Best Of Web
Best Of The Web
BLOOMBERG NEWS
Hackers Encrypt Health Records And Hold Data For Ransom
A medical facility in the northern Illinois suburb of Libertyville was hacked and its email and electronic medical records data stolen, encrypted, and held for ransom
THE REGISTER
Ex-Goldman Sachs Coder Cuffed On Fresh 'Source Theft' Charges
A Goldman Sachs computer programmer who was cleared six months ago of pilfering source code from the bank was once again arrested and this time charged with unlawfully using secret scientific material and unlawfully duplicating computer-related material
CISCO
Network Defense At Black Hat 2012
A look back at the network-related talks at Black Hat USA
TECHWORLD
Mitt Romney Twitter Account Filled With Fake Followers, Analysis Finds
Booming underground economy in fakes, Barracuda Networks study finds
COMPUTERWORLD
Security Manager's Journal: Security Training On The Cheap
With no budget provided, security exec does awareness program on a shoestring
CNN
Hackers Attack Australian Spy Agency Website
Intelligence agency concedes problems on public site following attacker claims of compromise
SECURITY WATCH
Blizzard Confirms Passwords Stolen In Data Breach
World of Warcraft, Diablo 3 players may need to change passwords
INFO SECURITY
University Of Arizona Server Exposes Data On 7,700 Individuals
Data breach occurred in February and March, school official says
INFORMATION DAILY
EU Points Its Guns At Cybercriminals
European law enforcement plans offensive measures, rather than relying entirely on expensive defensive technologies
BOSTON.COM
Rep. Markey Calls On Obama To Strengthen Cybersecurity Through Executive Order
Failure of legislation in Congress spurs officials to encourage use of presidential power
HB GARY
Five Hard Truths About Critical Infrastructure Protection
White paper outlines challenges facing critical infrastructure and how organizations can better protect their assets
SOPHOS
Creepy Quora Erodes Users' Privacy, Reveals What You Have Read
New "Views" feature reveals to others the articles you have been reading -- without your permission
FIERCE GOVERNMENT IT
There's Something Wrong With NASA Cybersecurity
Not all networks can hear the centralized security operations center, office of inspector general says
MICROSOFT
Microsoft To Patch Five Critical Vulnerabilities On Patch Tuesday
Nine security updates in queue for Aug. 14 release, software giant says
TECHWORLD
Survey Finds 50 Percent Of Organizations Use Cloud For Sensitive Data
Many organizations store confidential data in cloud, but approaches to encrypting that data vary widely
FEDERAL BUREAU OF INVESTIGATION
New Internet Scam Delivers Ransomware, Demands Payment To Unlock Users� Computers
Drive-by virus carries fake message purportedly from the FBI
NEW YORK TIMES
Ex-Goldman Sachs Programmer Is Arrested Again
Manhattan district attorney charges investment firm insider with state crimes after federal appeals court overturns case alleging that he stole secret source code
FIREEYE
Surprises In Our Advanced Threat Awareness Survey
Study finds wide disparity in definition of what constitutes an advanced persistent threat and what tools can be used to mitigate an APT
INFOWORLD
Microsoft: Hackers Aiming For Cross-Platform Vulnerabilities
Security researcher says malware makers seek economies of scale
GOVERNMENT INFO SECURITY
Eddie Schwartz On His Year As RSA's CISO
An organization can't defend critical systems alone, RSA security chief says
TECHWORLD
Search Engine Results Serve Fake Olympics Games Domains
But experts wonder if high-profile events are really the drivers they seem to be
H ONLINE
Apple And Amazon Reset Phone Password Resets
After reports of resetting of passwords over the phone by author Mat Honan, Amazon and Apple change their policies
SECURITY WEEK
Researchers Identify Four BlackBerry Zitmo Variants
Researchers identify new Zeus malware samples targeting Android and BlackBerry devices
INFOSEC ISLAND
Employee Fired For Spying On Management With Remote Access Tool
Insider installs malware on executive's computer
KREBS ON SECURITY
Triple DDoS Vs. KrebsOnSecurity
A look at a DDoS attack on a security website and lessons learned
KREBS ON SECURITY
How To Break Into Security, Miller Edition
Well-known white hat researcher Charlie Miller discusses his journey into security and how other security pros can "break in" to the field
INFOWORLD
Hackers Increasingly Zero In On Small Businesses
Attacks aimed at SMBs doubled in first-half 2012; many attacks target defense industry
LOS ANGELES TIMES
Patient Data Outage Exposes Risks Of Electronic Medical Records
"Human error" blamed for five-hour outage; questions raised about technology
LOS ANGELES TIMES
OpFake, FakeInst Android Malware Variants Continue To Avoid Detection
Number of malicious Android application packages up 64 percent over Q1, study says
THREAT POST
OpFake, FakeInst Android Malware Variants Continue To Avoid Detection
Number of malicious Android application packages up 64 percent over Q1, study says
CSO ONLINE
eBay Security Offensive Leads To 3,000 Arrests Globally
Former CISO says major security offensive succeeded in cutting fraud by 90 percent
PC ADVISOR
Web Applications Are Attacked One Out Of Three Days, Report Says
Typical app gets attacked 137 times in 59 days during a six-month period, Imperva says
SOPHOS
Mac Malware: The Threat Is Real
Once thought to be "safe," Apple devices now under malware authors' microscope
TIME
How Cybersecurity Could Be A Winning Issue For Obama
Technology threat could affect nation -- so why isn't it a part of the campaign?
COMPLIANCEX
Former Lloyds Digital Security Chief Admits $3.76 Million Fraud
Jessica Harper allegedly submitted nearly $4 million in invoices and then laundered the proceeds
ZDNET
Reuters Was Hacked Via An Old Version Of WordPress
Details on massive hack suggest hackers got in by exploiting a known security hole
THE EPOCH TIMES
Global Cybersecurity Experts Propose Adaptive Strategy
Some of the top names in cybersecurity come together for Second World Cyber Security Summit
COMPUTERWORLD
Car-Hacking: Bluetooth And Other Security Issues
Researchers already have successfully applied brakes remotely, listen in to conversations and more
THE HACKER NEWS
Researcher Demonstrates Hardware-Based Backdoor Called Rakshasa
Proof of concept replaces a computer's BIOS and can compromise the OS at boot time
HACK IN THE BOX
Microsoft Blocks Windows 8 Start Button, Boot-To-Desktop Hacks
Software giant blocks popular workaround that lets users boot directly to Windows 8 desktop
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-2866
The Flash plug-in in Google Chrome before 27.0.1453.116 does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
CVE-2013-2969
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
CVE-2013-2968
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
CVE-2013-4622 (droid_incredible)
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
CVE-2013-0484 (cognos_tm1)
The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via an undocumented API call that triggers the transmission of unexpected data.