Best Of Web
Best Of The Web
DEFENSE SYSTEMS
Army Cyber Command Tackles Network Security Challenge
Commanding general offers insights on defense initiatives
FINEXTRA
Americans Want Alternative To Cards For Online Payments, Survey Says
Consumers say they would spend more online if they were offered an easier and more secure way to pay
TECH WATCH
Romanian Hackers Steal Millions From Subway
Attackers stole credit card details of more than 80,000 customers from 150 Subway stores, as well as 50 other unnamed retailers
BBC
Oil Cyber-Attacks Could Cost Lives, Shell Warns
A Shell Oil IT manager for Shell told the World Petroleum Conference that the company had suffered an increased number of attacks, and that cyberattacks could "cost lives" and cause "huge damage"
INFOSEC ISLAND
ICS-CERT Warns Facilities Of Exposure Via SHODAN
ICS-CERT is reissuing a warning about increased use of tools that could provide sensitive information that can be utilized by an attacker to compromise network security, including SHODAN
HELP NET SECURITY
Personal Info Of US Law Enforcement Agents Published Following Hack
The Coalition of Law Enforcement and Retail website by a self-proclaimed member of Anonymous who leaked names, addresses, email addresses, and phone numbers of more than 2,400 law enforcement officers and retail loss prevention professionals, and their password hashes for the site
SD TIMES
Richard Clarke Talks Cyber Crime
The former chief counter-terrorism adviser to the president and author of the book "Cyber War" called 2011 "The Year of the Breach"
AP NEWS
A Few Hacker Teams Do Most China-Based Data Theft
Only about a dozen Chinese groups with government backing execute most of the targeted attacks against U.S. government and businesses
NAKED SECURITY BLOG
Malicious Cloned Games Attack Google Android Market
Recent two-pronged attack on the Android Market by malicious developer Logastrod made "trojanized" copies of many popular games and uploaded them to the Market
THREAT POST
DNS Hijacks Now Being Used To Serve Black Hole Exploit Kit
Attackers targeting DNS infrastructure to push exploits via the Black Hole Exploit Kit
NETWORK WORLD
Anonymous Attack On HBGary Federal Didn't Ruin Us, Says CEO
HBGary CEO Greg Hoglund said Anonymous' on HBGary Federal, a separate company set up by HBGary in 2009, did not result in lost business for his firm
SC MAGAZINE
Lockheed Martin Hit, But Not Breached, With Adobe Zero-Day
Attackers attempted to exploit a newly disclosed Adobe Reader zero-day vulnerability to infiltrate Lockheed Martin among other companies
THE REGISTER
Download.com Sorry For Bundling Nmap With Crapware
Download.com has apologized for bundling open-source packages including Namp with toolbar installers
LOOKOUT BLOG
Carrier IQ Detector Released
Lookout is offering a free tool called Carrier IQ Detector to help its users better determine whether their phone contains Carrier IQ software
INFO WORLD
Two Zero-Day Vulnerabilities Found In Flash Player
Researchers have released an exploit for two zero-day remote code execution vulnerabilities in Flash Player
NETCRAFT
Sustained LiveJournal DDoS Attack Continues
The site has been under attack for 10 days, and speculation is high that it's related to the recent Russian elections
THREAT POST
Microsoft Unveils New Windows Defender Offline Tool
Microsoft released a beta of the new Windows Defender Offline tool for victims of malware attacks to clean up if they can't reach the Internet tool
THE REGISTER
Chrome Is The Most Secured Browser: New Study
Google Chrome is the most secured browser, followed closely by Internet Explorer, according to Accuvant, while Firefox came in third, mainly due to its lack of a security sandbox
SOPHOS
Election-Day Cyberattack Scandal Rocks South Korea's Ruling Party
Officials accused of participating in effort to tamper with computers at government election agency
NETWORK WORLD
U.S. Charges Romanians In Multimillion-Dollar Point Of Sale Hack Scheme
Some 80,000 customer credit cards stolen, Department of Justice says; Merchants include Subway sub shops and 50 others
INDUSTRIAL SAFETY AND SECURITY SOURCE
Attackers Clean Out Duqu Servers
Hackers behind the Duqu exploit have shut down their snooping operation, researcher says
OIIP
Cybersecurity And Cyberpower: Concepts, Conditions, And Capabilities For Action Within The EU
Briefing to European Parliament suggests methods for strengthening cybersecurity within the EU
THREAT POST
Attackers Using Known Trojan In Exploits On Adobe Zero-Day
Newly discovered vuln being used to install a Trojan that has exploited Adobe flaws before
COMPUTERWORLD
Yahoo Awarded $610M In Spam Case
Spam scam promised users prizes in a non-existent Yahoo lottery
SYMANTEC
SMS Privato Spy Cheating You Out Of Your Money
Realistic-looking content promotes software that doesn't exist
WEB WERELD
Weather Certificate Authority Vendor Hacked
Website of KPN subsidiary Gemnet, which provides PKI certificates, might have been breached
ACTIVIDENTITY
Best Practices For Online Banking Security
What banks should do to improve the user experience
HEALTHCARE INFO SECURITY
Encryption: Overcoming Resistance
Test driving the latest technology can help win support from top executives, study says
TECHWORLD
Google Security Expert Demonstrates Web Browser History Theft
Michael Zalewski shows off a reliable way of stealing browsing history using cache timings
THREAT POST
Personal Information Of 3.5 Million Poker Players Spilled Online
Customers of Website Ultimate Bet are victims of data breach
IT GOVERNANCE
Top Nine Cybersecurity Threats
Cyberbrokers, increased automation of attacks are among chief concerns
THE REGISTER
Gadget-Hackers Post How-To On BlackBerry PlayBook JailBreak
Detailed guide available to jailbreak popular tablet device
SECURITY WEEK
The Accidental Pirate: What Software Vendors And Enterprise Companies Should Know
Software noncompliance can result in serious financial risks, experts say
THE DAILY ATTACK
Former Hacker Charlie Miller, Now Working With DoD On Cybersecurity
Video interview discusses researcher's move to work with the federal government
THE REGISTER
Military Contractor Warns Of New Adobe Reader Exploit
Attacks already under way, researcher says
COMPUTERWORLD
Eight Companies Hit With Lawsuit Over CarrierIQ Software
Suit is third to be filed in privacy controversy
REUTERS
U.S. Power Grid Needs Cybersecurity Shield: Report
Threat of cyberattack should be handled by a single federal agency, not a mishmash of groups, MIT report says
THREAT POST
Carberp And Black Hole Exploit Kit Wreaking Havoc
Two exploits increasingly found working together
MAXIMUM PC
Fortinet Reveals Top Eight Security Predictions For 2012
Big botnets, rootkits may be on tap for new year, company says
THE REGISTER
"Evil" Pleads Guilty In Platform Networks Case
Hacker pleads guilty to multiple attacks
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
- HP Newsletter with Gartner Research: Maximizing Your Infrastructure through Virtualization
- Understanding Holistic Database Security 8 Steps to Successfully Securing Enterprise Data Sources
- A How-To Guide on Using Cloud Services for Security-Rich Data Backup
- Holistic Risk Management: Perspectives from IT Professionals
- Aligning IT with strategic business goals: A proactive approach to managing IT risk to your business
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2012-4697
TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session.
CVE-2011-4520
Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4519
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-4518
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2012-6563
engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.