Best Of Web
Best Of The Web
IT WORLD
With Lawsuit Settled, Hackers Now Working With MBTA
After flap with transportation authority over vulnerability disclosure, students now offer advice on security
CNET
Looking Ahead At Security Trends In 2009
Despite downturn, IT security will continue to be a top priority in coming year
WHATISSPYWARE.ORG
Subject Lines Spammers Just Can't Resist
If you see one of these favorites, run, don't walk, to the delete key
FOX NEWS
World Bank Admits Top IT Vendor Has Been Barred For Eight Years
Satyam Computer Services employees accused of placing spyware on bank apps
SAN JOSE MERCURY NEWS
Fry's Exec Accused of $65 Million Fraud To Pay Off Gambling Debts
Company vice president allegedly masterminded a kickback scheme that cost the company millions
WASHINGTON POST
Navy Lab Thief Gets 18 Months In Prison
Computer technician stole more than 19,000 pieces of equipment over ten-year period
WIRED
One Hacker's Audacious Plan To Rule The Black Market In Stolen Credit Cards
Hacker attempted to consolidate the stolen data market
SECURITY FOCUS
Hashing Contest Moves On To Mass Free-For-All
More than 50 finalists for standard now seek to break competitors' entries
ARBOR NETWORKS
New Attack Patterns Emerge In 2009
Podcast outlines new directions for the bad guys in the coming year
BANK INFO SECURITY
Top 10 Security Breaches Of 2008
Ghost of TJX still looms large on breach scene
WIRED
Man Receives Compensation For Cyberbullying
Chinese man suffered "virtual lynching," court says
SECURITYPARK.NET
Ignorance Of Cyber Crime And Cyber Terrorism May Lead To Huge Losses And Endanger Live
EC council member says security is not just network administrator's responsibility, but also each Internet user
VNU
Federal Reserve Spam Attack Emerges
Clever new phishing scam posing as U.S. Federal Reserve warns users about a phishing scam
ZERO IN A BIT
Credit for Researchers
It may be time to get more academic about crediting security researchers for their finds
SOPHOS
McColo Up Again, Down Again
Notorious hosting firm came back online briefly, thanks to a Swedish ISP with a router in San Jose
COMPUTERWORLD
Spam Levels Fluctuate As Crooks Try To Revive Botnets
Some researchers say spam levels are up; others say they are staying down
TIMES OF IT SECURITY
Microsoft Yanks Fake Security Software
Anti-malware tool removes bogus software from nearly a million PCs in just nine days
MASHABLE
Gmail Hack: A Route To Domain Theft?
Gmail has lots of fans, but it may also be the source of recent domain thefts
CHUTNEY TECH
New Report Predicts Massive Increase In Malware And Phishing In 2009
Attackers looking to bolster their efforts after botnet shutdowns, MessageLabs says
HELP NET SECURITY
Free Tool Tests VoIP Systems For Targeted Eavesdropping Vulnerability
Sipera's UCSniff helps detect efforts to tap into phone conversations
ICANN.ORG
281,000 Domains To Be Transferred From EstDomains To Directi
Transfer forced by de-accreditation of EstDomains following CEO's conviction
HELP NET SECURITY
Findings Of The Latest Global Phishing Survey
Phishers concentrating their efforts on top-level domains
DENVER POST
British Government's Identity Card Program Begins
Foreign nationals must carry ID cards for the first time since WWII
WLWT NEWS
Thousands At Risk After Hacker Breaches Computer Mainframe
Luxottica Retail says details on 59,000 employees have been downloaded
NETWORK WORLD
IETF: Should We Fight The Kaminsky Bug?
Standards body debates fixing DNS or pushing new security scheme
WASHINGTON POST
Pharmaceutical Extortionists Take On CIA, FBI, DoD, NSA
Data "kidnappers" may not have known that Express Scripts has a huge base of law enforcement customers
SILICON.COM
Privacy Tsar To Fine Firms Recklessly Losing Data
UK Information Commissioners Office gets more power to punish firms that play fast and loose with data
BBC NEWS
US TV Anchor Convicted of Hacking
News presenter hacked into rival's email and leaked gossip to the press
WIRED
Secret Geek A-Team Hacks Back, Defends Worldwide Web
How Dan Kaminsky found and fought the bug that bears his name
CNET
Senator Probes Privacy Law Following Obama Phone Record Breach
Leahy asks questions about Telephone Records and Privacy Protection Act
INFOWORLD
Ways To Keep Your Laptop, Privacy Safe During Holiday Travel
Ten tips for keeping your data from falling into the wrong hands
BUSINESS WEEK
Network Security Breaches Plague NASA
NASA computers and Websites have been under attack from abroad, stirring national security concerns
ARS Technica
Microsoft Cleans Fake Antivirus Tool From 994,061 PC's
For every 1,000 machines in the US scanned by the MSRT during the last seven days, five were infected with FakeSecSen malware
MARKET WATCH
Javelin Ranks Top U.S. Banks' Identity Safety Measures for Customers
Bank of America is top-ranked for security due to partnering with its customers to protect against identity fraud
IOL
High-Tech Fraud Syndicate Busted
A cybercrime syndicate in South Africa with plants inside various organizations has been broken up
HEISE SECURITY
Buffer Overflow in Vista's TCP/IP Stack
A local vulnerability in Windows Vista could be used by an attacker to take over the OS
SEARCHSECURITY
Apple iPhone 2.2 Update Includes Critical Security Patches
New version of firmware fixes software flaws in both the iPhone and iPod Touch
WIRED
Facebook Awarded Record $873 Million in Spam Suit
In the largest judgment ever under CAN-SPAM, Facebook won't likely see much of the award money
CNET
Online Quiz Tests Phishing Knowledge
SonicWall Phishing and Spam IQ Quiz lets you test your ability phishing-detection acumen
COMPUTERWORLD
Chinese Team Mistakenly Released Unpatched IE7 Exploit
Many hackers already knew about the vulnerability, experts say
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
- HP Newsletter with Gartner Research: Maximizing Your Infrastructure through Virtualization
- Understanding Holistic Database Security 8 Steps to Successfully Securing Enterprise Data Sources
- A How-To Guide on Using Cloud Services for Security-Rich Data Backup
- Holistic Risk Management: Perspectives from IT Professionals
- Aligning IT with strategic business goals: A proactive approach to managing IT risk to your business
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2012-4697
TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session.
CVE-2011-4520
Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4519
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4518
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2012-6563
engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.