Best Of Web
Best Of The Web
HACK IN THE BOX
HP Asks Researcher Not To Reveal Router Bugs At ToorCon
Researcher scraps presentation after planning to disclose major vulnerabilities in Huawei and H3C routers
COMPUTER WEEKLY
Cyber Attacks Launched At London 2012 Olympic Games Every Day
Olympic IT officials reveal scope of attacks at London games
ADOBE
Security Update Available For Adobe Shockwave Player
Vulnerability could allow an attacker to run malicious code on affected systems
THE REGISTER
'Deceptive' Web Tracker Settles With FTC Over Personal Data Slurp
Compete had been charged with sneakily grabbing names, credit card numbers
SOPHOS
Android Developers: Can We Trust Them To Do Web Security Properly?
Detailed paper suggests that developers may be shoddy on security
SOFTPEDIA
Internet Election Held By Russian Opposition Sabotaged By Hackers
Leaders of anti-Putin movement hold vote, but event is attacked by hackers
CYBERWAR NEWS
Billabong Hacked, Threats Of Mass Data Leaks From @Goatsesec
@GoatseSec says it hacked Billaboing and that over 37,000 user credentials are at risk of being leaked
ARS TECHNICA
Solar Panel Control Systems Vulnerable To Hacks, Feds Warn
The U.S. Department of Homeland Security warns there are critical vulnerabilities in a computerized control system that attackers could exploit to sabotage or steal sensitive data from operators of the solar arrays
KREBS ON SECURITY
Service Sells Access To Fortune 500 Firms
Cybercrime service is renting access to nearly 17,000 computers worldwide, with all of the machines initially set up by their legitimate owners to accept incoming connections via the Internet, using the Remote Desktop Protocol (RDP)
SOFTPEDIA
VTec Claims To Have Hacked New York University, Brown University And Others
A hacker gang known as Virtually Technical (VTec) claims to have penetrated the systems of New York University, University of North Carolina, University of Wisconsin, and Brown University, dumping confidential information online
BEYONDTRUST BLOG
Android: Latest Alpha (4.2) Promises Big Security Improvements
Android's latest alpha release shows promising security improvements, such as client side malware protection, Security Enhanced Linux, and always-on VPN
THE TELEGRAPH
Britain Is Target Of Up To 1,000 Cyber Attacks Every Hour
Britain is targeted by up to 1,000 cyberattacks every hour, says William Hague, the Foreign Secretary
COMPUTERWORLD
Huawei Gear Is Secure, Say U.S. Network Service Providers
Huawei customers Clearwire, Cricket Communications and Level 3 Communications say they take strong precautions to safeguard their networks
WEBROOT BLOG
Russian Cybercriminals Release New DIY DDoS Malware Loader
A new distributed denial-of-service toolkit already has infected 1,118 users, the majority of whom are based in Turkey, followed by India and Mexico
NAKED SECURITY BLOG
HSBC Recovers From DDoS Attack, After Internet Banking Services Disrupted
HSBC servers were hit with a denial-of-service attack yesterday that impacted several of its websites worldwide and halted online banking temporarily
ARS TECHNICA
Demo Of "Serious" Networking Vulnerabilities Cancelled At HP's Request
Upcoming Toorcon talk serious vulnerabilities in H3C and Huawei equipment was been pulled due to concerns of HP, the parent company of H3C
NAKED SECURITY BLOG
Suspected Android SMS Malware Author Arrested In France
French police have arrested a 20-year-old man in for his alleged involvement in infecting thousands of Android smartphones via fake apps � he earned 500,000 euros since 2011
FORBES
DARPA-Funded Radio HackRF Aims To Be A $300 Wireless Swiss Army Knife For Hackers
HackRF can hack a wireless signal by using a unique, unfamiliar frequency and ultimately disrupt current security models for wireless communications
MICROSOFT TECHNET BLOG
Microsoft Reaches Settlement With Second Kelihos Defendant
Microsoft today said it has dropped its case against Andrey Sabelnikov in connection with the Kelihos botnet: Sabelnikov wrote the code used in the botnet, but was neither its operator nor involved in Kelihos activities
H ONLINE
Encryption Found Insufficient In Many Android Apps
More than 1K of the 13,500 most popular Android apps had poor or insecure implementation of the SSL/TLS encryption protocol, and nearly half of a sample of 100 were vulnerable to known attacks
SECURITY WEEK
Kosovo Group Claims Hack Of U.S. Weather Service
The U.S. National Weather Service's network was hacked this week, and a hacking group from Kosovo is claiming credit and posting sensitive data
HOMELAND SECURITY NEWS WIRE
New App Uses Scattered Public Information To Put Together A Digital Footprint Of Individuals, Organizations
New app can collect online clues to provide snapshot of individuals or groups
NEW YORK TIMES
Fear Pays The Bills, But Accounts Must Be Settled
Obama's cybersecurity initiative raises questions about cyberwar
YAHOO! NEWS
White House-Ordered Review Found No Evidence Of Huawei Spying: Sources
No clear evidence found that company had spied for China
THE REGISTER
One Year On, SSL Servers Still Cower Before The BEAST
Seventy percent of sites still vulnerable to cookie monster, researchers say
SOFTPEDIA
Canadian Government To Invest $155M In Cybersecurity
Investment adds to $90 million previously allocated
ELECTRIC LIGHT AND POWER
SCADA Market To Ship 3 Million Devices From 2012 To 2020
Market for critical infrastructure technology will grow steadily over the decade, Pike Research says
BLOOMBERG
Obama Pursuing Leakers Sends Warning To Whistle-Blowers
White House Attorney General has prosecuted more government officials for alleged leaks than all his predecessors combined
SOFTPEDIA
Hackers Attack Capital One And BB&T Banks, Send Message To Defense Secretary
Cyber Fighters continue their operations against the websites of U.S. financial institutions
FORBES
Rise In U.S. Hacker Attacks Against China
China's National Computer Network Emergency Response Technical Team says 7.8 million Chinese computers were affected in 27,900 IP attacks that originated in other countries -- with the biggest source of the attacks being the U.S.
