Best Of Web
Best Of The Web
INFO SECURITY
FBI Issues New Warning About The Zeus Variant Called Gameover
Phishing campaign sends emails purporting to be from NACHA and pretends to offer information about financial transactions
FIERCE GOVERNMENT IT
DoD Spending Strategy Emphasizes Cyberspace
Military spending plan will ramp up cybersecurity spending
WIRED
WikiLeaks Supporters Lose Court Bid To Protect Twitter Records
Prosecutors will be allowed to access records, court says
YAHOO NEWS
ATM Breach Cause Of Fraudulent Withdrawals
DBS to reimburse 400 customers approximately $500,000
MICROSOFT
Microsoft To Issue Seven Updates On Patch Tuesday
One upcoming patch repairs a critical vulnerability, software giant says
NETWORK WORLD
Department Of Energy Developing Project To Reinforce Grid Cybersecurity
DoE, DHS, White House to develop security model for grid by summer
SOPHOS
SpyEye Bank Trojan Hides Its Fraud Footprint
New Trojan hides transactions even after user logs out
BANK INFO SECURITY
BITS: Tackling Fraud In 2012
Collaboration, best practices needed to mitigate risks
THREAT POST
Pastebin Downed By Second DDoS Attack This Week
Favored repository for hacked data is attacked for a second time
HEALTHCARE INFO SECURITY
HIPAA Audits Move Forward
First 20 organizations getting visits
THE EXAMINER
Anonymous Calls Obama A Terrorist, Vetoes NDAA
Hacktivist group calls for Obama's resignation over National Defense Authorization Act
TECH REPUBLIC
Ten Security Mistakes That Are Easily Avoided
A look at some simple solutions to commonly occurring security problems
THE REGISTER
Pastebin On The Mend After DDoS Battering
Were hacktivists the real target?
ICSA LABS
Malware: When Ages And Revolutions Converge
A look back at where malware has been, and where it's going
MERCURY NEWS
Automakers, U.S. Security Officials Worry About Hacking Of Cars
Increasingly connected automobiles are vulnerable to attack, experts say
STAR TRIBUNE
Policymakers Worry About Cyberattacks On Financial System
Trading exchanges could be targets, study says
VERIZON BUSINESS
Verizon Business Announces Participants In Annual Data Breach Investigations Report
Secret Service, London Metropolitan Police will contribute breach data to industry study
NETWORK WORLD
Government Engineers Actively Plan For Cyberwar
In many countries, governments are developing new methods for waging and defending themselves against cyberattacks
FORBES BLOG
Chrome Add-on Tells You When You're Browsing A Site That Supports SOPA
An add-on tool for Google Chrome warns users each time they visit a website owned by a company that supports the controversial Stop Online Piracy Act
NAKED SECURITY BLOG
Convicted Murderer Gets New Trial After Computer Virus Destroys Data
A man convicted of second-degree murder and given a life sentence will now get a new trial after it was discovered that stenographer's notes from the original trial had been lost due to a computer virus that wiped out legal documentation of the case
THE REGISTER
Anonymous Hunts Neo-Nazis With Wikileaks-Style Site
Anonymous' Operation Blitzkrieg launched a WikiLeaks-style website that aims to expose members of the far-right National Democratic Party (NPD) and other extremist groups
BANK INFOSECURITY
Grocer Confirms POS Skimming Attack
Save Mart grocery chain says skimming devices led to a data breach that may have exposed hundreds of consumer accounts to debit and credit card fraud
THE INDEPENDENT
Gordon Brown's Downing Street Emails 'Hacked'
U.K. authorities investigating the News of the World phone-hacking scandal have discovered evidence that the emails of former Chancellor Gordon Brown were illegally accessed as well
INFOSEC ISLAND
Fallout From The Christmas Hack Of Stratfor
Some security experts, executives at major networking companies, industry analysts, and government contractors had their passwords published on Pastebin by Anonymous-- employees of Cisco, Juniper, Gartner, IBM, Microsoft, Raytheon, and SAIC among victims were
INFORMATIONWEEK
Diebold Virtualizes ATMs To Secure Banking Data
Diebold is virtualizing ATMs in order to store customer data on central servers, rather than on the ATMs themselves
FORBES BLOG
Chrome Add-on Tells You When You're Browsing A Site That Supports SOPA
An add-on tool for Google Chrome warns users each time they visit a website owned by a company that supports the controversial Stop Online Piracy Act
ZDNET
Japan Develops Malware Cyberweapon
The Japanese government has been developing a cyberweapon that can track, identify, and disable sources of online attacks
THE INDEPENDENT
Gordon Brown'�s Downing Street Emails "Hacked"
Former U.K. prime minister was among celebrities whose email was illegally accessed by press, police say
DEVELOP
Hackers Bully Sony Over SOPA Stance
Anonymous threatens Sony executive for supporting controversial anti-piracy bill
DER SPIEGEL
Anonymous Takes On Germany's Far Right
Hacker group launches WikiLeaks-style attacks on Germany�s NPD party and other political groups
DAILY FINANCE
The Top 10 Looming Computer Security Threats Of 2012
Mobile threats, embedded hardware top list
COMPUTER WEEKLY
Hacktivists Plan To Use Satellites To Bypass Internet Censorship
Hackerspace Global Grid scheme entails launch of communication satellites
POLICYMIC
The Dark Side Of Anonymous: Everything You Never Knew About The Hacktivist Group
To know more about the hacker group, take a look at its history
MOSCOW TIMES
Hackers Crash Site Promoting Putin's Election Web Cameras
Website created to discuss video at voting stations is paralyzed by cyberattack
MICROSOFT
Microsoft Releases Out-Of-Band Patch For ASP.Net 0Day
Attacker could wage a DDoS attack that could hit clusters of servers
THREAT POST
Fake Antivirus Scams Targeting Android Users
Kaspersky Lab researcher says Android mobile devices are now being targeted with phony virus scans and bogus antivirus programs
THE HACKER NEWS
Train-Switching System Can Be Vulnerable To DDoS Attack
Prof. Stefan Katzenbeisser said in a presentation at the Chaos Communications Congress this week that hackers who wage DDoS attacks could use the same approach to shut down systems controlling train switching systems
REUTERS
Stuxnet Weapon Has At Least 4 Cousins: Researchers
Kaspersky Lab says Stuxnet was one of at least pieces of modular attack code developed on a single platform -- and it dates back to 2007
SEC TECHNO
Honeymail Keeps Your Email Privacy Safe
Honeymail flags users when they receive emails from untrusted sources and helps track email privacy violations from third parties
SECURITY WEEK
Analysis Of Data Exposed In STRATFOR Cyber Attack
Identity Finder's analysis shows many of records obtained by hackers are duplicate emails and expired card accounts, leaving about 9,661 active credit cards out of 50,000, and about 47,000 of the 86,000 emails were unique
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-1612
Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2013-2866
The Flash plug-in in Google Chrome before 27.0.1453.116 does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
CVE-2013-2969
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
CVE-2013-2968
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
CVE-2013-4622 (droid_incredible)
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.