Best Of Web
Best Of The Web
IT NEWS
NATO Server Hacked, Files Published
Hackers hit a NATO server in what they claim was a private zero day exploit--as part of the AntiSec movement
LENNY ZELSTER ON INFORMATION SECURITY
The Social Web And Security
The Web is turning into the social web, bringing with it major security implications for businesses due to its mobile, peer-to-peer, HTTPS, multimedia, and other hard-to-manage communications
REUTERS
Cyber Attacks Outpace Global Response, U.S. Warns
U.S. Secretary of Homeland Security Janet Napolitano said the technical sophistication of cybercriminals requires an accelerated cross-border campaign to combat the security threat
TIMES OF INDIA
South Korea To Expand Military Cyber Unit
South Korea's defence ministry said it will expand its cyberwarfare unit to fight Internet attacks from North Korea
TECHEYE
Microsoft Backtracks On Killer Worm
Microsoft now says the Trojan Win32/ Popureb.E does not require a reinstall of Windows, just a clean-state recovery
GOVERNMENT COMPUTER NEWS
Future Cybersecurity Workforce Heads To Summer Camp
Colleges in five U.S. states are hosting more than 200 students in cyberboot camps this summer as part of a program to encourage and foster cybersecurity professionals
IT WORLD
Spam Levels Drop, As Botnets Owners Find More Malicious Ways To Spend Their Time
Symantec says spam is declining because there are fewer botnet nodes sending it out, citing the takedown of the Rustock botnet, which was credited with sending almost half of all spam messages
OFFICE OF INADEQUATE SECURITY
Stolen Pfizer Laptop Contained Personal Information On Employees And Others
A laptop stolen from a Pfizer employee�s car contained personal information on employees, health care professionals, service providers, and customers--and the laptop�s encryption password might have been compromised
FAST COMPANY
Secret Service Reveals How It Stalks Cybercriminals
U.S. Service detailed how it employs fake accounts on underground websites, has participated in multinational credit card fraud investigations with Turkish law enforcement, and teamed with Dutch law enforcement services to track a series of cyberattacks that resulted from a massive leak of stolen Verizon user data in 2010
THE NEW YORK TIMES
Robert Morris, Pioneer In Computer Security, Dies At 78
Cryptographer Robert Morris, who helped developed the Unix computer operating system and whose son unleashed the infamous Internet worm in the 1980s, died on Sunday
INFOWORLD
Sorry, But The TDL Botnet Is Not 'Indestructible'
The latest boot-sector rootkit, which is difficult to detect and remove, will be cured soon enough
SC MAGAZINE
Trojan Talks Over Tor
Researchers discovered a Trojan that uses the Tor anonymity network to communicate with command-and-control servers
FORBES BLOG
Anonymous Launches A WikiLeaks For Hackers: HackerLeaks
People���s Liberation Front launched two new leaking sites, LocalLeaks.tk and HackerLeaks.tk, in order to post documents through anonymous submission systems, analyze them, and then distribute them to the press to get "maximum exposure and political impact"
THE HACKER NEWS
13 Years Jail For Phishing Attack
Kenneth Joseph Lucas II, Los Angeles, was sentenced to 13 years in prison for allegedly engaging in a phishing attack aimed at stealing money from consumer bank accounts during the operation "Phish Phry"
MSNBC
NBC News: Hacker Attack Cripples Al-Qaida Web Communications
In what appears to be the handiwork of government-sponsored hackers, al-Quaida's Internet communications and website were knocked offline via 'sophisticated' methods
THE HERALD SUN
Hacking Group Anonymous Is Planning On Targeting Australian Banks After Already Breaching A Sydney Council
Anonymous is planning to target Australian banks after hacking the website of Mosman Municipal Council on Tuesday, leading to the leak of four databases
NAKED SECURITY BLOG
Groupon Subsidiary Leaks 300K Logins, Fixes Fail, Fails Again
Digital discount site Groupon���s Indian operator SoSasta leaks customer data, but doesn't properly fix the problem
COMPUTERWORLD
Microsoft Patents Spy Tech For Skype
'Legal Intercept' will allow it to silently record VoIP communications to meet government wiretap and surveillance requests
US CERT
Apple Releases Java Updates For Mac OS X 10.5 And OS X 10.6
Apple has released Java for Mac OS X 10.5 Update 10 and Java for Mac OS X 10.6 Update 5 to address multiple security vulnerabilities
SOFTPEDIA
FBI Questions Iowa Woman About LulzSec Hackers
