Best Of Web
Best Of The Web
OFFICE OF THE MARYLAND ATTORNEY GENERAL
Credit Reporting Service Experian Reports Unauthorized Access Of Customer Data
Disclosure does not say whether customers from other states were affected
CIO
Malaysian Foreign Ministry's Website Compromised
Attackers redirect traffic to malware-bearing site
WIRED
Feds Say 'Dragnet' Surveillance Lawsuit Threatens Security
Obama administration defends NSA's tactic of warrantless eavesdropping
FINEXTRA
E-Banking Used By Four Out Of Five U.S. Online Households
Despite security concerns, usage of banking sites increases
CNET
Survey: Why Do People Respond To Spam?
Almost one-third of users say they have responded to email they suspected was spam
ZDNET UK
Tories Champion NASA Hacker In Parliament
Battle to prevent extradition of Gary McKinnon goes on
NEW ZEALAND HERALD
Passwords 101: A Simple Way To Make It Hard For Hackers
Protecting your account is not difficult, but many users fail to remember the basics
CSO
E-Commerce Fraud -- The Latest Criminal Schemes
Expert outlines some of the latest exploits involving online payment systems
COMPUTERWORLD
Twitter Documents Stolen From Google Apps
Hacker distributes information on Twitter employees, finances
INTERNET NEWS
LexisNexis Breach Linked To Mafia
Details of the company's most recent breach paint a harrowing picture
LONDON TELEGRAPH
FBI Probes PRANKnet Over Thousands Of Dollars In Damage Caused To Hotels And Restaurants
Prank calls allege trouble in hotel rooms, restaurant kitchens, causing losses
PHISHCAMP
PacketFocus Launches PhishCamp
Managed service lets users "audit" internal employees
INTERNET NEWS
Spam Not So Profitable?
Despite huge rise in volume, many spammers don't make as much money as you might think
DEFENSE NEWS
Recent Cyberattacks Have Little Impact On U.S.
Attacks "noisy," but not particularly sophisticated, experts say
ESECURITY PLANET
Hackers Exploit Flaw In Microsoft Office
Microsoft says cybercriminals have exploited still-unpatched flaw
ZDnet
Major Antivirus Engines Failing To Detect Malware
AV programs having trouble keeping up with email viruses, study says
MICROSOFT.COM
Microsoft Patches Six Security Vulnerabilities
Three flaws deemed "critical" and could allow remote code execution
KOREA TIMES
Source Of Cyberattacks Originated From Britain
More than 160,000 zombies in 74 countries participated in DDoS attacks on U.S., Korea
IT PRO PORTAL
Major Weakness Found In E-commerce And SSL-VPN Connections
Vulnerability could allow attackers to launch man-in-the-middle attacks on e-commerce sites
BLOOMBERG
Facebook's Founder Hacked Harvard Computers To Score With Girls
New "Accidental Billionaires" biography offers unflattering picture of computer whiz Zuckerberg
MICROSOFT.COM
Microsoft Unveils Name For Single Sign-On Platform
"Geneva" is set for beta release 2, software giant says
MARSHALL 8e6.COM
Spam Volumes Up 60 Percent In First Half
Five botnets account for 75 percent of spam on the Web, report says
SOPHOS BLOG
Republican Urges Obama To Launch Cyberattack Against North Korea
U.S. needs to make "show of force" following last week's DDOS attacks, Hoekstra says
SECUNIA.COM
Memory Corruption Vulnerability Found In Firefox
JavaScript flaw could allow outsiders to compromise a user's computer, researchers say
SOPHOS BLOG
Office Web Components Exploits In The Wild
Microsoft today released another security advisory -- this one for a remote execution vulnerability affecting Microsoft Office Web Components that lets an attacker create a malicious Web page and take over a victim's machine
BKIS BLOG
Korea And US DDos Attacks: The Attacking Source Located In United Kingdom
Vietnamese researchers discover master server located in U.K. that controls all eight command and control servers, and says 166,908 zombies from 74 countries around the world were used in the mass DDoS attacks last week
THE TELEGRAPH
More Than 8,000 Computer Viruses Infect NHS Computers Over Last Year
U.K.'s NHS hospitals were hit by thousands of malware attacks in the past year
FOX NEWS
Wireless Cybercriminals Target Clueless Vacationers
Cybercriminals are targeting travelers by creating phony Wi-Fi hot spots in airports, hotels, and airlines
NETWORK WORLD
How To Use Electrical Outlets And Cheap Lasers To Steal Data
Researchers at Black Hat will demonstrate how to tap into an electrical socket and, using a laser, hack a nearby computer
HEISE ONLINE
Milw0rm Exploit Portal Resumes Normal Service
The milw0rm exploit portal is back online after announcing it may shut down
The milw0rm exploit portal is back online after announcing it may shut down
Most Enterprises May Avoid Windows 7: Study
Around 60 percent of IT administrators do not plan to migrate to Microsoft Windows 7, a ScriptLogic study found
MINNESOTA PUBLIC RADIO
So-Called Cyberattack Was Overblown
Bruce Schneier says the news isn't the attacks, but that some networks had "lousy" security
WIRED SCIENCE
The Next Hacking Frontier: Your Brain?
Some scientists worry that when new technology enabling the use of thoughts to operate a computer or wheelchair goes wireless, it could become subject to "brain" hacking
YONHAPNEWS
S. Korea Reports Halt In Computer Attacks
Officials say the massive DDoS attacks on South Korean Websites may be over
BLOOMBERG
Ex-Goldman Programmer Detailed His Code Downloads To FBI Agent
The former computer programmer arrested last week for stealing software from his employer told an FBI agent he uploaded proprietary code to an encrypted server he had used on "multiple occasions"
SC MAGAZINE
Social Network Site Sued For Spamming
Social networking site Tagged.com is being sued by New York state for deceptive email marketing practices and invasion of privacy
WIRED
Chinese Spying Claimed In Purchases Of NSA Crypto Gear
A Chinese man charged with allegedly attempting to purchase sensitive military and NSA encryption equipment on the Internet says he was "acting at the direction of officials for the People's Republic of China"
IT WORLD
France Creates New National IT Security Agency
The French Networks and Information Security Agency (FNISA) will monitor sensitive government networks to detect cyberattacks
COMPUTERWORLD
Text Message Scammers Quietly Prey On Regional Banks
A new form of phishing sends regional bank members a text message pretending to be from their bank
GOVERNMENT COMPUTER NEWS
CIP Standards May Not Be Enough To Secure Electric Grid
Security experts say new security standards for electric power distribution systems don't go far enough
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-2866
The Flash plug-in in Google Chrome before 27.0.1453.116 does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
CVE-2013-2969
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
CVE-2013-2968
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
CVE-2013-4622 (droid_incredible)
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
CVE-2013-0484 (cognos_tm1)
The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via an undocumented API call that triggers the transmission of unexpected data.