appears to come from legitimate security vendor
NETWORK WORLD
Stuxnet Industrial Worm Was Written Over A Year Ago
First confirmed attacks were in January 2010, Symantec says
PANDA LABS BLOG
Clickjacking Attack Targeting Shark Week
Top Twitter topic drives new exploits, researchers say
MALWARE CITY
Microsoft Sticks To Plan, Denies Emergency Patch For XP SP2
Some had hoped software giant would bend rules to fix critical flaw
THREAT POST
Stuxnet Attack Shows Signs of Nation-State Involvement, Experts Say
Virus analysts say Stuxnet is sophisticated attack and likely tied to nation-state attackers
CNN
Experts: BlackBerry Ban Could Affect Privacy Everywhere
Smartphone users in countries all over the world could lose some privacy if threats and promises by foreign nations to shut down BlackBerry services goes through, analysts say
COMPUTERWORLD
Police Nab Six In UK Online Banking Fraud Sting
Suspects allegedly ran a phishing operation that stole $569,000 and compromised more than 20,000 bank accounts and credit cards
THE NEW NEW INTERNET
Researchers Claim Unbreakable Cryptography
A group of researchers say they have created a way to encrypt messages so a user must be in a specific geolocation to unlock them
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3496 (vipnet_client, vipnet_coordinator, vipnet_personal_firewall, vipnet_safedisk)
Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone: Full Control) for a folder under %PROGRAMFILES%\Infotecs, which allows local users to gain privileges via a Trojan horse (1) executable file or (2) DLL file.
CVE-2013-2849 (chrome)
Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.
CVE-2013-2848 (chrome)
The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors.
CVE-2013-2847 (chrome)
Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2013-2846 (chrome)
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840.