Laurelai Bailey had her home raided by the FBI and was questioned in connection with an investigation into attacks carried out by former LulzSec members--she had hung out in IRC chatrooms where the attackers hatched their attack on HBGary, and later leaked the logs
GIZMODO
AntiSec Slams Arizona Cops (Again) With Super Personal Data Spill
Anonymous took another swipe at the Arizona boder police, claiming to post Social Security numbers, girlfriend pictures, and other private correspondence and information
THREAT POST
Fake IRS Spam Campaign Pushing Zeus Bot
Attackers are sending emails that appear to come from the IRS to infect victims with the Zeus bot in a large-scale attack that uses the subject lines like "Federal Tax payment rejected" or "Your IRS payment rejected�
LOCAL 12 NEWS
Butler County Teen Named In International Hacking Case
An Ohio teen may be linked to the LulzSec international computer hacking case now under investigation by the FBI--FBI agents would only confirm that a federal search warrant had been served
TECH WORLD
Researchers Discover 4.5 Million-Strong Super Botnet
Kaspersky Lab researchers found that a new version of TDL-4 malware has infected 4.5 million IP PCs in 2011 alone--around 1.5 million in the US.
REUTERS
Cyber Attack On Gannett Targets U.S. Soldiers
Attackers hacked a Gannett database containing personal information about subscribers to publications read by U.S. government officials, military leaders, and rank-and-file soldiers
CHRON
Raid Shuts Down Credit Card "Factory"
Home cranked out hundreds of fake cards, according to police
THE HACKER NEWS
MasterCard Again Down By DDoS Attack In Support Of WikiLeaks And Anonymous
Attack could be part of "Operation Antisec"
INFOSEC ISLAND
Asperger's: The New Insanity Defense For Hacking?
Disease has been used in courts several times to keep hackers out of jail
COMPUTERWORLD
Rootkit Infection Requires Windows Reinstall, Microsoft Says
Boot-level infection may mean starting all over again with Windows
THREAT POST
Massive Phishing Attack In Progress On Tumblr
Attack has already succeeded in stealing the login credentials of thousands of users
THE REGISTER
Hackers Pierce Network With Jerry-Rigged Mouse
Mission Impossible meets Logitech, experts say
KOTAKU
Sony Says It Was Hacked Because It "Tried To Protect Its IP"
Attackers want company's games to be free, chairman says at shareholders' meeting
BBC NEWS
Citigroup Banker Pleads Not Guilty To $19.2M Theft
Gary Foster denies being the architect of "the ultimate inside job"
CNN
Hackers Claim Breach Of Tony Blair's Personal Details
Member of "Team Poison" hacking group leaked Blair's address and phone book--including the details of "family, friends, MPs and lords"--and the contact details and resume of his former special adviser
TG DAILY
Facebook Reportedly Hires PS3 Hacker George Hotz
The man sued Sony, may now be working for Facebook on the site's development team, a blogging site reports
THE HOSTING NEWS
Hackers Breach Brazilian Government Sites
Outages lasted more than two hours and included sites of the Brazilian president, the country's tax agency, and the government
ESET BLOG
The Social Networking/Cybersafety Disconnect
While nearly 70 percent of adults are concerned about security on social networking sites, one-third of them have never changed their passwords for their social networking accounts
THE REGISTER
Brussels To Banks: Prepare For Tougher Data Breach Rules
European Commissioner Viviane Reding has warned banks that they will be required to notify customers about data security breaches
DER SPIEGEL
Anti-Virus Pioneer Evgeny Kaspersky: 'I Fear the Net Will Soon Become a War Zone'
Kaspersky Lab founder says his computer was almost infected twice recently, once via a Flash card and another, due to an infected website in a hotel
EWEEK
Password Security Remains The Weakest Link Even After Big Data Breaches
Security say user authentication should be a combination of what the user knows, such as a strong password, and what the user has, such as a hardware token, that randomly generates a passcode every 30 seconds
Best Of Web Archive:
Most Recent | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3744
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.
CVE-2013-3743
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
CVE-2013-2473
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, and CVE-2013-2472.
CVE-2013-2472
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, and CVE-2013-2473.
CVE-2013-2471
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2472, and CVE-2013-2473.