Best Of Web
Best Of The Web
eWEEK
Commercial E-Banking Fraud: No Withdrawal
Smaller banks are a growing target, researchers say
FORBES
The Year Of The Mega Data Breach
In 2009, a small number of breaches exposed more personal information than ever before
INTERNET SECURITY CONSORTIUM
DNSSEC Flaw Discovered
Validating recursive nameserver may incorrectly cache records from a query response, CERT says
WASHINGTON POST
Spam 'Godfather' Gets 51 Months In Prison
Ralsky pleads guilty to role in selling counterfeit high-tech computer parts to U.S. military
CNET
E-tailers Snagged In Marketing 'Scam' Blame Customers
A look at the top threats of 2009, and what to watch out for in the coming year
SUNBELT SOFTWARE BLOG
Why IT Managers Drink: Ten Issues That Drive Them To The Bottle
Breaches, compliance, and patch deployment make are key headaches, report says
BANK INFO SECURITY
Former Texas Credit Union Employee Convicted In Insider Fraud Case
VP of operations transferred money from customers' accounts, and then withdrew it via unauthorized ATM cards operations
CIO
Hacks Of Chinese Temple Were Online Kung Fu, Abbot Says
Fake message on Shaolin Temple Website was a "mean joke," temple official says
JAVELIN STRATEGY
Banks Achieve Milestones In Prevention And Debt Card Guarantees
But many still fall short in alert offerings, according to identity safety scorecard fall
HELP NET SECURITY
Online Financial Security Threats: What Can We Expect In 2010?
A look at the top threats of 2009, and what to watch out for in the coming year
EWEEK
Older Microsoft Internet Explorer Vulnerable To Security Flaw
Zero-day vulnerability found in IE 6 and 7, Symantec says
CHINA DAILY
Chinese Antivirus Authorities Warn Of New Worm Virus
Worm_Piloyd.B infects documents and may make them difficult to restore
AVG BLOGS
New Facebook Worm -- Don't Click Da Button, Baby!
Alluring Facebook message can lead to CSRF attack
SILICON VALLEY MERCURY NEWS
Cybercriminals Lurk On Social Networking Sites
End users should be careful about what they reveal, expert says
THE REGISTER
Symantec Japan Website Bamboozled By Hacker
Plain text passwords revealed, well-known hacker reports
SC MAGAZINE
Report: Cyberattacks Against the U.S. 'Rising Sharply'
Many attacks emanate from China and state-sponsored sources, report says
ZDNET
East Anglia: One Hacked U.S. Scientist Is Hacked Off
Climate scientists finds more than 100 of his own emails posted online
SOPHOS
Another iPhone Worm -- And This Time, It's Malicious
New vulnerability is further proof the iPhone isn't ready for business, expert says
THE REGISTER
IE8 Bug Makes 'Safe' Sites Unsafe
A bug in a feature in Internet Explorer 8 browser that is supposed to prevent cross-site scripting attacks can actually be exploited to introduce these errors on Websites
NETWORK WORLD
Cyberattacks On U.S. Military Jump Sharply In 2009
Attacks on DoD networks -- mainly from China -- will rise 60 percent this year, according to a congressional committee report
COMPUTERWORLD
Microsoft Denies It Built 'Backdoor' In Windows 7
In response to a senior National Security Agency official's congressional testimony that his agency worked on Windows 7, Microsoft says NSA was involved only in compliance, and there's no backdoor in the OS
THE WASHINGTON POST
Experts: Smart Grid Poses Privacy Risks
More personal information will be available online as well as the collection, use, and disclosure of personal information, the Ontario Information and Privacy Commissioner and the Future of Privacy Forum (FPF) said in a new report
THE WALL STREET JOURNAL
Some Courts Raise Bar on Reading Employee Email
Legal experts say some court cases are showing more consideration for employees who feel their employer has violated their privacy
HELP NET SECURITY
Zero-Day Vulnerabilities In Firefox Extensions Discovered
Researchers say Mozilla doesn't have a security model for extensions, and there are no security boundaries between extensions Researchers say Mozilla doesn't have a security model for extensions, and there are no security boundaries between extensions extensions
V3
Botnet Begins Social Networking Spam Run
DonBot is sending as much as 4% of the total global spam as of Nov. 18 with a "work at home" scheme
WIRED
Palin Calls E-Mail Hack 'Most Disruptive' Campaign Even
In her new book Sarah Palin says intrusion into her personal e-mail account in September 2008 paralyzed her administration because it cut off easy communication with her Alaska staff
TAD GEAR
TAD Gear Reports Security Breach; Database Hack Suspected
Maker of sports and camping gear says unauthorized charges have already been made to customers' credit cards
ASSOCIATED PRESS
FBI Says Hackers Targeting Law Offices, Public Relations Firms
Sophisticated email scheme aims to break into corporate clients' systems
GOOGLE CHROME RELEASES
Microsoft Researchers Spot Vulnerability In Google Chrome Frame
Patch will help prevent crashes, Google says
NETWORK WORLD
The Six Greatest Threats To U.S. Cybersecurity
Foreign nations are among the top groups threatening U.S. data, report says
SYMANTEC/MESSAGELABS RESEARCH
DonBot Starts Vigorous Social Networks Campaign
Researchers note huge jump in spam containing links to Twitter
HARTFORD COURANT
1.5 Million Medical Files At Risk In Health Net Data Breach
Hard drive containing seven years' worth of data was lost six months ago, but is only being reported now
FEDERAL COMPUTER WEEK
Feds Falling Behind In Race Against Cyberthreats, GAO Says
Despite cooperative efforts, agencies are losing the battle, according to watchdogs
SOFTPEDIA
Payment Request Spam Carries Malicious Attachments
Messages bear the marks of the Zbot botnet, experts say
SOPHOS BLOG
Couple Arrested In Connection With Zbot Trojan Horse
A man and a woman arrested in the U.K. in connection with the Zbot family of Trojan malware
COMPUTERWORLD
Obama Said To Be Close Again To Naming Cybersecurity Chief
The Federal Times quotes unnamed sources that an announcement could come as soon as Thanksgiving, and cites top candidates
ESET Threat Blog
Once Upon A Cybercrime
Survey finds most Americans unaware that cybercrime is linked to organized crime
CISCO BLOG
Do We Need A Global CERT?
A look at whether a global Computer Emergency Response Team would help thwart cyberattacks and expedite response
INTERNET NEWS
Hacker Infiltrates MassMutual Database
MassMutual employee data records compromised in database hack
ARABIAN BUSINESS
Cyber Attacks Hit Almost 60 Percent Of Mideast Businesses
New Trend Micro research finds 57 percent of businesses in the Mideast have suffered two or more cyberattacks in the past six months
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
- HP Newsletter with Gartner Research: Maximizing Your Infrastructure through Virtualization
- Understanding Holistic Database Security 8 Steps to Successfully Securing Enterprise Data Sources
- A How-To Guide on Using Cloud Services for Security-Rich Data Backup
- Holistic Risk Management: Perspectives from IT Professionals
- Aligning IT with strategic business goals: A proactive approach to managing IT risk to your business
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2012-4697
TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session.
CVE-2011-4520
Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4519
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4518
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2012-6563
engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.