Best Of Web
Best Of The Web
RISKYBIZ
Attorney General Confirms CNVA "Suspension"
As of July 1, the department will no longer offer subsidies for security testing services to companies operating "critical infrastructure"
THE REGISTER
Apple Plugs QuickTime And iTunes Flaws
The new version 7.6.2 of QuickTime addresses bugs that could exploit Macs and Windows PCs with booby-trapped movies or audio files
SECURITY PARK
Romanian Hacker Started Phishing Campaign When He Was 14 Years Old
The U.S. District Court in Minneapolis has sentenced a 23-year-old Romanian immigrant for stealing $700,000 from more than 7,000 victims
NETWORK WORLD
Oregon Joins List Of States Saying No To Real ID
Lawmakers in Oregon's House of Representatives approve a bill that would prohibit agencies from spending state money on implementing the Real ID Act unless the federal government reimburses them
SECURITYPRONEWS
Government Web Pages Baited With Sex Scandal
California's San Bernadino County and Washington State both have Web pages that were injected with malicious frames that direct victims to a "sex scandal"
AJAX WORLD MAGAZINE
.ORG Is the First Open Top-Level Domain to Be Signed With Domain Name Security Extensions
The Public Interest Registry, which runs the .ORG domain name, has signed the .ORG zone file with DNSSEC
NETWORK WORLD
Can Cloud Services Become Credit Card Botnets?
Public cloud computing infrastructure could provide groundwork for new attacks, researcher says
PC PLUS
Who's Hacking Your PC?
A look at where hackers come from --and where they're going
MX LOGIC
Is Waledac Ready For Another Round?
June threat report suggests malware site may be prepping for another round
LUMENSION
Meet Gumblar -- Son Of Conficker
As attack continues to evolve, threat from Gumblar is increasing, expert says
MARSHAL8E6
New Fake Bank Of America Campaign Launched
New spam attack emanates from Pushdo botnet
PUBLIC SERVICE UK
Pensions Trust Loses 109,000 Records
Lost laptop held data on thousands of charity workers
ANNOYANCES.ORG
Firefox Users Complain That Microsoft Extensions Leave Browser Exposed
Microsoft's .NET extensions leave Firefox open to same vulnerabilities as IE, critics say
VIRUSLIST.COM
The Twitter Worm That Isn't
A new Twitter attack actually promoting a fake security application includes a PDF with several exploits inside
REUTERS
Experts Warn Mobile Phones Face Hacking Threat
Attackers posing as your wireless provider can grab confidential information via a simple text message
Channel 4 WMGT.com
Phone Scam Targets All 22,000 Residents Of Connecticut Town
Bad guys pose as Guilford Savings Bank, asking users to provide their bank card and PIN data
STRONGWEBMAIL.COM
Break Into My Email Account And Win $10,000
StrongWebmail.com is offering $10,000 to the first person who breaks into its CEO's email account -- username and password provided
MCAFEE
McAfee Releases June Spam Report
Obama spam dropped by 90% immediately after his inauguration
TECHWORLD
Hackers Exploiting Unpatched Microsoft Bug...Again
Microsoft is warning users for the third time that attackers are again exploiting an unpatched critical vulnerability in its DirectX application
WIRED
Ex-Employee Fingered In Texas Power Company Hack
A former employee of Texas power company Energy Future Holdings is raided by the FBI as part of an investigation into a data breach that knocked offline the firm's energy forecast system
HEISE ONLINE
DSL Router Remotely Controlled By URL
A researcher at a conference in Krakow has published details on how to make the Linksys WAG54G2 WLAN DSL router execute arbitrary shell commands
SC MAGAZINE
Identity Theft Ring Busted In New York
Thieves worked with bank insiders to compromise the checking accounts of nearly 350 N.Y.-based corporations, religious institutions, hospitals, and schools, as well as city and state government agencies, to steal millions of dollars, prosecutors say
IT WORLD
Aetna Contacts 65,000 After Web Site Data Breach
Some current and former Aetna employees may have had their Social Security numbers compromised in a Web site data breach
SECURE COMPUTING
Homeland Security To Scan Fingerprints Of Travelers Exiting The U.S.
The U.S. Department of Homeland Security will begin a controversial pilot to scan the fingerprints of travelers departing the U.S.
EWEEK
Department Of Interior Computers Missing, Report Finds
Interior can't locate 20 percent of its computers /P>
PCWORLD
Securing The Desktop: Eight Internet Security Suites
G-Data Internet Security 2010 had the right mix of test scores, security features, and usability
INFORMATIONWEEK
Anti-U.S. Hackers Infiltrate Army Servers
A group of black-hat hackers with anti-American leanings successfully broke into at least two sensitive Web servers maintained by the U.S. Army, IWeek has learned
NETWORK WORLD
New Travel Rules Kick In June 1 Amid Concerns Over RFID-Tagged Passport Cards
On June 1, new travel requirements go into effect about using RFID-enabled passports, which security experts say can be easily cloned
FORBES
Pentagon Seeks High School Hackers
New military-funded program aims to leverage an untapped resource: the population of geeky high school and college students in the U.S.
COMPUTERWORLD
90 Percent Of Email Is Spam, Symantec Says
Nearly 60 percent of spam is from botnets
SCHNEIER ON SECURITY
Schneier And Ranum On Face-Off Video
Bruce Schneier and Marcus Ranum post video versions of their Face-Off columns -- on cloud computing and on who should be in charge of cybersecurity
PC MAGAZINE
SP2 For Vista, Windows Server 2008 Available For Download
Microsoft has released the standalone installers for Service Pack 2 for Windows Vista and Windows Server 2008
WIRED
Obama's Supreme Court Pick Schooled In Cyberlaw
Judge Sonia Sotomayor would be the first justice with a history of precedent-setting rulings on cyberlaw issues
SECURITY HEAVY
Survey Says: Vendors Don't Understand Enterprise Buyers
PR agency finds 59 percent of enterprise buyers rely on security Websites to learn about threats, products, and services, but only 30 percent of vendors use that channel to educate buyers
L0PHTCRACK
L0phtcrack Is Back
Famed hacker group has set up a new Website and is offering its password-cracking tool
THREAT POST
RIM Issues Patch For Serious PDF-Handling Flaw In Blackberry Software
Patch fixes several vulnerabilities in the BlackBerry Enterprise Server and BlackBerry Professional Software
STRATEGY PAGE
The FBI Is Under Attack
The FBI and U.S. Marshalls Service were hit with an aggressive virus on May 21, prompting them to temporarily shut down their external network connections
SILICON REPUBLIC
Spammers Hack Twitter Accounts To Spread Ads
Affected Twitter users are encouraged to use stronger passwords
SECURITY FOCUS
Judge Tosses BC 'Hacker' Search Warrant
Judge orders student's computers and other equipment returned
INFORMATIONWEEK
Tech Road Map: 3G Security Getting Better, But Still Incomplete
Safeguarding wireless traffic in transit is only part of the solution, experts say
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3496 (vipnet_client, vipnet_coordinator, vipnet_personal_firewall, vipnet_safedisk)
Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone: Full Control) for a folder under %PROGRAMFILES%\Infotecs, which allows local users to gain privileges via a Trojan horse (1) executable file or (2) DLL file.
CVE-2013-2849 (chrome)
Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.
CVE-2013-2848 (chrome)
The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors.
CVE-2013-2847 (chrome)
Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors.
CVE-2013-2846 (chrome)
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840.