Best Of Web
Best Of The Web
COMPUTERWORLD
Google Releases Chrome 19, Adds Tab Sync And Patches 20 Bugs
New Chrome 19 update fixes 20 vulnerabilities in the browser, and Google awarded $16,500 in bug bounties and rewards to independent researchers who discovered flaws in the browser
FORBES
Antivirus Firm: 75% Of Phone-Based Malware Now Targets Android
F-Secure found that 37 of the 49 variants of smartphone malware in the last quarter targeted the Android, up from 10 out of the 16 malware found in the same quarter last year
NAKED SECURITY BLOG
Global Payments Breach Continues To Bewilder, Accusations Abound
Global Payments insists the affected cards total 1.5 million, but it may be closer to 7 million as Vons supermarket have reported a large volume of prepaid credit card fraud and Union Savings Bank has seen similar scams of late
SECURITY WEEK
Utah's IT Boss Resigns After Massive Data Breach And Policy Failure
The executive director of the state of Utah Department of Technology Services has now resigned in the wake of the recent widespread data breach that exposed information on close to 1 million people, including children
THREAT POST
DHS Warns About Threat Of Mobile Devices In Healthcare
The Department of Homeland Security (DHS) issued a warning to healthcare organizations on the danger of insecure, network-attached medical devices and the use of smartphones, tablet PCs, and other mobile devices in healthcare settings
MICROSOFT TECHNET BLOG
Introducing EMET v3
Microsoft has released a new version of its freebie Enhanced Mitigation Experience Toolkit, EMET 3.0, that comes with more enterprise configuration, deployment, and reporting options
BANK INFOSECURITY
Key Phish Phry Player Sentenced
A U.S. District Court has sentenced Nichole Michelle Merzi, a key member of an international cybercrime ring that between 2008-2009 stole thousands of dollars from U.S. bank accounts, to more than five years in prison
WIRED
Popular Surveillance Cameras Open To Hackers, Researcher Says
Closed-circuit security cameras are often configured insecurely, leaving them open to hackers, researcher says
WIRED
OnStar Files Patents For Minority-Report-Style Billboards
Public advertisements could be tailored to individual drivers
BANK INFO SECURITY
Is Global Payment Inc.'s Breach Growing?
Sources say 7 million cards may have been exposed
THREAT POST
Stolen Certificates Found In Malware Possibly Targeting Tibetan Groups
Trend of attackers using stolen digital certificates to mask their malware continues
F-SECURE
Mobile Threat Report Q1 2012
Android Trojans continue to rule the mobile threat roost, study says
PC ADVISOR
Kaspersky Denies It's Working With Apple On Mac Security
Security firm denies report it is working on Mac OS X security
NETWORK WORLD
Public Vs. Private Cyberattack Responsibility Debate Heats Up
What role should government play in requiring private companies to pony up cyberwar defenses? Arguments fly on both sides
ARS TECHNICA
LulzSec Member Pleads Not Guilty To Charges He Hacked Stratfor Website
Former hacktivist group member denies hacking global intelligence company and stealing credit card details of 860,000 clients
SEARCH SECURITY
May 2012 Patch Tuesday: Microsoft Fixes Duqu Trojan Ghost Code
Amid Microsoft's security updates last week was an update to repair the font-parsing code related to the Duqu Trojan
NATIONAL POST
Insider Tells Why Anonymous 'Might Well Be The Most Powerful Organization On Earth'
Christopher Doyon, a.k.a. Commander X, in Canada on the run from U.S. law enforcement, told a reporter that groups are leaking passwords and usernames of secure databases to Anonymous
INFOSEC ISLAND
Federal Charges Filed In Case Involving Theft Of Trade Secrets
Two Chinese citizens, one Chinese company, and one U.S. company are charged with theft of trade secrets, wire fraud, and conspiracy to commit wire fraud in connection with the alleged theft of intellectual property from Orbit Irrigation Products Inc., a sprinkler and irrigation company headquartered in Utah
ARS TECHNICA
Hands-On With Five Antivirus Apps For The Mac
Even visiting favorite websites can result in infections for Macintosh users today, so there are options for antivirus -- a look at some offerings
KREBS ON SECURITY
Global Payments Breach Fueled Prepaid Card Fraud
Debit card accounts stolen in a recent breach of card processor Global Payments have been appearing in fraud incidents at retailers in Las Vegas and other cities, officials from one bank say
ZDNET BLOG
Adobe About-Face: Photoshop, Illustrator Patches Will Be Free
Adobe says it will provide free updates to paid upgrades for Photoshop and Illustrator
POLITICO
Cybersecurity Bill Hits Snag
