Best Of Web
Best Of The Web
ZDNET
Facebook Disables Rogue Apps, But More Appear
Facebook killed six rogue apps stealing Facebook users' log-in credentials in order to send out spam, and within hours more appeared
INFORMATIONWEEK
Radisson Hotels Computers Compromised
Computer systems at some Radisson hotels in the U.S. and Canada had been accessed illegally for more than a half a year
SALON.COM
Profile Of A Hacker: How The 'Soupnazi' Did It
Man allegedly behind the biggest identity theft ever did it through a fairly simple ploy
NORTON SAFE WEB
The 100 Dirtiest Websites Of Summer 2009
A look at the sites that carry the highest numbers of malicious threats
GOVERNMENT COMPUTER NEWS
Microsoft Working To Eliminate Internet Anonymity
Host Tracker can identify servers with 99 percent accuracy
VIRUSLIST.COM
How Much Is A Credit Card Worth?
Price of stolen credit card data varies with timing, geography
USA TODAY
Hackers Harness Twitter To Do Their Dirty Work
Researchers isolate new Twitter-borne infection known as "sninf"
KNOWLEDGE WHARTON
Information Security: Why Cybercriminals Are Smiling
Author of new security book discusses why businesses still aren't protecting their data
WASHINGTON POST
TwitBlock Helps Root Out Spammy Followers
New tool helps Twitter users block followers who misuse their profiles
SECUROSIS
New Details, And Lessons, On Heartland Breach
Patch and vulnerability management are key, experts say
PROOFPOINT BLOG
And Now Hackers are DDoSing Obama -- Or Are they Just Zombifying Your Machine?
Message says "If You dont like Obama come here, you can help to ddos his site with your installs," but it actually infects the victim's machine
SEARCHSECURITY
FTC Extends Breach Notification To Web-Based Health Repositories
The Federal Trade Commission has expanded data breach notification rules covered by the Health Insurance Portability and Accountability Act (HIPAA) to companies that provide an online repository of health information
THE STREET.COM
President Obama's CTO: U.S. Needs Data Lockdown
U.S. firms need look at threats insider their businesses rather than what they read in the headlines, says federal Chief Technology Officer Aneesh Chopra
NETWORK WORLD
Kaspersky Falsely Identifies HSBC Trojan
HSBC says Kaspersky Internet Security software has falsely warned some users of malware in its personal online banking site
WIRED
Air Force Establishes 'Reduced' Cyber-War Command
The U.S. Air Force has scaled back its plans for a cyberwarfare organization
TECHNOLOGY REVIEW
Microsoft Team Traces Malicious Users
Researchers trace compromised machines used to attack other computers
SANS INTERNET STORM CENTER
MS09-039 Exploit In The Wild?
SANS has received reports that the Microsoft MS09-039 vulnerability in the WINS service is now being exploited
COMPUTERWEEKLY
Privacy Lawsuit Filed Against Facebook
Five Facebook users in California have filed a lawsuit against the social networking firm that accuses Facebook of violating privacy laws and misleading users
OFFICE OF INADEQUATE SECURITY
Audit Of Department Of Energy Reveals Unaddressed Problems
DoE still has not implemented security measures that might protect it from attack, audit says
SYDNEY MORNING HERALD
Hackers Break Into Police Computer As Sting Backfires
Australian cops boast of infiltrating underground site, only to find themselves owned
FOX NEWS
White House Makes Security Changes To Website Following Complaints Over Email
Health reform emails lead to spam from White House, citizens complain
COMPUTER WEEKLY
IT Regulation Will Weed Out Bad Technology
Regulators ponder rules that would force vendors to disclose the weaknesses of software and systems
WIRED
Outspoken Privacy Advocate Joins FTC
Chris Soghoian surprises many by joining government agency
DEFENSE TECH
Cyber Heist Crushes Bank
Theft of $3 million turns out to be more than small bank can stand
CIRCLE ID
Are Phishing And Malware Separate Threats?
As exploits evolve, it may make more sense to consider them together
TECHNOLOGY REVIEW
How To Forecast Malicious Internet Attacks
Predictive blacklisting forecasts where your next attack is coming from -- and blocks traffic in advance
RADIO FREE ASIA
China Backs Down On Content Filtering Software
Government says activating Green Dam application is "not compulsory"
SOFTPEDIA
UN Admins Leave Vulnerability Unfixed
Bureaucracy leaves UN systems open to attack, report says
NETWORK WORLD
IEEE Program Brings Security Vendors Together
Virtual meetings may speed development of standards, sharing of security data
GOVERNMENT INFORMATION SECURITY
Cybersecurity: As Seen Beyond The Beltway
Departures of key government leaders aren't as disastrous as the hype indicates
TECH RADAR
Hitachi To Fight Hackers As 'Cyber Sheriff'
Company forms team to fight cybercrime
SUNBELT SOFTWARE
The 40 Most Popular Tools For Your System Admin Bag
A list of 40 free or low-cost tools for security and other IT administration tasks
NEWS & OBSERVER
Respect, But No Love, For Hackers
Longtime security expert says most hackers are "losers," but concedes the strength of their exploits
PC ADVISOR
Hackers Put Twitter In Crosshairs
Social networks provide venue for distributing malware on grand scale
HEISE ONLINE
CA Anti-Virus Software Disables Itself And Other Applications
The Engine Update 33.3.7051 for CA's eTrust Threat Manager anti-virus software caused massive false positives, quarantining and renaming files, including some in eTrust itself
NETWORK SECURITY BLOG
Cannot Achieve PCI Compliance With Amazon EC2/S3
Amazon is telling customers that EC2 and S3 aren't PCI-compliant solutions
PANDALABS BLOG
Koobface: The Saga Continues
More than 60 active domains are spreading new Koobface content via messages linking to a "CooooL Video" on Facebook
MSNBC
Is Your Palm Pre Spying On You?
Reports abound of Palm Pre's sending users' GPS coordinates and more back to Palm
KNUJ0N
Microsoft Rogue Internet Pharmacy Problem Fixed? Not So Fast, Say Researchers
Days after Microsoft says it manually removed rogue pharmacies from ads, researchers were able to again purchase drugs without a prescription via an ad on the search engine
CR0 BLOG
Major Linux Kernel Flaw Discovered
Vulnerability affects all 2.4 and 2.6 kernels since 2001 on all architectures
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
- Remote Data Replication: Combat Disasters And Optimize Business Operations
- Riverbed vs Silver Peak: WAN Optimization Vendors Put to the Test
- Storage Infrastructure as a Service The Best of Cloud and On-premises Storage
- Putting Metaswitch's SBC Software to the Test
- When It Makes Sense to Move to Desktop Virtualization: Seven Key Indicators
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-4612 (redcap)
Multiple cross-site scripting (XSS) vulnerabilities in REDCap before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving different modules.
CVE-2013-4611 (redcap)
Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow remote attackers to have an unknown impact via vectors involving (1) the Online Designer page or (2) the Manage Survey Participants page.
CVE-2013-4610 (redcap)
Unspecified vulnerability in the Data Search utility in data-entry forms in REDCap before 5.0.3 and 5.1.x before 5.1.2 has unknown impact and remote attack vectors.
CVE-2013-4609 (redcap)
REDCap before 5.0.4 and 5.1.x before 5.1.3 does not reject certain undocumented syntax within branching logic and calculations, which allows remote authenticated users to bypass intended access restrictions via (1) the Online Designer or (2) the Data Dictionary upload, as demonstrated by an eval call.
CVE-2013-4608 (redcap)
Cross-site scripting (XSS) vulnerability in REDCap before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving the Graphical Data View & Descriptive Stats page.