Best Of Web
Best Of The Web
OFFICE OF THE MARYLAND ATTORNEY GENERAL
Credit Reporting Service Experian Reports Unauthorized Access Of Customer Data
Disclosure does not say whether customers from other states were affected
CIO
Malaysian Foreign Ministry's Website Compromised
Attackers redirect traffic to malware-bearing site
WIRED
Feds Say 'Dragnet' Surveillance Lawsuit Threatens Security
Obama administration defends NSA's tactic of warrantless eavesdropping
FINEXTRA
E-Banking Used By Four Out Of Five U.S. Online Households
Despite security concerns, usage of banking sites increases
CNET
Survey: Why Do People Respond To Spam?
Almost one-third of users say they have responded to email they suspected was spam
ZDNET UK
Tories Champion NASA Hacker In Parliament
Battle to prevent extradition of Gary McKinnon goes on
NEW ZEALAND HERALD
Passwords 101: A Simple Way To Make It Hard For Hackers
Protecting your account is not difficult, but many users fail to remember the basics
CSO
E-Commerce Fraud -- The Latest Criminal Schemes
Expert outlines some of the latest exploits involving online payment systems
COMPUTERWORLD
Twitter Documents Stolen From Google Apps
Hacker distributes information on Twitter employees, finances
INTERNET NEWS
LexisNexis Breach Linked To Mafia
Details of the company's most recent breach paint a harrowing picture
LONDON TELEGRAPH
FBI Probes PRANKnet Over Thousands Of Dollars In Damage Caused To Hotels And Restaurants
Prank calls allege trouble in hotel rooms, restaurant kitchens, causing losses
PHISHCAMP
PacketFocus Launches PhishCamp
Managed service lets users "audit" internal employees
INTERNET NEWS
Spam Not So Profitable?
Despite huge rise in volume, many spammers don't make as much money as you might think
DEFENSE NEWS
Recent Cyberattacks Have Little Impact On U.S.
Attacks "noisy," but not particularly sophisticated, experts say
ESECURITY PLANET
Hackers Exploit Flaw In Microsoft Office
Microsoft says cybercriminals have exploited still-unpatched flaw
ZDnet
Major Antivirus Engines Failing To Detect Malware
AV programs having trouble keeping up with email viruses, study says
MICROSOFT.COM
Microsoft Patches Six Security Vulnerabilities
Three flaws deemed "critical" and could allow remote code execution
KOREA TIMES
Source Of Cyberattacks Originated From Britain
More than 160,000 zombies in 74 countries participated in DDoS attacks on U.S., Korea
IT PRO PORTAL
Major Weakness Found In E-commerce And SSL-VPN Connections
Vulnerability could allow attackers to launch man-in-the-middle attacks on e-commerce sites
BLOOMBERG
Facebook's Founder Hacked Harvard Computers To Score With Girls
New "Accidental Billionaires" biography offers unflattering picture of computer whiz Zuckerberg
MICROSOFT.COM
Microsoft Unveils Name For Single Sign-On Platform
"Geneva" is set for beta release 2, software giant says
MARSHALL 8e6.COM
Spam Volumes Up 60 Percent In First Half
Five botnets account for 75 percent of spam on the Web, report says
SOPHOS BLOG
Republican Urges Obama To Launch Cyberattack Against North Korea
U.S. needs to make "show of force" following last week's DDOS attacks, Hoekstra says
SECUNIA.COM
Memory Corruption Vulnerability Found In Firefox
JavaScript flaw could allow outsiders to compromise a user's computer, researchers say
SOPHOS BLOG
Office Web Components Exploits In The Wild
Microsoft today released another security advisory -- this one for a remote execution vulnerability affecting Microsoft Office Web Components that lets an attacker create a malicious Web page and take over a victim's machine
BKIS BLOG
Korea And US DDos Attacks: The Attacking Source Located In United Kingdom
Vietnamese researchers discover master server located in U.K. that controls all eight command and control servers, and says 166,908 zombies from 74 countries around the world were used in the mass DDoS attacks last week
THE TELEGRAPH
More Than 8,000 Computer Viruses Infect NHS Computers Over Last Year
U.K.'s NHS hospitals were hit by thousands of malware attacks in the past year
FOX NEWS
Wireless Cybercriminals Target Clueless Vacationers
Cybercriminals are targeting travelers by creating phony Wi-Fi hot spots in airports, hotels, and airlines
NETWORK WORLD
How To Use Electrical Outlets And Cheap Lasers To Steal Data
Researchers at Black Hat will demonstrate how to tap into an electrical socket and, using a laser, hack a nearby computer
HEISE ONLINE
Milw0rm Exploit Portal Resumes Normal Service
The milw0rm exploit portal is back online after announcing it may shut down
The milw0rm exploit portal is back online after announcing it may shut down
Most Enterprises May Avoid Windows 7: Study
Around 60 percent of IT administrators do not plan to migrate to Microsoft Windows 7, a ScriptLogic study found
MINNESOTA PUBLIC RADIO
So-Called Cyberattack Was Overblown
Bruce Schneier says the news isn't the attacks, but that some networks had "lousy" security
WIRED SCIENCE
The Next Hacking Frontier: Your Brain?
Some scientists worry that when new technology enabling the use of thoughts to operate a computer or wheelchair goes wireless, it could become subject to "brain" hacking
YONHAPNEWS
S. Korea Reports Halt In Computer Attacks
Officials say the massive DDoS attacks on South Korean Websites may be over
BLOOMBERG
Ex-Goldman Programmer Detailed His Code Downloads To FBI Agent
The former computer programmer arrested last week for stealing software from his employer told an FBI agent he uploaded proprietary code to an encrypted server he had used on "multiple occasions"
SC MAGAZINE
Social Network Site Sued For Spamming
Social networking site Tagged.com is being sued by New York state for deceptive email marketing practices and invasion of privacy
WIRED
Chinese Spying Claimed In Purchases Of NSA Crypto Gear
A Chinese man charged with allegedly attempting to purchase sensitive military and NSA encryption equipment on the Internet says he was "acting at the direction of officials for the People's Republic of China"
IT WORLD
France Creates New National IT Security Agency
The French Networks and Information Security Agency (FNISA) will monitor sensitive government networks to detect cyberattacks
COMPUTERWORLD
Text Message Scammers Quietly Prey On Regional Banks
A new form of phishing sends regional bank members a text message pretending to be from their bank
GOVERNMENT COMPUTER NEWS
CIP Standards May Not Be Enough To Secure Electric Grid
Security experts say new security standards for electric power distribution systems don't go far enough
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3270 (vnx_control_station, celerra_control_station)
EMC VNX Control Station before 7.1.70.2 and Celerra Control Station before 6.0.70.1 have an incorrect group ownership for unspecified script files, which allows local users to gain privileges by leveraging nasadmin group membership.
CVE-2013-1014 (itunes)
Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate.
CVE-2013-1011 (itunes)
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
CVE-2013-1010 (itunes)
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
CVE-2013-1008 (itunes)
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.