Best Of Web
Best Of The Web
TIPPINGPOINT DV LABS BLOG
Pwn2own Contest Set For Vancouver Mar. 24
Hacking contest will pay out $100,000 in prizes
BANK INFO SECURITY
ACH Fraud: Seven Tips For Secure Transactions
Banking security experts recommend using a separate machine for financial transactions
ZSCALER RESEARCH
Google Buzz For Spammers
Social networking site could pose privacy issues for users, researchers say
BBC
New Flaws In Chip And Pin System Revealed
Cambridge University computer scientists say entire system may need a rewrite
COMPUTERWORLD UK
Simulated Hacker Attack To Test U.S. Government Response
Cyber Shockwave to involve former government officials, experts
GOVERNMENT TECHNOLOGY
Smart Grid Cybersecurity Investment Will Grow To $21B By 2015, Report Claims
Federal government initiatives will help drive utilities to update their security efforts, study says
TECH REPUBLIC
Security Breakdowns Don't Follow Rules
When evaluating threats, keep your eyes open for those who color outside the lines
THAI PR
Trend Micro Warns Users To Beware Of Cybercriminals During Valentine's Day
Volume of phishing, malware has already increased, researchers say
SAN FRANCISCO CHRONICLE
AT&T, Verizon, Other Carriers Eyeing Federal Government Cybersecurity Deals
Managed security services will play key role in next generation of federal systems, observers say
TIMES ONLINE
Ex-Goldman Employee Indicted Over Software Theft
Programmer charged with stealing code to use at a rival trading house
THE NEW NEW INTERNET
Hacker To Help DARPA
"Mudge" will help federal government defend against cyberattacks
NETWORK WORLD
Virginia Firm Files Encryption Lawsuit Against Tech Giants
TecSec alleges that companies such as IBM, Oracle, and Cisco violated 11 of its patents
COMPUTERWORLD
Windows Patch Cripples XP With Blue Screen, Users Claim
Angry customers blame new patch for XP reboot hell
EWEEK
Google Buzz Privacy Concerns Similar To Facebook Issues
Here are some facts to keep in mind about Google's new social networking entry
PC TOOLS
'Flirt Bots' Lure Users In To Malicious Sites
This sort of flirting constitutes an unwelcome advance, researchers say
CLOUDMARK
New Spam Campaign Promises Government Grants
Spammers hope to turn users' heads with promises that the government is giving out money
SHANGHAI DAILY
Cyber Claims Just 'Nonsense,' Chinese Official Says
Cabinet member says Chinese government has never been involved in cyberattacks
BBC
Political Hacktivists Turn To Web Attacks
Groups increasingly using cyber exploits as a form of protest, report says
ZDNET UK
Early-Adopter Criminals Embrace Cloud Computing
Cloud technology's popularity among the bad guys bodes well for its future, expert says
COMPUTERWORLD
Researchers Warn Of Likely Attacks Against Windows, PowerPoint
Hackers will jump on several of the bugs Microsoft patched this week -- 12 of the 26 vulnerabilities were ranked "1" in Microsoft's exploitability index, meaning they could be used for attacks within 30 days
B2B NEWZ
Hacker Owes Nintendo $1.3M
Nintendo says an Australian man will pay the company $1.3 million for illegally uploading a new Super Mario Bros game for the Wii to the Internet six days before its global release
FORBES
How To Hack The Sky
A Spanish researcher demonstrated at Black Hat DC new satellite-hijacking tricks that could be abused by cybercriminals
WALL STREET JOURNAL
The Rise Of Caller ID Spoofing
Applications that let users change or spoof their caller IDs are gaining in popularity in mobile phone app stores -- meanwhile, Congress is considering legislation to outlaw particular uses of the technology
CNET
Hacker 'Mudge' Gets DARPA Job
Peiter Zatko -- best known as "Mudge" -- has has been named a program manager at DARPA, where he will be in charge of funding research designed to help give the U.S. government tools needed to protect against cyberattacks
THE REGISTER
USB Hack Connects Droid To Printers, Video Cams, And More
A security expert has revealed a way to make a Motorola Droid host USB-enabled devices, which lets the smartphone directly connect to printers, video cameras, TV tuners, and other peripherals
MCAFEE AVERT LABS
Valentine's Day Searches Lead To Malware
Several poisoned search teams have been identified, including Valentine's Day Screensavers, Valentine's Day eCards, Valentine's Day Greetings, and Valentine's Day Gift Ideas
GOVERNMENT COMPUTER NEWS
Google-NSA Partnership Should Be More Public, Less Private
NSA's assistance in helping Google unravel the recent attack so far does not fit the description of a public-private partnership that officials have pushed for
COMPUTER WEEKLY
Two-Thirds Of Online Banking Credentials Are Shared
Study says most consumers use the same password for banking as they use for other sites
FINEXTRA
Bank Slammed After Hackers Steal $378,000 From Poughkeepsie
Bad guys broke into town's account, stole money and transferred it to Ukraine
COMPUTERWORLD
The Top Five Mistakes Of Privacy Awareness Programs
Having a few training courses doesn't constitute a true awareness program, experts say
CNET
Verizon Temporarily Blocks Some 4Chan Sites
Some affiliate sites may have been launching network attacks, report says
SEARCH SECURITY
'Sexting' Case In Supreme Court Should Prompt Review Of Employee Policies
Court could rule that practice overrules policy in determining reasonable expectation of privacy
IT WORLD
Can You Trust Chinese Computer Equipment?
Observers suggest that China's hardware might be deliberately bugged before distribution
CNET
FBI Wants Records Kept Of Websites Visited
Agency wants ISPs to keep site visit records for up to two years
MICROSOFT
Microsoft Offers Deployment Advice On 13 New Patches
Big Patch Tuesday addresses 26 vulnerabilities, software giant says
CHINA DAILY
Biggest Hacker Training Site Shut Down
Chinese state-run news agency says the country's biggest hacker training site was shut down and three hackers arrested
ZDNET
Oracle Releases Out-Of-Band Patch For Server Hole
Oracle has released a patch for a flaw in its WebLogic Server that can be exploited over a network without the use of a username or password
THE REGISTER
Fugitive VoIP Hacker Admits 10 Million Minute Spree
Miami hacker made more than $1 million selling millions of minutes of voice over IP calls and routing them through the networks of telecommunications companies
NETWORK WORLD
ShmooCon: P2P Snoopers Know What's In Your Wallet
Researchers say they found driver's licenses, passports, tax return forms with Social Security numbers, a last will and testament, and other sensitive information being sent over peer-to-peer networks
BERNAMA
Cyber Attack In Malaysia Still Under Control
An attack on Malaysian Websites is "under control," officials said today
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3927
Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging read access.
CVE-2013-3647
The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. NOTE: this vulnerability exists because of a CVE-2012-4009 regression.
CVE-2013-3646
The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a CVE-2012-4008 regression.
CVE-2013-3644
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
CVE-2013-4616 (iphone_os)
The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack that leverages the insufficient number of possible passphrases.



