Best Of Web
Best Of The Web
FOX NEWS
Cyber Attack Linked To Company Of Former Russian Spies
Attack on the U.S. military network traced to front company run by former Russian KGB members
HOOVER INSTITUTION
Botnets: The New Weapons Of Mass Destruction?
Conservative thinktank dubs zombie networks "eWMDs"
THE REGISTER
Security Guru Window Snyder To Leave Mozilla
Mozilla's top security dog rumored to be headed to non-security startup
HELP NET SECURITY
Top 10 Holiday Threats Of 2008
A look at some of the most popular attacks this season
GOOGLE
Google Issues Browser Security Handbook
Guide outline security strengths and weaknesses in popular browsers
MICROSOFT.COM
Reducing Attack Surface By Turning Off Protocol Handlers
Users can eliminate security vulnerabilities by shutting off unneeded protocol feature
TWIN CITIES.COM
Ex-employee Found Guilty Of Computer Sabotage
After being fired, IT employee installs malware on more than 1,000 servers
MICROSOFT ON THE ISSUES
Methods Matter When Protecting Privacy Online
Software giant explains its approach to anonymization
JEREMIAH GROSSMAN'S BLOG
Builders, Breakers, And Malicious Hackers
Is the security industry too focused on breaking software, rather than building secure apps?
INTERNET STORM CENTER
50+ Mistakes To Avoid In Information Security
Alternate headline: "How To Suck At Information Security"
CSO ONLINE
Employee Monitoring Is Good For The Employee
Tracking employee behavior helps prevent damage from insider attacks, security exec argues
BREAKINGPOINT LABS BLOG
PHP Safe Mode Considered Harmful
Safe Mode is inconsistent and all it takes is one dangerous function to get through to negate it completely
HEISE SECURITY
Report: 2.5 Million Pcs Infected With Conficker Worm
F-Secure says there are already nearly 2.5 million PCs infected this worm, also known as Downadup
OEM DOWNLOAD BLOG
Malicious Code Used to Redirect Banking Customers to Fraud Sites
Websense reports that malware attack uses Window hosts file and redirects users from their financial institution to a phishing site
MICROSOFT MALWARE PROTECTION CENTER
MSRT Released Today Addressing Conficker and Banload
Microsoft has added detection to MSRT that detect and removes growing worm
NETWORK WORLD
Researchers Have Hope Of Cheap, Distributed Zero-Day Worm Defense
Inexpensive, peer-to-peer software could shut down zero-day attacks, researchers at the University of California at Davis say
THE REGISTER
Virus Writer Signs Off In Cordial Trojan Message To MS
Russian hacker sent Microsoft a hidden message in a new variant of the Zlob Trojan, including a greeting and heads up that he's moving on
INFORMIT
Top Eleven Reasons Why Top 10 (or Top 25) Lists Don't Work
Execs don't care about bugs, one person's bug is anothers "yawn," and other reasons lists aren't helpful
ZDNET
Hacker: I'll Plead Guilty in the UK
Gary McKinnon will plead guilty to charges in the UK, which could help him avoid extradition to the U.S.
INFORMATIONWEEK
Paris Hilton's Website Infected With Malware
ScanSafe says malware detected on Hilton's site has also been found on 15,000 other Web sites, including MLB.com
ORACLE
Oracle Critical Patch Update Advisory for January
Oracle strongly recommends that customers apply fixes as soon as possible
MICROSOFT
Microsoft Issues One Patch for January
MS09-001 is rated critical for Windows 2000, Windows XP and Windows Server 2003
SOPHOS BLOG
Safe-Cracker Arrested After Police Post CCTV Photos On Facebook
New Zealand police described capture of suspect "first Facebook arrest" after he's identified by postings on department's Facebook page
THE WASHINGTON POST
Tiny Charges Often Precede Big Trouble
Small, unauthorized charges on your credit card can be a sign that your account number has been stolen
HEISE SECURITY
RIM Closes Critical Holes In Blackberry
Update fixes hole that let malicious PDF files be used to attack a BlackBerry server
CNET
Obama's New BlackBerry: The NSA's Secure PDA?
A look at possible options for letting President-elect Obama keep his BlackBerry -- securely
NETWORK WORLD
How To Tell Which Employees Are More Of A Security Risk
A look at how to know who to could pose an insider threat
SOFTPEDIA
No Prison Time For Romanian NASA and U.S. Navy Hacker
Faur gets 16-month suspended sentence and $240,000 fine
SCANSAFE.COM
Top Five Industries Most At Risk Of Web-Based Malware
Energy, pharmaceutical and chemical industries top the list
SILICON REPUBLIC
Major Data Breaches Expected As Firms Cut IT Spending
Companies should be wary of cutting corners to save money, study says
IT PRO
Five Biometric Technologies Businesses Could Use
A look at emerging biometric authentication schemes for the office
FORTENT
Growing Financial Crime Threats: New Payment Methods, Identity Theft, and Eastern Europe
Mobile banking, pre-paid cards, and "virtual world" transactions, to be hot areas of regulatory interest, according to a new survey of senior anti-money laundering compliance officers
CNET
Microsoft Takes 7 Years To Fix Security Exploit
Security update MS08-068 patches an exploit discovered in 2000
USA TODAY
Cyberthieves Mine Online For Corporate Data Nuggets
Anatomy of a real targeted attack -- starting with a convincingly spoofed link on an intranet
GOVERNMENT COMPUTER NEWS
The Patch Paradox
When to patch and when to test before you patch
ARS TECHNICA
Nebuad, Isps Sued Over DPI Snooping, Ad-Targeting Program
Controversial behavioral-targeting ad firm has been hit by a class-action lawsuit, as well as a number of ISPs that tested NebuAd's technology
YAHOO NEWS
AVG Antivirus Update Mistakenly Deletes System File
An update for the AVG 8 antivirus software mistakenly warned that the Windows system file user32.dll was a Trojan
ANTI-MALWARE TESTING STANDARDS ORGANIZATION
AMTSO Adopts Guidelines for AV Tests
First step in fulfilling AMTSO��s mission to improve the testing of anti-malware products
BEST SECURITY TIPS
Top Ten Spyware/Malware for October 2008 by Sunbelt Software
Top ten most prevalent spyware and malware threats for the month of October
SECURE COMPUTING
Critical Infrastructure Remains Vulnerable To Cyber Attack
Most experts believe attacks will begin in the next year �� if they haven't already
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3744
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.
CVE-2013-3743
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CVE-2013-2473
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, and CVE-2013-2472.
CVE-2013-2472
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, and CVE-2013-2473.
CVE-2013-2471
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2472, and CVE-2013-2473.