Best Of Web
Best Of The Web
BLOOMBERG BUSINESS WEEK
Top Cybersecurity Official Cites Hacker Threat to Infrastructure
A cyberattack on the the nation's critical infrastructure "could have cascading effects across multiple sectors" and is "another order of magnitude that we have to be worried about now," Greg Schaffer, acting deputy undersecretary at the Homeland Security Department said
KRYPT3IA
Anon Analytics: OSINT/LEAKING Analysis Of Corporate Corruption
New Anonymous splinter group claims to be looking into corporate wrongdoing
ZDNET
Tech Firms Patch 'Beast' SSL Flaws
Microsoft, Google, and Mozilla move to close vulnerability disclosed last week
TECHWORLD
Europe Rubs Online Privacy Advocates The Wrong Way With Data Retention Directive
Euro politicians say data is necessary to fight crime
RSA
Organized Cybercrime: Nefarious Sophistication Featuring Zeus V2.1.0.10
An insider�s look at a cybercrime gang and its use of the Zeus software to conduct a broad campaign
TALKING POINTS MONITOR
'Homeless Hacker' Lawyer: DDoS Isn�t An Attack, It�s A Digital Sit-In
Lawyer compares oversubscribing Web servers to occupying a Woolworth�s lunch counter
INSPIRESME
IT Support Firm Predicts 2012�s SME Security Threats
Barton Technologies offers a look at the risks faced by small and medium-size enterprises in the coming year
THE REGISTER
Firefox Developers Mull Dumping Java To Stop Beast Attacks
Horrible user experience will be for your own good, developers say
SOPHOS
Names And Addresses Of 25,000 Police Officers Published By Anonymous Cell
AnonAustria publishes personal information of police, medical patients
UBER REVIEW
The NSA Wants Its Own Smartphone
Ultra-stealth agency is looking for a device that is secure enough for its employees to use
WIRED
State Department Employee Faces Firing For Posting WikiLeaks Link
Employee faces investigation after he linked to a WikiLeaks document in his blog
COMPUTERWORLD
MySQL.com Hacked To Serve Malware
Open-source database breached; hack follows that of Linux Foundation
MICROSOFT
Vulnerability In SSL/TLS Could Allow Information Disclosure
Flaw affects protocol and is not Windows-specific, software giant says
CNET
Hackers Leak Data Of Goldman Sachs CEO
Personal information is posted, but no financial data is leaked
NEW YORK TIMES
For Hackers, The Next Lock To Pick
Mobile devices are the next target for cybercriminals seeking personal information
SC MAGAZINE
Microsoft, Google Move To Tame Beast
Moves could help protect users against the SSL Beast attack
PC ADVISOR
Microsoft Employee Gets Jail For $459,000 Fraud
Former employee cites anger at company as justification for his actions
THE WALL STREET JOURNAL
What To Do If You've Been Hacked
Aside from not shutting down the infected machines, keep a chain of custody, and find out who to report it to
NAKED SECURITY BLOG
USA Today's Twitter Account Falls Foul Of Hackers
A group calling themselves the Script Kiddies claims it was behind the hack of USA Today's Twitter account
INFOSEC MEDIA
HideMyAss Defends Role In LulzSec Hack Arrest
HideMyAss, a free Web proxy and anonymous pay-for-VPN service, is defending why it handed over evidence that led to the arrest of an alleged member of LulzSec
THREAT POST
Troubling Cracks Showing In Internet's Security Foundation
A series of hacks shows how the current Internet infrastructure is unable to guarantee the transport of data securely
NIK CUBRILOVIC
Logging Out Of Facebook Is Not Enough
Even when you log out of Facebook, some cookies -- including your account number -- are sent to all requests to facebook.com, so delete every Facebook cookie in your browser, or use a separate browser for it
TECHWORLD
Russia Blames US And Israel For Stuxnet Worm
Russia laid the blame Stuxnet on U.S. and Israel, calling it "the only proven case of actual cyber-warfare"
INFOSECURITY MAGAZINE
Apple OS X Lion Passwords Cracked
The security of the password system on Apple's OS X Lion has been compromised, according to a security researcher
SECURITY WEEK
Money Mule Leader Pleads Guilty For Part In Global Fraud Scheme Powered By Zeus
Nikolay Garifulin, 22, of Russia, pled guilty last week in U.S. federal court to conspiracy to commit bank fraud and possess false identification documents for his role in a Zeus-based cybercrime scheme that stole more than $3 million from dozens of U.S. accounts
TIMES OF INDIA
Cyber Underworld: How It Works
Cybercrime bears a growing resemblance to everyday business
CHRISTIAN SCIENCE MONITOR
From The Man Who Discovered Stuxnet, Dire Warnings One Year Later
Sophisticated exploit opens Pandora's box of possibilities, researcher says
CBC NEWS
Cyberspying Is The New Face Of Espionage
Experts say all governments need greater vigilance
WIRED
WikiLeaks Volunteer Hacked A Reporter, Assange Autobiography Reveals
New memoir offers insight on the life of the founder of WikiLeaks
IT PRO
Japan Attacked: Can We Say "Cyberwar" Now?
Latest attack on weapons supplier has all the earmarks of an act of war
THREAT POST
Microsoft Defends Secure Boot In Windows 8
Security researchers raise concerns over software giant's decision to build boot sequence on a UEFI instead of a traditional BIOS
THE REGISTER
Cyberspy Attacks Targeting Russians Traced Back To UK And U.S.
Sophisticated network is targeted toward Russia and surrounding countries, Trend Micro says
FINANCIAL TIMES
China: Hacking Gets Industrial
Personal information of several million people found on one hacker's hard drive
THE OFFICIAL MICROSOFT BLOG
Rustock Civil Case Closed: Microsoft Refers Criminal Evidence To FBI
Software giant cancels case against Rustock botnet operators
TALKING POINTS MEMO
New Book To Tell Tale Of Anonymous'? Role In U.S. Security Contractor?s Hack, Middle East Operations
New tome is authored by former members of hacker collective
COMPUTERWORLD
Adobe Patches Flash Bug Hackers Are Already Exploiting
XSS bug similar to June flaw that hackers used to snatch Gmail passwords
SOFTPEDIA
50.000 Websites Infected With Spam From
WordPress infection discovered after offending website is shut down, causing errors on many other sites
FOX NEWS
FBI Arrests Suspected LulzSec And Anonymous Hackers
Alleged members of hacker collectives arrested in San Francisco, Phoenix, and Ohio
ARS TECHNICA
New JavaScript Hacking Tool Can Intercept PayPal, Other Secure Sessions
Researchers say their tool can decrypt secure Web requests to sites that use TLS and SSL
SEATTLE TIMES
Feds: Trio Hacked Wi-Fi Or Burglarized 50 Firms
Crime ring broke into companies to install malware that would allow future thefts
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3562
Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3561
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
CVE-2013-3560
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3559
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
CVE-2013-3558
The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.