Best Of Web
Best Of The Web
HACK IN THE BOX
HP Asks Researcher Not To Reveal Router Bugs At ToorCon
Researcher scraps presentation after planning to disclose major vulnerabilities in Huawei and H3C routers
COMPUTER WEEKLY
Cyber Attacks Launched At London 2012 Olympic Games Every Day
Olympic IT officials reveal scope of attacks at London games
ADOBE
Security Update Available For Adobe Shockwave Player
Vulnerability could allow an attacker to run malicious code on affected systems
THE REGISTER
'Deceptive' Web Tracker Settles With FTC Over Personal Data Slurp
Compete had been charged with sneakily grabbing names, credit card numbers
SOPHOS
Android Developers: Can We Trust Them To Do Web Security Properly?
Detailed paper suggests that developers may be shoddy on security
SOFTPEDIA
Internet Election Held By Russian Opposition Sabotaged By Hackers
Leaders of anti-Putin movement hold vote, but event is attacked by hackers
CYBERWAR NEWS
Billabong Hacked, Threats Of Mass Data Leaks From @Goatsesec
@GoatseSec says it hacked Billaboing and that over 37,000 user credentials are at risk of being leaked
ARS TECHNICA
Solar Panel Control Systems Vulnerable To Hacks, Feds Warn
The U.S. Department of Homeland Security warns there are critical vulnerabilities in a computerized control system that attackers could exploit to sabotage or steal sensitive data from operators of the solar arrays
KREBS ON SECURITY
Service Sells Access To Fortune 500 Firms
Cybercrime service is renting access to nearly 17,000 computers worldwide, with all of the machines initially set up by their legitimate owners to accept incoming connections via the Internet, using the Remote Desktop Protocol (RDP)
SOFTPEDIA
VTec Claims To Have Hacked New York University, Brown University And Others
A hacker gang known as Virtually Technical (VTec) claims to have penetrated the systems of New York University, University of North Carolina, University of Wisconsin, and Brown University, dumping confidential information online
BEYONDTRUST BLOG
Android: Latest Alpha (4.2) Promises Big Security Improvements
Android's latest alpha release shows promising security improvements, such as client side malware protection, Security Enhanced Linux, and always-on VPN
THE TELEGRAPH
Britain Is Target Of Up To 1,000 Cyber Attacks Every Hour
Britain is targeted by up to 1,000 cyberattacks every hour, says William Hague, the Foreign Secretary
COMPUTERWORLD
Huawei Gear Is Secure, Say U.S. Network Service Providers
Huawei customers Clearwire, Cricket Communications and Level 3 Communications say they take strong precautions to safeguard their networks
WEBROOT BLOG
Russian Cybercriminals Release New DIY DDoS Malware Loader
A new distributed denial-of-service toolkit already has infected 1,118 users, the majority of whom are based in Turkey, followed by India and Mexico
NAKED SECURITY BLOG
HSBC Recovers From DDoS Attack, After Internet Banking Services Disrupted
HSBC servers were hit with a denial-of-service attack yesterday that impacted several of its websites worldwide and halted online banking temporarily
ARS TECHNICA
Demo Of "Serious" Networking Vulnerabilities Cancelled At HP's Request
Upcoming Toorcon talk serious vulnerabilities in H3C and Huawei equipment was been pulled due to concerns of HP, the parent company of H3C
NAKED SECURITY BLOG
Suspected Android SMS Malware Author Arrested In France
French police have arrested a 20-year-old man in for his alleged involvement in infecting thousands of Android smartphones via fake apps � he earned 500,000 euros since 2011
FORBES
DARPA-Funded Radio HackRF Aims To Be A $300 Wireless Swiss Army Knife For Hackers
HackRF can hack a wireless signal by using a unique, unfamiliar frequency and ultimately disrupt current security models for wireless communications
MICROSOFT TECHNET BLOG
Microsoft Reaches Settlement With Second Kelihos Defendant
Microsoft today said it has dropped its case against Andrey Sabelnikov in connection with the Kelihos botnet: Sabelnikov wrote the code used in the botnet, but was neither its operator nor involved in Kelihos activities
H ONLINE
Encryption Found Insufficient In Many Android Apps
More than 1K of the 13,500 most popular Android apps had poor or insecure implementation of the SSL/TLS encryption protocol, and nearly half of a sample of 100 were vulnerable to known attacks
SECURITY WEEK
Kosovo Group Claims Hack Of U.S. Weather Service
The U.S. National Weather Service's network was hacked this week, and a hacking group from Kosovo is claiming credit and posting sensitive data