Sen. Joe Lieberman's cybersecurity bill is under fire now from Democrats as well, who say it doesn't do enough to protect consumer privacy; many Republicans already oppose it
BURLINGTON FREE PRESS
Vermont Utilities See Growing 'Smart Meter' Opposition
State of Vermont offers a free, no-penalty opt-out option to its consumers amid growing concerns about health effects, privacy, and cost of smart grid systems
BANK INFOSECURITY
Online Retailer Breached
Clothing and shoes retailer Opening Ceremony said its online site was attacked and likely compromised payment card details of customers who purchased products online between Feb. 16 and March 21
SOFTPEDIA
Phantom Of TeaMp0isoN Arrested In Russia
A 28-year-old man arrested by Russian police may be Phantom, a member of the hacktivist collective TeaMp0isoN
COMPUTERWORLD
UNC Charlotte: 350,000 SSNs Exposed In Decade-Long Breach
The University of North Carolina at Charlotte said financial data and Social Security numbers were exposed due to a system misconfiguration but that it�s unlikely the data was abused
WEBSENSE BLOG
The Amnesty International UK Website Was Compromised To Serve Gh0st RAT
Websense discovered that the Amnesty International U.K. website was injected with malicious code for two days this month with information-stealing malware
R&D MAGAZINE
Cybersecurity Experts Investigate Self-Adapting Computer Network
Kansas State University researchers are studying the possibility of building a network that could protect itself from attacks by automatically changing its configuration on the fly
NAKED SECURITY BLOG
The Pirate Bay Gives Thumbs-Down On Anonymous DDoS Attack On Virgin Media
File-sharing site The Pirate Bay has condemned a DDoS attack by Anonymous that took down Virgin Media, calling it an "ugly" act no better than the U.K. court order for ISPs to block users from The Pirate Bay
SECURITY WEEK
IC3 Report: Over 300K Internet Crime Complaints Filed Kn 2011
The Internet Crime Complaint Center (IC3) received and processed 314,246 complaints in 2011, averaging out to 26,000 complaints per month -- a 3.4 percent increase over the number of complaints received in 2010
NEW YORK TIMES BLOG
Russian Hackers Attack Live Streaming Video Sites
Hackers knocked offline U.S. online video company uStream on Wednesday after Russian activists used it stream live video of protests in Moscow
WASHINGTONIAN
Cyber 'Attack' Aimed At Pipeline Companies Was Handled Washington-Style
Incident marks a new, heightened level of influence by Washington over security in the energy sector
WIRED
FBI Fears Bitcoin's Popularity With Criminals
Anonymous payment network could be haven for money laundering and other criminal activity
SYDNEY MORNING HERALD
Reclaiming The Hacker Culture
Done right, hacking is a boon to innovation and information sharing
FINEXTRA
Mounties Bust C$100M Card Fraud Ring
More than 40 people arrested in Canada, accused of being part of a massive fraud ring
NETWORK WORLD
CSOs Warned Of Serious Cyber-Espionage Attack
Simplicity of malware masked a highly sophisticated operation, says cybersecurity consulting firm
SOPHOS
Important Apple Security Updated For Snow Leopard And Lion -- Get 'Em Today!
Hot on the heels of the iOS 5.1.1 release, Apple pumps out a raft of security updates for older OSs
JUNIPER NETWORKS
The Rise And Risk Of Mobile Spyware
No other category of mobile security threats is growing as quickly as spyware
INFOSEC ISLAND
Space Agencies Confirm Network Intrusions
NASA, European Space Agency say they both suffered attack; confirmation corresponds with hacker group's claims
TREND MICRO BLOG
Police Trojan Crosses The Atlantic, Now Targets USA And Canada
The so-called "Police Trojan" attacking European users over the past year has now begun targeting users in the U.S. and Canada as well, spoofing the Computer Crime & Intellectual Property Section of the U.S. Department of Justice and other entities
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
- Three Principles to Improve Data Security and Compliance
- Aligning IT with strategic business goals: A proactive approach to managing IT risk to your business
- Connecting the Dots: Are You Seeing the Complete Big Data Picture?
- How crowdsourced testing has changed the game for innovative software companies
- Ensuring Your Apps Work in the Real World
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3562
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3561
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
CVE-2013-3560
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3559
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
CVE-2013-3558
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.