Best Of Web
Best Of The Web
CRN AUSTRALIA
Australian ISP Whirlpool Brought Down By DDoS Attack
ISP is blocked by upstream providers, report says
GOVERNMENT INFO SECURITY
FAA Criticized For IT Security
Agency is not doing enough to protect the personal and medical data of 3 million airmen it certifies, study says
WALL STREET JOURNAL
Hacker Worries Persist In iPad Breach
Exposure of obscure ID numbers could be more troubling than exposure of email addresses, experts say
MSNBC
Google To Stop Redirecting Searches From China
Search firm shut portal over censorship, had been redirecting users to Hong Kong site
BANK INFO SECURITY
Financial Services Industry Sees 39 Data Breaches In First Half Of 2010
Industry has already seen more breaches than it saw in all of 2009
ABC NEWS
CIA: Cyber Warfare Could 'Paralyze' U.S.
CIA director Leon Panetta says U.S. is not paying enough attention to cyberwarfare threat
CNET
Police Push To Continue Warrantless Cell Tracking
A law requiring police to obtain a search warrant before tracking Americans' cell phones could hamper criminal investigations and endanger children's lives, a law enforcement rep told Congress
BANK INFOSECURITY
Anti-Fraud Added To Reform Bill
An amendment added to the new banking regulatory reform bill would increase sentences for securities and bank fraud and promote more criminal prosecutions by bringing together regulators, investigators and prosecutors
DASIENT BLOG
More Zeus Via Drive-By, Now Improved With Targeted Phishing Against Banks
Zeus malware increasingly used to distribute targeted phishing kits against the financial sector, including banks such as Citibank and HSBC, researchers say
COMPUTERWORLD
Microsoft Updates IE9 Preview, Beefs Up HTML5 Support
Microsoft has updated its preview of Internet Explorer 9 with support for several HTML5 standards
SYMANTEC BLOG
The King Of Pop Lives On And Spammers Are Paying Attention
With the one-year anniversary of Michael Jackson's death approaching, spammers are already using the anniversary to push phony email and malware
TEXAS TRIBUNE
FBI Investigating Possible DSHS Hacker
The FBI is investigating whether an attacker broke into the state's cancer registry and is holding personal information and medical records hostage
ADOBE
Patch For Reader, Acrobat Tomorrow
Adobe will fix critical security flaws in Adobe Reader 9.3.2 for Windows, Macintosh, and UNIX; Adobe Acrobat 9.3.2 for Windows and Macintosh; and Adobe Reader 8.2.2 and Acrobat 8.2.2 for Windows and Macintosh
HOST EXPLOIT
Millions Of Student Loan Borrowers' Personal Info Compromised
ECMC discloses breach after safe containing backup disks is stolen
EWEEK
Rogue AV Operation On The Phone
New scareware distribution scam takes a page from the telemarketing book
DASIENT
More Zeus Via Drive-By, Now Improved With Targeted Phishing Against Banks
Bot malware now has a second malicious purpose, researchers say
WMBF NEWS
Download Dangers: Social Networking Sometimes Invites In Hackers
Alabama university research shows social networking is a favorite attack vector for cybercriminals
CIO
Senate Panel Approves Controversial Cybersecurity Bill
Legislation would allow president to shut down parts of Internet in the event of a cyberattack
HOST EXPLOIT
Novel Cybersecurity Approach Has Plenty Of Fans -- And Naysayers
Consensus Audit Guidelines (CAG) provide alternate approach for federal government agencies
THE AGE
Cyber-Shelter For Battered Bloggers
Reporters Without Borders provides secure, anonymous environment for bloggers in countries that censor content
CALIFORNIA HEALTHLINE
Anthem Blue Cross Says Security Breach Might Have Affected 230,000
Unauthorized access of personal information by attorneys was brief, healthcare company says
SKY NEWS
Teens Linked To Colossal Cybercrime Network
"Largest international English-speaking cybercrime forum" is target of larger investigation
TECH EYE
Apple, Adobe, IBM, Citrix, And Others Sued Over Software Patent
Twenty-six vendors alleged to have violated broad patent on technology for controlling workstation operations
HOMELAND SECURITY NEWSWIRE
Industry Concerned About DHS Standards On Cybersecurity
Top-down standards process could stifle private-sector innovation, leaders warn
YAHOO!
Internet Authorities Adopt New .Org Security
New measures will help protect .org domains from identity theft, organization says
HEALTHCARE INFO SECURITY
Fraud Fighting: Healthcare Providers Lagging, Expert Says
Healthcare service providers must work to catch up to insurers -- and hackers, expert says
FEDERAL BUREAU OF INVESTIGATION
Orange County Man Suspected Of Hacking Computers Arrested On Federal Charges
Suspect allegedly stole personal information, then demanded sexually explicit videos in return for keeping it secret
ENTERPRISE SECURITY TODAY
Wanted: Young Cyber Experts To Defend The Internet
Federal authorities use cyber competitions to recruit new talent
NETWORK WORLD
Lieberman Cybersecurity Bill Could Change IT Procurement
Comprehensive legislation makes a scapegoat of IT, expert argues
GOVERNMENT COMPUTER NEWS
Billions Expected For Cybersecurity Research
Office of the Director of National Intelligence says big initiative is coming
YAHOO! NEWS
DOJ, FBI To Monitor Foreign Websites For IP Piracy
"Copyright czar" says foreign entities should not be allowed to steal or counterfeit intellectual property
IT BUSINESS
How Cybercrooks Could Cash In On Your Facebook Data
You're sharing more than you think -- and you might be surprised how much your data is worth
OFFICE OF INADEQUATE SECURITY
Sony Customers Notified Of Security Breach
Third-party contractor may have emailed customer data in violation of security policy
SMART COMPANY
ISPs Should Disconnect Spyware-Infected Machines, Parliamentary Report Recommends
Critics say Australian government should not be allowed to tell ISPs what to do
THE BREACH BLOG
Laptop Is Stolen During GXS Merger With Inovis, Results In Breach
Laptop contained databases of employee information, companies say
FLORIDA INTERNATIONAL UNIVERSITY
University To Notify Students And Faculty Regarding Unsecure Database
Data on 19,000 students and faculty may have been exposed, officials say
TMC NET
Homeland Security Issues IT Network Updates
DHS responds to criticism of US-CERT earlier this week
PR LOG
Top Ten Website Application Vulnerabilities
OWASP issues guidance on how to respond to each type of flaw
THE REGISTER
Apple Accused Of Hushing Up Security Update Hushing
Apple may have made a security update to its OS without telling anyone, sources say
SOFTPEDIA
Lenovo Support Website Infects Visitors With Trojan
Malicious iFrame loads exploit cocktail
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3496 (vipnet_client, vipnet_coordinator, vipnet_personal_firewall, vipnet_safedisk)
Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone: Full Control) for a folder under %PROGRAMFILES%\Infotecs, which allows local users to gain privileges via a Trojan horse (1) executable file or (2) DLL file.
CVE-2013-2849 (chrome)
Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.
CVE-2013-2848 (chrome)
The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors.
CVE-2013-2847 (chrome)
Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2013-2846 (chrome)
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840.