Best Of Web
Best Of The Web
CULTURE MANDALA
How China Will Use Cyber Warfare To Leapfrog In Military Competitiveness
How China is using cyber warfare to gain an edge
TELECOM ASIA
Researchers Developing World's First Optical Firewall
European Union project is building an optical firewall that can analyze data at speeds up to 40Gbps
ASSOCIATED PRESS
State Department Warns Of Possible Identity Theft
Passport applications of nearly 400 people were illegally accessed to open phony credit card accounts and a State Department employee has been fired
ASSOCIATED PRESS
Former McAfee Employee Arrested On Suspicion Of Misappropriating Millions From The Company
Former McAfee product marketing manager steered more than $3.8 million in business from the company to vendors in which she had a financial interest
The Daily Mail
Tax Website Shut Down After Memory Stick With Secret Personal Data Of 12 Million Is Found In A Pub Car Park
A key UK government system has been shut down after USB containing passcodes to the system was discovered
8E6 TECHNOLOGIES
More Than Half of U.S. Workers Visit Social Networking Sites at Least Once a Day
Study shows dangers of social networking at work
ST. LOUIS POST-DISPATCH
Preventing Identity Theft Is Everybody's Job
Tips for how to protect yours and others�� identities
MAXIMUM PC
Why Is Google Running Ads For Known Malware Sites?
Research turns up a Google Adwords link to infamous Antivirus xp 2008 exploit
CNET
Microsoft Explains Seven-Year Patch Delay
Fixing the vulnerability would have broken customers' network applications, software giant says
THE REGISTER
Over-Feeding Phishers Struggle To Make Ends Meet
Contrary to popular belief, phishers make little or no money, Microsoft researchers say
IT PRO
Q&A: DNS Inventor Paul Mockapetris
DNS pioneer is looking beyond near-term threats to improve Internet security
WIRED
Net Spying Firm And ISPs Sued Over Ad System
Lawsuit seeks��damages on behalf of ISP customers that were monitored in NebuAd tests
IT WIRE
A Real-World Website Crack Before Your Eyes
Get a first-hand look at how SQL injection allows hackers to compromise popular Websites
NBC DALLAS-FORT WORTH
Military ID Theft Ring Steals More Than $1 Million
Leak at Fort Worth base compromises identities of 8,000 military members
DAILY YOMIURI ONLINE
Fake ATM Cards Used To Steal More Than $4 Million In Japan
Criminals used counterfeit ATM cards made with personal information leaked from another company
ICANN.ORG
Termination Of EstDomains To Go Ahead
Domain registrar censured after CEO convicted of fraud by Estonian court
CA.COM
CA To Acquire Identity And Access Management Vendor
Software giant purchases Eurekify for undisclosed sum
ALL HEADLINE NEWS
Stolen Hard Drives In Arizona Spark Identity Theft Concerns
Department of Economic Security loses drives containing sensitive data on 40,000 children
USA TODAY
Internet Thieves Make Big Money Stealing Corporate Info
Industrial espionage thrives in many forms online
THE TIMES OF INDIA
iPod As Device for Stealing Data
iPods, not USB sticks, are being used to siphon stolen corporate data
WIRED
Groups Warn Election Officials About Diebold Voting Machine Flaw
Election officials have been warned that Premier Election Solutions�� voting tabulation software has problem that could lead to lost votes
THE WASHINGTON POST
GAO: Localities Expose Social Security Numbers Online
General Accounting Office report says many county governments in the U.S. provide citizen's full or partial Social Security Numbers online or in bulk to private companies
NETWORK WORLD
Morris Worm Turns 20: Look What It's Done
The Nov. 2, 1988 Internet worm showed how dangerous software bugs could
9YSR.COM
Curbing Cell Phone Spam
What to do to reduce your chance of getting spammed text messages
THE TIMES ONLINE
Nicolas Sarkozy Bank Fraud Investigation Takes New Twist
Sarkozy��s father and first wife were also victims, indicating hackers meant to target French President��s account, law enforcement officials say
COMPUTER RESELLER NEWS
9 Scary Halloween Malware Tricks
A look at infamous dancing skeletons, sexy skeletons, and Halloween en espanol gimmicks to bot-infect machines
NEWSWEEK
Hackonomics
Crime still pays for identity thieves �� just a little less than it once did
THE CONSUMERIST
How Outsourced Call Centers Are Costing Millions In Identity Theft
Third party involvement can create serious security problems, experts say
THE REGISTER
Feds Indict International Cyber Crook Accused of $1.7M Crime Spree
Hacker allegedly broke into Pentagon, NASA, Hamas
BJHC & IM
Finjan Offers Step-By-Step Description of How Cybercriminals Steal Corporate Data
It all starts with a single employee who unwittingly downloads a Trojan
BBC NEWS
Bosses "Ignore Toxic Data Risk"
Bosses must stop leaving security to the "IT boys" and take responsibility themselves, watchdog group says
THE REGISTER
Schneier Sticks It To Surveillance
Security guru challenges the the view that privacy and security are at loggerheads
PORTFOLIO.COM
Deutsche Telekom Suspends Five In Data Scandals
Managers and lower-ranking workers held responsible
HOW STUFF WORKS
The Top 10 Worst Computer Viruses of All Time
A look back at the ugliest bugs ever to hit your hard drive
FCW.COM
Report: Some Good News On Government IT Security
PricewaterhouseCoopers report says government has improved its security technology, but it still lags on setting policies, training
MESSAGING ANTI-ABUSE WORKING GROUP
ISP Industry Group Takes on Botnets
Among the new projects at The Messaging Anti-Abuse Working Group (MAAWG) is cooperative industry efforts in the safe mitigation of botnets
ZDNET
Internet-Scale 'Man In The Middle' Attack Announced
Black Hat researcher talks about emerging vulnerability that would affect thousands of networks
FINJAN
How A Trojan Stole Corporate Data
Example of corporate data theft by a Trojan that successfully avoided traditional Web security
FORTIGUARD CENTER
Facebook Worm Drives By Google Reader
New Facebook worm drives people to the trusted site of Google Reader, and also targets Picasa
HELP NET SECURITY
What To Do About Social Networking At Your Company
Social networks improve communication, but hinder productivity and security
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-2059
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.
CVE-2013-2007
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
CVE-2013-2006
OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file.
CVE-2013-1977
OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file.
CVE-2013-1964
Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releasing a non-v1, non-transitive grant, which allows local guest administrators to cause a denial of service (host crash), obtain sensitive information, or possible have other impacts via unspecified vectors.