Best Of Web
Best Of The Web
MACWORLD
Scammers Hop On Ipad Bandwagon
iPad search results could contain poisoned links that lead to rogue antivirus software
HOST EXPLOIT NEWS
Computer Science Researcher Hopes To Stall By Tracking Human Use Behaviors
Virginia Tech's College of Engineering plans to develop software that will differentiate human-user computer interaction from that of malware
SYMANTEC
Trojan.Hydraq's Backdoor Capabilities
Trojan used in Aurora attacks gives attacker live view of the infected machine's desktop using VNC technology
NEW YORK TIMES
Google Attack Highlights 'Zero-Day' Black Market
Incident renews debate about the buying and selling of vulnerabilities
IT WORLD
Fake Google Search Engine Emerges In China
"Goojje" may be a key reason why Google wants to leave the country, experts say
ASIA ONE
South Korea Heightens Alert Against Cyberattacks
North Korea could be potential aggressor, reports say
PANDA LABS
New Scams Target Interest In Apple iPad
Malware authors waste no time creating exploits that purport to be iPad information
MICROSOFT
Microsoft Offers New Research On Data Privacy, Reputation
In honor of Data Privacy Day, software giant rolls out new reports, video
NETWITNESS
IDS Legacy Is Institutionalized Failure
Industry expert argues that old-school intrusion detection mentality has set security industry back
YORKSHIRE POST
Bank's Anti-Fraud Boss Jailed For Stealing Money From Customer Accounts
Former executive blames alcohol, cocaine addiction
UPI
Vietnam Boosts Cyberthreat Protection
Country to spend $42 million to upgrade system security
FOX NEWS.COM
National Archives Warns Former Clinton Staff, Visitors Of Major Data Breach
Personal information on 250,000 Clinton administration staff and White House visitors sent to the National Archives was compromised when a hard drive containing confidential material disappeared nearly a year ago
WEBSENSE SECURITY LABS
Apple Tablet Announcement Black SEO
WebSense has discovered SEO-poisoning attacks that spread fake anti-malware software through search results about the new Apple Tablet announcement
LUBBOCK ONLINE
Company, Bank Blame Each Other
Hillary Machinery is suing PlainsCapital Bank after it lost $200,000 in a cyberattack last fall; the bank says it's not responsible because its Internet security measures are "reasonable"
TREND MICRO COUNTERMEASURES
Pakistani National Response Center for Cyber Crimes...Hacked!
A Pakistani federal investigative authority Website was compromised and defaced
CNN
Man To Plead Guilty In Scientology Cyber Attacks
A Nebraska man is expected to plead guilty next week to launching a cyberattack that shut down the Church of Scientology's Web sites as part of a group called "Anonymous"
REUTERS
Clinton To Press China FM On Internet Issue
U.S. Secretary of State Hillary Clinton will discuss with China's foreign minister the issue of Internet freedom
THREAT POST
Inside The PlayStation 3 Exploit
The exploit written to hack the gaming system basically defeats Sony's machine protection mechanisms for the device, a researcher says
THE REGISTER
Defects In E-Passports Allow Real-Time Tracking
Computer scientists in Britain have uncovered weaknesses in electronic passports issued by the U.S., U.K., and some 50 other countries that let attackers track an individual's movements as they enter or exit buildings
SOFTPEDIA
NASA Research Center Website Compromised
Sophisticated SQL injection technique used
CHRISTIAN SCIENCE MONITOR
U.S. Oil Industry Hit By Cyberattacks; Was China Involved?
Breaches show how sophisticated industrial espionage has become. Who's behind them?
COMPUTERWORLD UK
Microsoft Warned Of Another Serious IE Security Flaw
Vulnerability allows hackers to read files, Core Security researchers say
HELP NET SECURITY
Cybercrime Increasing Faster Than Company Defenses
Insider attacks cause more damage than external attacks; policies often don't work
COMPUTERWORLD
Chinese Human Rights Sites Hit By DDoS Attack
Five sites hit over weekend; one site down for 16 hours
CNN
U.S. Enables China's Hack Of Google
"Back doors" required by government also offer an entry point for hackers, according to security expert Bruce Schneier
CNET
Report: Attackers Sent Google Workers IMs From "Friends"
Social engineering attack enabled hackers to load malware on target employees' computers
TREND MICRO
Phishers Target AOL IM Users
New attack asks users to download software in order to reactivate their accounts
BBC NEWS
China Rejects Claims Of Cyber Attacks On Google
China official denies state involvement in alleged cyberattacks on Google and accuses the U.S. of double standard
MEDIA BUYER PLANNER
Click Fraud Uses Real Purchases To Avoid Detection
Harvard professor demonstrates new breed of click fraud that simulates clicks on a Google ad and generates a "real" customer purchase on the advertiser's Website
THE AUSTRALIAN
Call To Banish Virus-Hit Computers From Internet
Australian efforts to control bot-infected machines could expel virus-infected machines from the Internet
ESET
Global Threat Trends -- Year-End Report 2009
Targeted attacks will be a significant but underestimated threat in the coming year, report says
PC WORLD
Chinese Human Rights Sites Hit By DDoS Attack
Five Chinese human rights activist Websites were attacked over the weekend
BUSINESS COMPUTING WORLD
Swiss Army Encryption Challenge Worth More Than $100K
No one has cracked the 2010 version of the Victorinox device so far
TRAIL OF BITS
One Exploit Should Not Ruin Your Day
The larger problem is that it only took one exploit to compromise some of these organizations
H ONLINE
Security Update For BIND Name Server
The Internet Systems Consortium (ISC) has patched a DNSSEC-related vulnerability in DNS BIND that could lead to a DDOS attack
COMPUTERWORLD
China Slams Clinton's Call For Internet Freedom
China does not restrict online freedom, said Chinese Foreign Ministry spokesman in a statement on the ministry's Website
SOPHOS BLOG
Firefox 3.6 Checks Your Plugins Are Up To Date
The new browser version automatically detects out-of-date plug-ins, which could keep users safer if they keep up with these patches
H ONLINE
Cisco Reports Vulnerabilities In Products
Cisco has patched several flaws, including a buffer overflow in CiscoWorks Internetwork Performance Monitor and DoS vulnerability in Cisco IOS XR
WIRED
Microsoft Learned of IE Zero-Day Flaw Last September
Microsoft knew of the vulnerability months ago and had planned to include a patch for it in its February updates, but Google attacks expedited things
CIO
IE Attacks Pose Small Threat To U.S., Big Risk To China
Security researchers say hackers exploiting an Internet Explorer bug are far more likely to hit Chinese computer users than users in the U.S.
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3270 (vnx_control_station, celerra_control_station)
EMC VNX Control Station before 7.1.70.2 and Celerra Control Station before 6.0.70.1 have an incorrect group ownership for unspecified script files, which allows local users to gain privileges by leveraging nasadmin group membership.
CVE-2013-1014 (itunes)
Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate.
CVE-2013-1011 (itunes)
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
CVE-2013-1010 (itunes)
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
CVE-2013-1008 (itunes)
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.