Best Of Web
Best Of The Web
CISCO
A Culture Shift: IT Security To Grid Security
Shift in computing paradigm will cause changes in security direction, expert says
COMPUTERWORLD
Opinion: IT's Five Big Security Mistakes
Too much reliance on signature-based tools is the first offense, pundit says
BANK INFO SECURITY
Year Of The Hack: Review Of 2009 Data Breaches
Heartland heads list of 62 breaches affecting financial institutions
ZDNET BLOG
Facebook/Mcafee Deal Provides Security Software But Little Education
Facebook has partnered with McAfee to offer a six-month security software subscription to its 350 million users
MASHABLE
HTTPS Becomes Default For Gmail
Google is now making HTTPS on by default when accessing Gmail
HELP NET SECURITY
Secret DNA Database In Danger Of Breach
The Children's University hospital in Dublin, the target of a theft of two computer servers back in 2007 that contained health records of 1 million patients, also holds a DNA database that could be at risk
INFOWORLD
Google Blames 'Human Error' For Leak Of Users' Business Data
Search giant apologizes for potentially exposing sensitive data from thousands of users of its business listings service
XINHUANET.COM
South Korean Military To Ban Use Of USB Flash Drives
South Korea's Ministry of Defsense is developing an alternative system to portable storage devices that would replace them as early as next year
THE HONEYNET PROJECT
Honeynet Project Forensic Challenge 2010
The contest will let security pros analyze attacks and share their findings from real, in-the-wild attacks provided by Honeynet members
RDIST BLOG
Smart Meter Crypto Flaw Worse Than Thought
A flaw in the random-number generator in TI microcontrollers also encompasses chips found in many wireless sensor systems, including most smart meters
THE REGISTER
Hackers Pluck 8,300 Customer Logins From Bank Server
Hackers steal login credentials of 8,300 customers of small New York bank after accessing a server that hosted its online banking system
COMPUTER WEEKLY
Rogue Antivirus Software Targets Google Groups
Gmail messages offer "fun videos," but take users to rogue malware site
THE REGISTER
Google Leaks Small Business Stats To Random People
Traffic data snafu blamed on "human error"
GOVERNMENT INFO SECURITY
Cisco Security Report: Malware, Social Media Are Top Risks
In Q&A interview, Cisco expert says malware threat will grow in 2010
SC MAGAZINE
Malicious Apps Found In Google's Android Online Store
Rogue apps are designed to steal users' online banking credentials, researchers say
ROOT LABS RDIST
Smart Meter Crypto Flaw Worse Than Initially Thought
Wireless sensor systems may be at risk, researcher says
COMPUTERWORLD UK
Chrome 'Shows The Way' For Browser Security
Security guru says Google is well ahead of Microsoft and Mozilla
BANK INFO SECURITY
Phishing Scheme Spread To Three More States
Automated phone phishing scam targets banking customers
PEOPLE'S DAILY
China's Largest Search Engine Paralyzed In Cyberattack
DNS attack keeps systems down for nearly four hours; pro-Iranian group suspected
ZDNET ASIA
Web Filters Mean Bad News For Business
Filtering at the ISP level will result in businesses experiencing speed reductions, higher access fees, and the possibility of being unintentionally blocked, as Australia, China, Malaysia, and Singapore implement these filters
VIRUSLIST
Open Season On Tax-Payers
A look at a major phishing site aimed at U.S. taxpayers who file their returns online
THREAT POST
Adobe's automatic updates, as well as writing more secure applications, is key to improving the threat landscape for its apps
READWRITEWEB
Facebook's Zuckerberg Says The Age Of Privacy Is Over
If he were to create Facebook again today, user information would by default be public, not private as it was until last month, says Facebook founder Mark Zuckerberg
THE REGISTER
RSA Crypto Defiled Again, With Factoring Of 768-Bit Keys
An international team of mathematicians, computer scientists, and cryptographers has broken the 768-bit key after two-and-a-half years
V3
Twitter Plans New Products And Tighter Security
Twitter will hire 27 professionals to create new products and improve the security of the site
KREBS ON SECURITY
Firm To Release Database Web Server 0Days
A Russian research firm says it will publish information on several vulnerabilities and even some working exploits for Zeus Web Server, Sun Web Server, MySQL, DBW, Lotus Domino, Informix, Novell eDirectory, Sun Directory, and Tivoli Directory
SOPHOS BLOG
Banking Malware Found On Android Marketplace
An application for Google Android smartphones has been reported to steal users' banking information
IOL TECHNOLOGY
Philippines To Secure Websites After Hacking
The Philippine government says it has taken steps to lock down government agency Websites after a string of hacks over the past two weeks
COMPUTERWORLD
Oracle Critical Patch Update Includes 24 Fixes
On Tuesday, Oracle will release a patch update that includes 24 security fixes for its database, application server, and other products
F-SECURE BLOG
Ransomware -- Buy Back Your Own Files
F-Secure has spotted a combination ransomware and rogueware scam that makes it appear that Microsoft Office documents, video, music, and image files are "corrupted"
THE REGISTER
Brit ISP Knocked Offline By Latvian DDOS
Thirty thousand Vispa customers were forced offline for almost 12 hours today by a DDoS attack traced to Latvia, and the ISP's phone system was also impacted by the attack
THE TELEGRAPH
Nicolas Sarkozy Given 'Impenetrable' Superphone
French president Nicolas Sarkozy now has a smartphone with "impenetrable" encryption levels compared to commercial handhelds
SECUROSIS BLOG
Project Quant: Database Security, Configure
Securosis explains how to use its metrics model for database security
NETWORK WORLD
Top 10 Facebook And Twitter Security Stories Of 2009
A look at everything from celebrity Twitter feed hacks to worm attacks on the popular social networks
WEBSENSE SECURITY LABS
Office.Microsoft.Com Search Results Can Lead To Rogue Anti-Virus
Search results on office.microsoft.com can lead users to a rogue antivirus page, according to Websense
THE REGISTER
Hacker Pierces Hardware Firewalls With Web Page
No authentication or user input is required, researcher says
ARS TECHNICA
FTC Reminds Us That Storing Data In The Cloud Has Its Drawbacks
In letter, FTC warns that many users don't understand the privacy implications of network storage
THREATPOST
I Have Only One Security Prediction For 2010
Desktop devices will begin handling untrusted data in sandbox, expert says
MICROSOFT
Microsoft To Issue Windows Security Patch
Only one patch is identified for upcoming Patch Tuesday release
COMPUTERWORLD
Update: Heartland Breach Shows Why Compliance Is Not Enough
One year later, Heartland breach illustrates need for multilayered security approach
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
- HP Newsletter with Gartner Research: Maximizing Your Infrastructure through Virtualization
- Understanding Holistic Database Security 8 Steps to Successfully Securing Enterprise Data Sources
- A How-To Guide on Using Cloud Services for Security-Rich Data Backup
- Holistic Risk Management: Perspectives from IT Professionals
- Aligning IT with strategic business goals: A proactive approach to managing IT risk to your business
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2012-4697
TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session.
CVE-2011-4520
Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4519
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4518
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2012-6563
engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.