Best Of Web
Best Of The Web
APC MAGAZINE
Microsoft To Release Free Security Software
Software giant next year will stop selling OneCare in favor of a free download codenamed ��Morro��
MIAMI HERALD
Virginia Seeks Reinstatement Of Anti-Spam Law
High court hears argument after lower court ruled legislation to be unconstitutionally broad
JEREMIAH GROSSMAN'S BLOG
Budgeting For Web Application Security
Founder of WhiteHat Security offers "business case" for app security
NETWORK WORLD
Top Ten Coolest/Suckest Hacking Moments In 2008
DNS vulnerability tops list of rough moments for CSOs
PHYSORG.COM
Semiconductor Lasers Generate Better Random Numbers
Good news for encryption:�� scientists found that semiconductor lasers can produce good-quality random number sequences very fast
BANGKOK POST
PM's Text Message an 'Invasion of Privacy'
Thailand's prime minister is under fire for sending unsolicited text messages to citizens asking for their help to restore the country
SOFTPEDIA
Infected Christmas Presents From Samsung
Samsung's SPF-85H 8-Inch Digital Photo Frame contains a worm
CNET
Verizon Awarded 'Largest-Ever' Cybersquatting Judgment
Northern California court awarded Verizon $33.15 million after domain registrar used over 660 Internet names that were easily confused with legitimate Verizon names
MSN
SBI Shuts Website After Hackers Break In
India's largest bank, The State Bank of India, shut down its corporate Website after overseas hackers attempted to break into the site
CNET
Windows 7 Beta 1 Makes Early Debut
First beta version of Windows 7 has been seen in circulation
GOVERNMENT COMPUTER NEWS
DHS Develops Privacy Guidelines For Science And Technology Directorate
Homeland Security has come up with privacy protection rules for its sensitive research
PRESS TV
Iranian Hackers 'Bring Down Mossad Web Site'
Group says it has knocked out the Israeli secret service Website to show solidarity with Gazans
COMPUTER WEEKLY
Microsoft To Issue Single Security Patch Next Week
January's Patch Tuesday will feature a single patch that fixes a critical hole in Windows clients and servers
HEISE SECURITY
22 Vendors Of Anti-Virus Software Taken To Court In Patent Dispute
Information Protection and Authentication of Texas is taking legal action against Symantec, Microsoft, and several other antivirus vendors for alleged patent infringements
ZDNET
Worm Surge Exploits Microsoft Vulnerability
A worm is still spreading that exploits a known (and patched) bug
THE PHILADELPHIA INQUIRER
Probe Led Fumo To Boost Security
When FBI began investigating former State Sen. Vincent J. Fumo, his computer technicians stepped up security and wiped his emails, according to testimony
INFORMATIONWEEK
Lawmaker Targets RFID In Privacy Push
Washington State representative wants products that contain the chips to be clearly marked
THE REGISTER
Oracle Patch Batch Eclipses Microsoft Patch Tuesday
Oracle's quarterly batch will include 41 fixes spanning hundreds of Oracle products
TRUSTDEFENDER
Rootkit Returns -- Better Than Ever
A new wave of the nasty MBR/Mebroot/Sinowal/Torpig rootkit that steals money and identities has become even more sophisticated
WASHINGTON POST
Caveat Emptor: Watch Out For Phantom Stores
No-name electronics stores and comparison-shopping sites steal data while taking orders
McAFEE AVERT LABS BLOG
Google Code Project Abused By Spammers
Free code-hosting project is used to create links to adult sites
CYBER SECURE INSTITUTE
Cybersecurity Under Obama
Recent scuttlebutt says pres-elect may scuttle plans for cybersecurity czar
INFOSEC WRITERS.COM
Anatomy Of An XSS Attack
A detailed look at the genesis of cross-site scripting attacks
SEARCH SECURITY
Future Security Threats: Enterprise Attacks Of 2009
Wireless systems, operating systems top the list
TECHNOLOGY REVIEW
A New Web Of Trust
After slow start, DNSSEC promises to make the Internet more secure
CURIOUS READ
Blurred Out: 51 Things You Aren't Allowed To See On Google Maps
The list includes the White House -- and some neighborhoods with staunchly-private residents
COMPUTER
The Top 10 Most Notorious Hackers Of All Time
An updated look at the hackers' hall of fame
USA TODAY
Homeland Security Rules On Data Collection Rile Businesses
DHS will collect electronic records on private planes, imported cargo, foreign visitors, and federal contractors as part of last-minute security policies imposed by the Bush administration yesterday, but businesses say it's too costly as well as risky for data loss
ASSOCIATED PRESS
'Cybergeddon' Fear Stalks US: FBI
FBI official says cyberattacks are just behind nuclear war and weapons of mass destruction, in the biggest risks to the U.S.
WIRED
Weak Password Brings 'Happiness' To Twitter Hacker
A teen hacker who has pulled other celebrity hacks admitted to hijacking the Twitter accounts of President-elect Obama and others this week
COMPUTERWORLD
Checkfree Warns 5 Million Customers After Hack
Cybercriminals took control of several of the company's Internet domains and redirected customers to a malicious site hosted in Ukraine
COLUMBIA DISPATCH
OSU Students Told That Private Information Was On Internet
Names and social security numbers of 18,000 current and former students of Ohio State University were accidentally stored on an Internet-facing server
EWEEK
Researchers Aim to Fortify CAPTCHA Against Spammers
Researchers are working on ways to make CAPTCHA's tougher to abuse
NEW YORK TIMES
So You Want To Be A Cyber sleuth?
Profile of a computer forensics pro who got into the biz at age 30
SMART BRIEF
Los Angeles Hospital Struggles With Identity Theft, Possible Fraud
A former employee of Cedars-Sinai Medical Center in Los Angeles has stolen personal information on over 1,000 patients in a case of possible insurance fraud
GOVERNMENT COMPUTER NEWS
Microsoft Releases IE8 Blocking Tool
Lets enterprises prevent unauthorized installations of the new browser
SOFTPEDIA
Ministries In Bulgaria And New Zealand Fight Virus Outbreaks
The Bulgarian Interior Ministry and Health Ministry in New Zealand have been hit by malware attacks that have hurt their operations
THE DARK VISITOR
Commonly Used Tools of the Chinese Hacker
The password decoder, analyzer, firewall, Trojan, sniffer, and port scanner, typically deployed by Chinese attackers
TIMES OF INDIA
Mumbai Police To Look Out For Unsecured Wi-Fi Connections
In the wake of the terror attack on Mumbai where terror emails were sent, police there are searching for unsecured WiFi to prevent future such WiFi abuse
SOPHOS
Facebook Data Loss Fiasco
Facebook has managed to lose some users�� settings controlling when they should be emailed
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-2866
The Flash plug-in in Google Chrome before 27.0.1453.116 does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
CVE-2013-2969
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
CVE-2013-2968
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
CVE-2013-4622 (droid_incredible)
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
CVE-2013-0484 (cognos_tm1)
The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via an undocumented API call that triggers the transmission of unexpected data.