Best Of Web
Best Of The Web
NEMESIS
Multiple Bugs On EBAY.CO.UK Website
Researchers discover XSS and iFrame URL injection vulnerabilities that let bad guys launch phishing attacks
THE AUSTRALIAN
Chinese Spies Target PM Kevin Rudd's Email
Prime minister of Australia directly targeted by Chinese hackers trying to break into his email and mobile phone communications
FACEBOOK BLOG
How Microsoft And Facebook Teamed Up Against Koobface Virus
Microsoft's program manager for the company's Malware Protection Center tells how his team worked with Facebook's security team to battle Koobface
BUSINESS WIRE
Anti-Phishing Working Group Leading Initiative To Stop Consumers From Falling Prey To Money Laundering Scams
New public education initiative will deliver free countercrime video instruction to consumers
COMPUTERWORLD
British UFO Hacker's Supporters Rally At U.S Embassy In London
Gary McKinnon's mother was among the protesters demonstrating against his extradition to the U.S. for breaking into military and NASA computers
COMPUTERWORLD UK
G20 Protests: Don't Be Paranoid, But Prepare For Cyberattack, Say Analysts
Banks will face threats of defaced Websites, wireless network intrusions while world leaders convene at G20 summit
WIRED
Vowing to Prevent 'Cyber Katrina,' Senators Propose Cyber Czar
Legislation would federalize cybersecurity and let government regulate cybersecurity protocols in private industry
SCHNEIER ON SECURITY
Who Should Be In Charge Of U.S. Cybersecurity?
Putting national cybersecurity in NSA's hands is a bad idea, says security technologist Bruce Schneier
SEARCHSECURITY
Cloud Computing Group To Tackle Security Concerns
New organization will give security advice to companies adopting cloud computing products
DOXPARA BLOG
New, Improved Conficker Scanner
A new, more accurate nmap Beta 7 is released
ZDNET
DDoS Attack On UltraDNS Affects Amazon.com, Salesforce.com, Petco.com
NeuStar-managed DNS service customers knocked offline for several hours by a distributed denial-of-service attack
COMPUTERWORLD
Conficker's Makers Lose Big, Expert Says
Attackers behind Conficker worm wasted their effort, thanks to widespread attention, argues Symantec executive
THE STRAITS TIMES
Hackers Copied Chinese Cabinet Official's Files
Attackers break into a senior Chinese cabinet official's computer containing drafts of Premier Wen Jiabao's government work
MSNBC
Dalai Lama Condemns Hacking Of Computers
The Dalai Lama says no matter who is hacking into the computers of his Tibetan government-in-exile, the data appears to go to the Chinese government
ZDNET
Malicious Sites Jump 200 Percent
MessageLabs report says it blocked 200 percent more malicious sites with spyware in March than in February
GOOGLE BLOG
Google-Postini Spam Data And Trends: Q1 2009
Overall spam volume is back on track after a drop following the McColo takedown
COMPUTERWORLD
Kaiser Fires 15 Workers For Snooping In Octuplet Mom's Medical Records
A Kaiser Permanente hospital fires 15 employees and reprimands eight others for improperly accessing Nadya Suleman's personal medical
NIST NEWS
Free Online Antivirus, Spyware, And Firewall Scanners Review
A look at free online virus and scanning tools available today
FBI
2008 Internet Crime Report
Internet fraud complaints rise 33.1 percent compared to year prior
IT RISK SPACE
Conficker Handling Instructions
A step-by-step removal of Conficker worm, including a removal tool
CNET
Symantec Investigating Customer Credit-Card Data Theft
Symantec says 200 U.S. customers' credit cards may have been leaked from call center in India
TECHWORLD
Foreign Phisher Makes History With U.S. Conviction
A Romanian man has become the first foreigner convicted by a U.S. court for phishing
HONEYNET PROJECT
Know Your Enemy: Containing Conficker
New research paper explains how to detect, contain, and remove Conficker
WIRED
Former Teen Stock Swindler Hit With New Hacking Charges
Van T. Dinh, who was once imprisoned for an online stock-trading scheme, is back in jail again after allegedly hacking into a currency exchange service
CSO ONLINE
3 Ways Pen Testing Helps DLP (And 2 Ways It Doesn't)
Orbitz CISO says penetration testing is valuable in his data loss prevention strategy -- but it doesn't detect all security problems
THE REGISTER
EU Issues Ultimatum On Internet Privacy
The European Commission delivered an ultimatum to Internet firms to improve privacy or face regulatory enforcement
IT WORLD
Taiwan Says It Will Discuss Cybercrime With China
Official says Taiwan will raise issue of cyberespionage with China during an upcoming meeting in Beijing
BETA NEWS
Virginia Anti-Spam Law Now Dead After Supreme Court Rejects Appeal
An effort to reinvigorate an antispam law that sends serial spammers to jail has failed
ENTERPRISE SECURITY TODAY
Partnership Aims To Fight Cybercrime
Concerned communities in the San Francisco area have formed a cybercrime-fighting alliance in possibly the largest such community effort
COMPUTERWORLD
Gartner: No Need To Drop Heartland, RBS Worldpay Over PCI Delistings
Gartner experts say decision to revoke payment companies' PCI compliance shouldn't affect clients
TENABLE SECURITY
The Anatomy Of Security Disasters
Security expert Marcus Ranum discusses why security breaches happen -- and what to do about them
NETWORK WORLD
Mafiaboy Speaks Out
Teen hacker-turned-pen-tester discusses why the Internet is still broken
DAILY MAIL
19,000 U.K. Credit Card Details Posted On The Net...And Available On Google
Database of stolen identities found with simple Google search
MULTICHANNEL NEWS
Web Privacy Bill Coming
Legislation would prevent online marketers from sharing Web-surfing data without permission
THE REGISTER
Researchers Poke Holes In Super Duper SSL
Assumptions made following initial vulnerability discovery are wrong, researchers say
CBS NEWS
The Internet Is Infected
60 Minutes
SOFTPEDIA
Conficker Hits U.K. Parliamentary Network
Security memo instructs users to stop using removable storage devices
H-DESK.COM
Malware As A Christmas Gift
A guide to recognizing and avoiding holiday-related attacks
SWITCHED.COM
Fifteen Dangerous Emails You Should Delete Immediately
Screen shots show how to recognize the nastiest email attacks
INFOWORLD
Eight Easy Steps To iPhone Security
First rule: never, never leave your iPhone unlocked
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
- Three Principles to Improve Data Security and Compliance
- Aligning IT with strategic business goals: A proactive approach to managing IT risk to your business
- Connecting the Dots: Are You Seeing the Complete Big Data Picture?
- How crowdsourced testing has changed the game for innovative software companies
- Ensuring Your Apps Work in the Real World
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3562
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3561
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
CVE-2013-3560
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3559
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
CVE-2013-3558
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.