Best Of Web
Best Of The Web
WIRED
President-Elect Obama Must Surrender His BlackBerry, Says Gov't Tech Analyst
President-elect Barack Obama will have to relinquish his Blackberry when he takes office because the feds can��t guarantee security of his communications
HELP-NET SECURITY
Attacks on Banks
An in-depth look at methods being used to attack financial institutions and banks
CGI SECURITY
Firefox 3.0.4 Released To Address Multiple Security Flaws
New release of browser address buffer overflow, XSS, and JavaScript vulnerabilities
FORBES
Metadata: An Invisible CAPTCHA
Soon you may not have to squint at distorted letters to prove your humanity
STARS AND STRIPES
Army Waited To Tell Of Possible Security Breach
Six thousand are notified of lost laptop �� more than a month after the loss occurred
COMPUTERWORLD AUSTRALIA
Experts Douse Sinowal Trojan Hype
Security experts cast doubt on media reports that 20,000 Australian bank accounts have been compromised
HELP NET SECURITY
Hacking Your PBX: 15 Ways To Make The Most Of A Modern Phone System
A tips-and-tricks guide to taking advantage of your IP PBX
CAPE COD TIMES
Sandwich Theft Highlights Prevalence Of Hackers
Crime in Cape Cod area is just the tip of the hot pastrami, law enforcement says
LA TIMES
Cyber-Attack On Defense Department Computers Raises Concerns
Malware-borne attack, thought to be from inside Russia, hit combat zone computers and the U.S. Central Command overseeing Iraq and Afghanistan
DAILY PENNSYLVANIAN
Victoria's Secret Competition Gets Hacked
Two Drexel University students wrote a Perl script that could log 1,500 votes per second on the Victoria's Secret Web site gathering votes to select the first college to be added to its Pink Collegiate Collection
FOXNEWS.COM
World Bank Removes Chief Information Officer Following Cyber Attacks
The World Bank dropped a vice president who served as its chief information officer in the wake of a series of computer hacks
LIQUIDMATRIX SECURITY DIGEST
CBS.com Compromised
An iFrame loads another malicious script from a remote server controlled by criminals in Russia, causing a possible installation of malware
NETWORK WORLD
Former Worker Sentenced For Wrecking Corporate Servers
Connecticut man was sentenced to prison for sabotaging three servers at his former employer
CGISECURITY.COM
Yahoo Security Flaw Fixed In Hours
Yahoo's HotJobs division fixed the cross-site scripting flaw found on Sunday
SILICON.COM
EU Privacy Law Shake-Up To Force Data Breach Confessions
Businesses and authorities soon could be forced to confess to data breaches, according to EU's privacy czar
FINANCIAL TIMES
Chinese Hack Into White House Network
Chinese hackers have accessed White House computer network several times, grabbed e-mails between government officials
EWEEK
Obama Urged to Take Immediate Cybersecurity Steps
President-elect promises to appoint a national cybersecurity adviser
BBC
Pakistan Unveils Cybercrime Laws
President Asif Ali Zardari's decree making Internet crime punishable with death or imprisonment
ZDNET
Obama Community Blog Redirecting To Malware
Victims redirected from official Barack Obama Website to malware
FTC
Mortgage Company Settles Data Security Charges
Texas-based mortgage lender has settled Federal Trade Commission charges of failing to provide reasonable security to protect customer data
WTEN
Former Mass. Inmate Accused of ID Theft
Inmate allegedly hacked into prison network and stole personal information of hundreds of prison workers
US CERT
Microsoft Releases Advance Notification for November Security Bulletin
Next round of patches will include one critical bulletin for Windows and Office
ARS TECHNICA
Battered, But Not Broken: Understanding the WPA Crack
Researchers who found WPA vulnerability say they did not recover keys used for encryption
LA TIMES
Two Los Angeles Traffic Engineers Admit Hacking
Engineers hacked traffic lights before a job action related to contract negotiations with the city
MY SANANTONIO.COM
Computer Security Expert Gets 20 In Child Porn Case
Former executive vice president at Digital Defense reportedly bragged his expertise would prevent his getting caught
O'REILLY
Hacking the Psyche
Remote entities will be able target people's on-line presence to capture and leverage their emotional states, feelings
TECHWORLD
WPA Cracked For The First Time
Hackers broke the Temporal Key Integrity Protocol (TKIP) key used by WPA within 15 minutes
IT NEWS
Corporate Bloggers Urged to Tighten Security
Main threat to blogs includes spam left in the comments section and SQL injection attacks that could exploit vulnerabilities in blogger software
WWAY TV 3
NC Government Computer With Personal Info Stolen
Department of Health and Human Services computer stolen from an employee
SEARCHSECURITY
New Malware New Malware Exploits Microsoft RPC Flaw
Microsoft says the malware in the wild represents a significant threat
SECUREWORKS
SecureWorks Offers Free Tool to Kill Notorious Info-Stealing Trojan
Untorpig removes the stealthy Torpig Trojan that grabs financial data
CHANNEL WEB
Firefox Adds 'Porn Mode' and Marketshare
Mozilla adds enhanced privacy browsing mode to Firefox browser
COMPUTER CRIME RESEARCH CENTER
Hacker Claims Apple Products Can Be Shut Down
Hacker who didn��t get hired by Apple says he could embed a virus in video that would crash an iPhone
SANS INTERNET STORM CENTER
Hacking the Election
Targeted phishing attack at George Mason University tried to suppress the vote
TECHWORLD
Urgent Windows Patch Caused By Mystery Trojan
Trojan that resulted in emergency patch for Windows had infected only about 200 computers
THE REGISTER
NY Man Charged With Boosting TJX Credit Hijack
Stephen Watt, 25, modified a sniffer program to help the alleged leader of the hacking gang that hit TJX Companies and other others
HELP NET SECURITY
Top Nine IT Security Threats For 2009
Malicious insiders comprise top threat for coming year
CSO
Federal Breach Law? No Time Soon
States make progress with legislation, but don't hold your breath for a federal counterpart, attorney says
IT PRO
PCI Expert: Data Loss Hurts Brand More Than A Fine
The real pain is in loss of trust, PCI SSC general manager says
CHANNELWEB
Who Will Be Obama's Cyberspace Czar?
President-elect isn't saying yet, but here are ten good candidates
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-2866
The Flash plug-in in Google Chrome before 27.0.1453.116 does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
CVE-2013-2969
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
CVE-2013-2968
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
CVE-2013-4622 (droid_incredible)
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
CVE-2013-0484 (cognos_tm1)
The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via an undocumented API call that triggers the transmission of unexpected data.