HOMELAND SECURITY NEWS WIRE
New App Uses Scattered Public Information To Put Together A Digital Footprint Of Individuals, Organizations
New app can collect online clues to provide snapshot of individuals or groups
NEW YORK TIMES
Fear Pays The Bills, But Accounts Must Be Settled
Obama's cybersecurity initiative raises questions about cyberwar
YAHOO! NEWS
White House-Ordered Review Found No Evidence Of Huawei Spying: Sources
No clear evidence found that company had spied for China
THE REGISTER
One Year On, SSL Servers Still Cower Before The BEAST
Seventy percent of sites still vulnerable to cookie monster, researchers say
SOFTPEDIA
Canadian Government To Invest $155M In Cybersecurity
Investment adds to $90 million previously allocated
ELECTRIC LIGHT AND POWER
SCADA Market To Ship 3 Million Devices From 2012 To 2020
Market for critical infrastructure technology will grow steadily over the decade, Pike Research says
BLOOMBERG
Obama Pursuing Leakers Sends Warning To Whistle-Blowers
White House Attorney General has prosecuted more government officials for alleged leaks than all his predecessors combined
SOFTPEDIA
Hackers Attack Capital One And BB&T Banks, Send Message To Defense Secretary
Cyber Fighters continue their operations against the websites of U.S. financial institutions
FORBES
Rise In U.S. Hacker Attacks Against China
China's National Computer Network Emergency Response Technical Team says 7.8 million Chinese computers were affected in 27,900 IP attacks that originated in other countries -- with the biggest source of the attacks being the U.S.
ARS TECHNICA
78 Percent Of Bitcoin Currency Stashed Under Digital Mattress, Study Finds
Most of the digital coins in Bitcoin aren't circulating because users leave them in their accounts and don't typically cash them in
REUTERS
Under-Fire ZTE Sells Surveillance Systems Subsidiary
China's telecommunications equipment maker ZTE Corp, in the hot seat after U.S. congressional leaders, has sold a subsidiary which sells surveillance systems
THE NEW YORK TIMES
Voter Registration Rolls In 2 States Are Called Vulnerable To Hackers
Researchers discovered flaws in the voter registration databases in Maryland and the state of Washington that could be abused
THE REGISTER
Manchester Plods Cop �120k Fine For USB-Stick-Inna-Wallet Data Gaffe
The Greater Manchester Police Force paid its fine after losing the details of more than 1,000 people under investigation for narcotics crime
WHITE HOUSE BLOG
Staying Safe Online
The White House issues a set of recommendations for computer users as part of its cybersecurity awareness campaign this month
THE DAILY HERALD
Hacking May Cost Naperville More Than $600,000
The recent breach of Naperville, Ill.'s, website, email, and other online services has cost the city as much as $673,000 in new equipment and software
COMPUTERWORLD
Pacemaker Hack Can Deliver Deadly 830-Volt Jolt
Researcher Barnaby Jack demonstrated how pacemakers from several manufacturers can send a deadly, 830-volt shock from someone on a laptop up to 50 feet away from the device
NBC NEWS
UK Computer Hacker Wins 10-Year Fight Against Extradition To U.S.
British hacker Gary McKinnon has won his 10-year fight against extradition to the U.S. with the U.K. government saying he was unfit to face the charges against him
CNET
FBI Warns Users Of Malicious Mobile Malware
The Internet Crime Complaint Center (IC3) warned of malware including Loozfon and FinFisher attacking Android operating systems for mobile devices
TECHNOLOGY REVIEW
Ever Wondered What A Live Botnet Looks Like?
F-Secure has built a visualization of the ZeroAccess botnet that shows how it blankets the U.S. and Western Europe
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
- Three Principles to Improve Data Security and Compliance
- Aligning IT with strategic business goals: A proactive approach to managing IT risk to your business
- Connecting the Dots: Are You Seeing the Complete Big Data Picture?
- How crowdsourced testing has changed the game for innovative software companies
- Ensuring Your Apps Work in the Real World
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3562
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3561
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
CVE-2013-3560
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3559
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
CVE-2013-3558
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.