Best Of Web
Best Of The Web
YAHOO! NEWS
Online Privacy Campaign Site Kicks Off
Lawmakers hope site will unite consumers in support of privacy legislation
TECH WORLD
Once A Hacker, Always A Hacker
Hackers are unfit to serve as security professionals, blogger says
MICROSOFT
Microsoft To Launch Six Patches On Tuesday
Three vulnerabilities rate as "critical"; three others are "important"
MACWORLD
Google Launches Free Public DNS
Free offering could help protect users from DNS exploits, experts say
CISCO
Threat Alert: Fake Microsoft Update Messages
Beware of update downloads bearing malware, Cisco research team says
IT NEWS AUSTRALIA
IT Spending Set To Rise As Firms Pull Out Of Slump
Security spending could increase, report says
FEDERAL NEWS RADIO
Northrop Grumman Invests In Cybersecurity Research
New consortium will look for "leap ahead technologies," founders say
VOLTAGE SECURITY
Federated Key Management As The Basis For Secure Cloud Computing
Federated approach could make encryption easier to do in the cloud
TECH NEWS WORLD
Civilization's High-Stakes Cyber-Struggle: Q&A With General Wesley Clarke
We can't be sure who the enemy is, but we know what the stakes are, Clarke says
READ WRITE WEB
Watchdog Group EFF Sues Government Regarding Social Media Surveillance
Law enforcement is monitoring social media and using the data to investigate users, EFF says
THE REGISTER
Malicious PDFs Can Commandeer BlackBerries, RIM Warns
Research In Motion has issued a patch to fix multiple vulnerabilities in its PDF distiller that could let an attacker take over a BlackBerry with malicious PDF attachments
MICROSOFT TECHNET BLOG
Microsoft: No 'Black Screen of Death'
The software giant says its November security updates are not causing this issue reported by researchers
BAYWORDS
Wall Street Journal Exposes Passwords In Plain Text
A researcher says the Journal's site has a SQL injection flaw that allows access to databases on the server
PC ADVISOR
Domains Hosted In Cameroon Are Web's Riskiest
McAfee says 36.7 percent of URLs ending in .cm are dangerous because cybercriminals are setting up fake typo-squatting sites that lead to malicious downloads and spyware
COMPUTER RESELLER NEWS
Facebook Promises More Privacy Controls, But Users Want More
Facebook founder Mark Zuckerberg's open letter explaining new privacy and security controls for the popular social networking site gets mixed reviews from users
COMPUTERWORLD
IE8 Can't Stem Bleeding Of Microsoft's Browser Market Share
Internet Explorer's market share drops to a new all-time low, according to data from Net Applications
TG DAILY
Indian Government Blocks Millions Of Phones
Tens of millions of Indian phones inoperable after the government blocked those lacking valid International Mobile Equipment Identity (IMEI) numbers
WIRED
Restaurants Sue Vendor For Unsecured Card Processor
Seven restaurants in Louisiana and Mississippi are suing Radiant Systems for allegedly making a POS system that isn't compliant with PCI and caused a breach of debit and credit card accounts
APPRIVER
Bots Using H1N1 Fear To Distribute Malware
More than 1 million spam messages being generated per hour, researchers say
SCHNEIER ON SECURITY
The Psychology Of Being Scammed
Why human beings fall for scams -- and what they can do about it
H ONLINE
Root Exploit From Free BSD
Flaw in run-time link editor could allow users to escalate privileges to root level
FIJI TIMES
Cybercrime To Increase 40 To 50 Percent In Next Two Years, Police Say
Major growth in attacks likely, law enforcement authorities say
CA COMMUNITY
Ransomware Blocks Internet Access
Malware is bundled with uFast Download Manager, report says
HELP NET SECURITY
Microsoft's Security Patches Year In Review: A Malware Researcher's Perspective
A look at the strengths and weaknesses of Microsoft's approach to vulnerabilities
CSO
I Was Wrong: There Probably Will Be An Electronic Pearl Harbor
Security expert Ira Winkler says growing smart grid makes attack more likely
NETWORK WORLD
FTC Slams Spam Gang Boss With $15 Million Fine
Spammer sent billions of junk emails, Commission says
COMPUTERWORLD
Latest Microsoft Patches Cause Black Screen Of Death
Microsoft's latest round of security patches is causing some PCs displays to go black, according to Prevx
NETCRAFT
24 Of The 100 Top HTTPS Sites Now Safe From TLS Renegotiation Attacks
Nearly one-fourth of the top HTTPS Websites are safe from the recently disclosed TLS renegotiation flaws
THE GUARDIAN
Navy To Investigate Security Breach
Royal Navy investigators flew to Belfast last week after a memory stick containing sensitive information on naval maneuvers and U.K. personnel was reported missing
EXPRESS BUZZ
The Top 10 Most Famous Hackers
A look at Kevin Mitnick, Robert T. Morris, Kevin Poulson, and the "homeless hacker"
ZSCALER BLOG
Twitter Follower Scams
How Twitter follower services actually take control of your Twitter account to further promote itself
SC MAGAZINE
Raunchy Spam Targets Online Gamers
Troj/Agent-LVF is a World Of Warcraft password-stealing Trojan spreading right now that lets the bad guys monetize virtual assets
MICROSOFT TECHNET BLOG
Do's And Don'ts For Passwords
Use a combination of letters, numbers, and special characters, and a combination of upper and lowercase letters, for instance
BBC
Computer Hacker Gary Mckinnon 'Is Facing A US Trial'
McKinnon's request to block his extradition due to medical reasons was refused by the Home Office
REUTERS
Cyber Breaches Are A Closely Kept Secret
"Only a handful" of the thousands of cases investigated have been made public, FBI official says
GOVERNMENT EXECUTIVE
GAO: Defense Lost Track Of 72,000 Medical Records
Health questionnaires still missing after database search
OFFICE OF INADEQUATE SECURITY
Former United Way Worker Sentenced For Damaging Charity's Computer Network
Former computer specialist gets 18 months in jail for sabotaging systems
SC MAGAZINE
Two Australian IT Forums Breached
Experts uncertain if attacks on Whirlpool, Overclockers are related
PC WORLD
New Banking Trojan Horses Gain Polish
As banks' defenses improve, attacks become more sophisticated, Finjan researchers say
WSMV-TV
Farmers Insurance Clients' Info Hacked
Former employee may be responsible; Secret Service is investigating
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-2866
The Flash plug-in in Google Chrome before 27.0.1453.116 does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
CVE-2013-2969
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
CVE-2013-2968
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
CVE-2013-4622 (droid_incredible)
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
CVE-2013-0484 (cognos_tm1)
The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via an undocumented API call that triggers the transmission of unexpected data.