Best Of Web
Best Of The Web
FORTINET
Fortinet 2013 Cybercrime Report
New paper explores the world of the cybercriminal
THE REGISTER
The 30-Year-Old Prank That Became The First Computer Virus
Elk Cloner creator Rich Skrenta looks back
PC WORLD
Qantas Warns Of Email Scam Aimed At Holiday Travelers
Seat selection fee emails are ruse to fool users into downloading malware, airline says
eSECURITY PLANET
Charges Dropped Against NASA Hacker
U.K.'s Director of Public Prosecutions says prospects of a conviction of Gary McKinnon were "not high"
HUFFINGTON POST
Facebook Vs. Hackers: Why The Social Network No Longer Plays 'Whack-A-Mole'
After initially playing defense, Facebook decides to investigate hackers on its own -- and gets results
CYBER WAR ZONE
Assange To Run For Australian Senate, Start Wikileaks Party
Wikileaks founder says he will run in next year's election and will form a new party
FIRSTPOST
US WikiLeaks Case: Hearing To Reach Closing Arguments
U.S. Army private accused of leaking classified information enters final phase of his case
WIRED
FBI Memo: Hackers Breached Heating System Via Backdoor
Hackers broke into the industrial control system of a New Jersey air conditioning company earlier this year using a backdoor vulnerability in the system, FBI says
INTELLIGENT UTILITY
The DOE Reaches Out To Utilities With Cybersecurity Model
Electric Subsector Cybersecurity Capability Maturity Model is moving electric grid operators to strengthen their defenses
CNBC
Counter-Terrorism Tools Used To Spot Staff Fraud
JPMorgan Chase turns to technology to spot fraud risks among its own employees
IT PRO
Facebook Unveils New Privacy Controls
Social networking giant to make it easier for members to determine who can view their content, and request that objectionable photos be removed
MOTHER JONES
Defense Contractors Don't Want To Say When They’ve Been Hacked
Defense companies aren't too excited about a new rule that would make them reveal their security breaches
IT PRO PORTAL
WCIT 12: Majority Agrees UN Should Play "Active" Role In Web Regulation
Contentious ruling is questioned by U.S., U.K., and other member countries
SYDNEY MORNING HERALD
Selling Flak Jackets In The Cyberwars
Startup CloudFlare looks to shield websites from DDoS attacks
INFOSEC INSTITUTE
Phishing: A Very Dangerous Cyber Threat
Phishing attacks have increases exponentially -- and they are successful in the majority of cases
COMMSDAY
WCIT Bombshell: Russia Withdraws Internet Regulation Push, Apparently Under ITU Pressure
Russia and its allies China, Saudi Arabia, Sudan, Egypt, and the United Arab Emirates withdrew a proposal to overhaul international telecommunications regulations that would have provided national governments sweeping new powers to regulate the Internet, including Facebook and Twitter
NAKED SECURITY BLOG
Cyber Attackers Seize, Encrypt And Ransom Medical Centre's Patient Database
Attackers hacked an Australian medical center's patient database, encrypted it, and are demanding $4,000 AUD to release thousands of patient records
MICROSOFT TECHNET BLOG
New Guidance To Mitigate Determined Adversaries' Favorite Attack: Pass-The-Hash
Microsoft provides practical mitigations for preventing pass-the-hash attacks for stealing credentials
REUTERS
HSBC To Pay $1.9 Billion U.S. Fine In Money-Laundering Case
HSBC Holdings Plc will pay a record $1.92 billion in fines to U.S. authorities for its systems being abused by drug money-launderers in Mexico and other banking lapses
BBC
Hacktivists Ghost Shell Dump 1.6M Log-In Details On Web
Anonymous splinter group Ghost Shell has leaked log-in details, email addresses, and online databases from 1.6 million accounts from NASA, the FBI, the European Space Agency, and many other government agencies and contractors
SECURITY WEEK
Embarrassing Oversight Leads To Exploit Hub's Compromise
NSS Labs' exploit marketplace, Exploit Hub, was hacked by a 'quasi-rival group' called Inj3ct0r Team
HOT ON SECURITY
Windows 8 Hack Lands Users Free Windows Store Games
Researcher explains how tech-savvy users can get paid apps by hacking Windows 8 trial games from Microsoft�s Windows Store marketplace
THE WALL STREET JOURNAL
Facebook Simplifies Privacy Settings
Facebook is also taking away the option to hide oneself from the main search tool
UNMITIGATED RISK
How Facebook Can Avoid Losing $100M In Revenue When They Switch To Always-On SSL
Authentication performance hit could cost the social network some revenue -- but there are ways to make up for it
ZDNET
Microsoft Fixes Critical Windows 8, IE10 Flaws For Patch Tuesday
Software giant releases five critical patches that fix vulnerabilities in Windows 8 devices
FOX BUSINESS
Cyber Terrorists Threaten Fresh Attacks Against U.S. Banks
Group claiming to be aligned with Islamic terrorism threatens another round of attacks, starting this week
RSA
Citadel's Steward Banned From Underground Venues
"Aquabox" may be burned out and withdrawing, researchers say
ELECTRIC LIGHT AND POWER
Europe's Power Grid Hit With Denial-Of-Service Cyber Attack
German utility 50Hertz is DDoSed; attack cripples its communications capability, but no power is lost
WHITE HOUSE BLOG
United Behind The Free Flow Of Information
President Obama speaks out on the U.S. position at the WCIT treaty conference
COMPUTERWORLD
Police-Themed Ransomware Speaks To Victims -- Literally
New variant of Reveton ransomware uses localized voice messages to trick victims into paying rogue fines
THE REGISTER
Look Out, World! Are You Ready For John McAfee: The Movie?
Antivirus thrillseeker flogs manhunt film rights
VIMEO
ReVuln: The TV Is Watching You
Newly discovered vulnerability could allow hackers to access Smart TV, researchers say
THREAT POST
Aramco Hack Aimed At Curbing Oil Production
August attack was designed to slow output of Saudi oil giant, new report says
CYBER WAR ZONE
Anonymous: Project Mayhem 2012 Calls Employees To Target Their Work Environment In December
Operation calls on employees to collect information about illegal deeds
FINEXTRA
Anonymous Spokesman Indicted Over Hacked Stratfor Card Details
U.S. federal grand jury indicts Barrett Brown over 2011 data breach
GOVERNMENT INFO SECURITY
University Breach Leads Roundup
Western Connecticut State University notifies students and other that their personal information was exposed online
FINEXTRA
Goldman Sachs Fined $1.5M Over Supervision Failures
Bank penalized for failing to supervise a trader who bypassed internal systems and concealed an $8.3 billion position
WALL STREET JOURNAL
Which Websites Are Sharing Your Personal Details?
Study looks at 50 top sites and their privacy practices
HELP NET SECURITY
Beware Bitcoin Miner Posing As Trend Micro AV
Malware is disguised as anti-spyware tool from well-known security firm
COMPUTERWORLD
8 Of 10 Customers Choose Windows 7, Says PC Builder
Reseller Puget Systems' customers ignore Windows 8 and buy Windows 7 machines instead, mainly due to Windows 7's good reputation and the lack of a Start menu in Windows 8
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3496 (vipnet_client, vipnet_coordinator, vipnet_personal_firewall, vipnet_safedisk)
Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone: Full Control) for a folder under %PROGRAMFILES%\Infotecs, which allows local users to gain privileges via a Trojan horse (1) executable file or (2) DLL file.
CVE-2013-2849 (chrome)
Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.
CVE-2013-2848 (chrome)
The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors.
CVE-2013-2847 (chrome)
Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2013-2846 (chrome)
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840.


