Best Of Web
Best Of The Web
NEWS OBSERVER
Hacker Hit Community College System
More than 51,000 library users at 25 different campuses in the Raleigh area had their driver's license and Social Security numbers compromised in a hack of the system
MEDIAPOST NEWS
eBay Attempts To Curtail Click Fraud
eBay will block fraudulent and invalid traffic from paid search ad campaigns
SYMANTEC BLOG
New Adobe Acrobat Zero-Day
Symantec has learned of a second zero-day exploit in Adobe Acrobat, a overflow for the multimedia.api plugin that can be manipulated from JavaScript
THE REGISTER
TJX Hacker Mulls Asperger's Defense
Albert Gonzalez is now claiming he may suffer from Asperger's syndrome, a court filing indicates
THE WALL STREET JOURNAL
Insurgents Hack U.S. Drones
Militants in Iraq used off-the-shelf software to intercept live video feeds from U.S. Predator drones
COMPUTERWORLD
Chinese ISP Hosts 1 In 7 Conficker Infections
China Telecom's Chinanet has more than 1 million infected systems in its 94 million IP address network, demonstrating it was hit hardest by the worm
CISCO
Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities
Cisco has released updates to fix multiple buffer overflow vulnerabilities in the Cisco WebEx Recording Format (WRF) Player, which could let an attacker execute arbitrary code on a victim's system
PANDALABS
American Express Phishing Campaign
The phishing campaign attempts to capture the victims' online banking credentials by convincing them their online banking information is incorrect
GOVERNMENT COMPUTER NEWS
DNSSEC Implemented In The .US Registry
Neustar has deployed DNSSEC in the registry of the .us top-level Internet domain
SOPHOS BLOG
Spam For The Visually Impaired
Canadian Pharmacy spammers are using MP3 file attachments to push their wares
WASHINGTON POST
EU Drops Microsoft Browser Charges
Microsoft agrees to give Windows users a choice of up to 12 other Web browsers
PUREWIRE BLOG
Web Security: Be Careful Clicking On The Google Doodle
Google's logo doodle of the flag of Esperanto on Tuesday led to SEP poisoning of popular search terms on the topic
WEBROOT BLOG
Zero-Day Malware Drops Payloads Signed With A Forged Microsoft Certificate
Adobe Reader and Acrobat zero-day attack's payload is digitally signed with a phony Microsoft security certificate
MACLIFE
Google Chrome Tops Safari In Market Share
Google's browser is now No. 3, ahead of Safari
BBC
Microsoft Admits Code Theft For Chinese Blog Juku
Microsoft says a contractor working for the company was caught taking code from a start-up and using it to create Microsoft's Chinese microblogging site Juku
NEWS.AU
Lonely Heart Spammers Hit With Multi-Million Dollar Fine
A businessman and his company were penalized $6.5 million for a mobile phone dating scam that sent unsolicited SMS messages
WIRED
Document Reveals TJX Hacker��s Assistance To Prosecutors
Albert Gonzalez IDs two Russian accomplices who helped him hack into several companies and steal more than 130 million credit and debit card numbers
WASHINGTON POST
House Takes Steps To Boost Cybersecurity
House leaders ask chamber's security officials to implement a new cybersecurity training regimen for aides and to up security to protect sensitive information
THREAT CENTER BLOG
eSoft Uncovers 1.5 Million Sites In SQL Injection Attacks
Compromised sites infect users with Trojan.Buzus, researchers say
YAHOO! NEWS
Controversial Internet Filtering Goes Ahead In Australia
Australian ISPs will be forced to filter some content from servers overseas
CNET
Microsoft Pulls China Blog Site Amid Code Theft Charges
Software giant suspends access to MSN China microblogging site amid allegations that the service is based on code swiped from a rival
SEARCH SECURITY
Security Researchers Continue Hunt For Conficker Authors
Multiple investigations are still under way, according to insiders
THREATPOST
Q&A: Eugene Spafford On Cybercrime, Security Research
Purdue security center chief discusses trends in threats, legislation, and law enforcement
WIRED
Cyberthief Seeks Hit Man To Kill Informant
Online criminal attempted to put out a contract on federal informant
CHANNEL INSIDER
Globalizing The Fight Against A Hostile Internet
Security experts hail efforts to pursue criminals across borders and limit military's use of cyberspace
F-SECURE
Security Threat Forecast 2010
Windows 7 will become chief target in coming year, researchers predict
CNET
Heartland Data Breach Lawsuit Dismissed
Plaintiff shareholders faile to prove that Heartland was negligent in protecting customer data, judge says
COMPUTERWORLD UK
Virus Hoaxers Hijack Microsoft Site
Malware pushers use fake Microsoft recommendation
BLOOMBERG
HSBC Heist Includes Data On 130,000 Clients Worldwide
Former employee leaked data to prosecutor, newspaper says
HELP NET SECURITY
Do New Technologies Offer Greater Security?
Next-generation technologies such as cloud computing may increase risk, Trend Micro study says
AVG
Security Executive Shares 'Scary' Tale Of Identity Theft
Roger Thompson's story suggests data may be harvested from Facebook
GOVERNMENT COMPUTER NEWS
Industry CTOs Want Government To Lead On Identity, Standards
Technologists also discuss role in security and spurring innovation
iHOTDESK
Expert: International Cybercrime Is Growing
Many users tricked into downloading phony antivirus programs that bear malware, Sophos' Cluley says
NEW YORK TIMES
In Shift, U.S. Talks To Russia On Cybersecurity
Cold war opponents discuss limiting military use of cyberspace
SOFTPEDIA
Two Official Kaspersky Websites Hacked
Hacker finds critical SQL injection vulnerability on the official Kaspersky Lab Websites in Malaysia and Singapore
COMPUTERWORLD
Mozilla Exec Suggests Firefox Users Move To Bing, Cites Google Privacy Stance
Mozilla official points Firefox users to extension that adds Microsoft's Bing to list of search engines for the browser
SPYWARE GUIDE
Fake Visa Electronic Report Serves Up Zbot Data Stealer
Email claims to be an online statement from Visa
NZ HERALD
UFO-Chasing Hacker 'Suicidal,' Says Lawyer
Lawyers for accused hacker Gary McKinnon file another appeal against his extradition
THE REGISTER
Scammers Scrape RAM For Bank Card Data
Malware that siphons clear-text information from computer memory is all the rage among scammers as credit card data becomes encrypted
ZDNET
Botnet Gangs Collaborate On Malware
The anonymous group behind the Avalanche botnet is pushing Zeus, malicious code from another unnamed group
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3927
Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging read access.
CVE-2013-3647
The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. NOTE: this vulnerability exists because of a CVE-2012-4009 regression.
CVE-2013-3646
The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a CVE-2012-4008 regression.
CVE-2013-3644
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
CVE-2013-4616 (iphone_os)
The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack that leverages the insufficient number of possible passphrases.