ARS TECHNICA
78 Percent Of Bitcoin Currency Stashed Under Digital Mattress, Study Finds
Most of the digital coins in Bitcoin aren't circulating because users leave them in their accounts and don't typically cash them in
REUTERS
Under-Fire ZTE Sells Surveillance Systems Subsidiary
China's telecommunications equipment maker ZTE Corp, in the hot seat after U.S. congressional leaders, has sold a subsidiary which sells surveillance systems
THE NEW YORK TIMES
Voter Registration Rolls In 2 States Are Called Vulnerable To Hackers
Researchers discovered flaws in the voter registration databases in Maryland and the state of Washington that could be abused
THE REGISTER
Manchester Plods Cop �120k Fine For USB-Stick-Inna-Wallet Data Gaffe
The Greater Manchester Police Force paid its fine after losing the details of more than 1,000 people under investigation for narcotics crime
WHITE HOUSE BLOG
Staying Safe Online
The White House issues a set of recommendations for computer users as part of its cybersecurity awareness campaign this month
THE DAILY HERALD
Hacking May Cost Naperville More Than $600,000
The recent breach of Naperville, Ill.'s, website, email, and other online services has cost the city as much as $673,000 in new equipment and software
COMPUTERWORLD
Pacemaker Hack Can Deliver Deadly 830-Volt Jolt
Researcher Barnaby Jack demonstrated how pacemakers from several manufacturers can send a deadly, 830-volt shock from someone on a laptop up to 50 feet away from the device
NBC NEWS
UK Computer Hacker Wins 10-Year Fight Against Extradition To U.S.
British hacker Gary McKinnon has won his 10-year fight against extradition to the U.S. with the U.K. government saying he was unfit to face the charges against him
CNET
FBI Warns Users Of Malicious Mobile Malware
The Internet Crime Complaint Center (IC3) warned of malware including Loozfon and FinFisher attacking Android operating systems for mobile devices
TECHNOLOGY REVIEW
Ever Wondered What A Live Botnet Looks Like?
F-Secure has built a visualization of the ZeroAccess botnet that shows how it blankets the U.S. and Western Europe
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
- Remote Data Replication: Combat Disasters And Optimize Business Operations
- Riverbed vs Silver Peak: WAN Optimization Vendors Put to the Test
- Storage Infrastructure as a Service The Best of Cloud and On-premises Storage
- Putting Metaswitch's SBC Software to the Test
- When It Makes Sense to Move to Desktop Virtualization: Seven Key Indicators
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-4612 (redcap)
Multiple cross-site scripting (XSS) vulnerabilities in REDCap before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving different modules.
CVE-2013-4611 (redcap)
Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow remote attackers to have an unknown impact via vectors involving (1) the Online Designer page or (2) the Manage Survey Participants page.
CVE-2013-4610 (redcap)
Unspecified vulnerability in the Data Search utility in data-entry forms in REDCap before 5.0.3 and 5.1.x before 5.1.2 has unknown impact and remote attack vectors.
CVE-2013-4609 (redcap)
REDCap before 5.0.4 and 5.1.x before 5.1.3 does not reject certain undocumented syntax within branching logic and calculations, which allows remote authenticated users to bypass intended access restrictions via (1) the Online Designer or (2) the Data Dictionary upload, as demonstrated by an eval call.
CVE-2013-4608 (redcap)
Cross-site scripting (XSS) vulnerability in REDCap before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving the Graphical Data View & Descriptive Stats page.