Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Opinion

Content posted in October 2007
Security Threats Meet Business Treats
Commentary  |  10/31/2007  | 
Having written so much about the horrors small and midsized businesses face for our two-part Halloween business terrors feature, I couldn't resist the temptation to give some thought to technology treats.
Free Security Tech Support: Treat Yourself (And Your Computer) On Halloween
Commentary  |  10/30/2007  | 
Security Company CyberDefender's offering free phone-in technical support for one day only -- and that day's tomorrow, October 31. How's that for a Halloween treat?
How Dumb Is Too Dumb To Operate a Computer?
Commentary  |  10/26/2007  | 
Over at GnuCitizen.org, Petko D. Petkov makes it clear that computer users are the weak link in Internet security. In a blog post, Petkov points out that the term "drive-by download," as defined by Wikipedia, doesn't quite work.
Net Security Woes Grows
Commentary  |  10/25/2007  | 
A new report that focuses on the security challenges facing small and midsized businesses shines a light on just how big those challenges are -- and which ones you may be overlooking.
Interop Winners: Desktop Conferencing, Deep Security
Commentary  |  10/25/2007  | 
It's a purely unscientific and anecdotal perspective, but here are my picks for most interesting and most needed technologies from Interop this week, plus the most startling stat I heard in my New York City travels.
Shallow Victory for the Federal Government
Commentary  |  10/25/2007  | 
Whether you realize it or not, John Zuccarini, a notorious scam artist, represents a threat to your online business. His cyberspace businesses illustrate the problems that the government must overcome to make it a safe haven for reputable enterprises.
World Series Ticketing System Crashes, Rebounds
Commentary  |  10/24/2007  | 
The Colorado Rockies were felled by "an external malicious attack" that crashed its online system Monday.
Internet Security Hall Of Shame
Commentary  |  10/22/2007  | 
What are the ten biggest -- and, alas, most common -- Internet security mistakes made by small and midisized businesses, their employees, vendors, family and friends?
Security Threats Rise -- And So Do Security Budgets
Commentary  |  10/19/2007  | 
Is your security budget increasing? Most small and midsized businesses are growing theirs.
Can The RIAA Close Down Usenet?
Commentary  |  10/18/2007  | 
Those of us who remember the Internet before the Web -- and yes, Virginia, there was an Internet before the Web -- will remember when Usenet was one of the major destinations for discussion and file-sharing. It's still there, in a quiet corner where the cognizanti hoped it would go unnoticed by the great unwashed. No more.
Personal Data Protection Legislation: Readers Have Their Say
Commentary  |  10/17/2007  | 
Reader comments on my post about the California governor's veto of a bill that would increase the state's data protection standards included some points warranting further discussion and some intriguing ideas. A related poll shows readers share my skepticism about businesses' will and capacity to fix the data loss problem.
Schwarzenegger Trusts Businesses To Protect Your Data; Do You?
Commentary  |  10/16/2007  | 
Gov. Arnold Schwarzenegger's veto of a California bill aimed at increasing the state's data protection standards, in part based on his view that the marketplace is handling consumer data protection, raises a troubling question: What planet is this guy living on?
Symantec To Buy Vontu?
Commentary  |  10/15/2007  | 
Symantec may be close to announcing the acquisition of Vontu, a company that helps businesses control information on their networks. Given that Symentec already licenses Vontu's data loss prevention technology, the rumored deal isn't entirely unexpected.
Mobile Security: The Data, Not The Notebook Is The Asset
Commentary  |  10/15/2007  | 
Stolen laptops and notebooks continue to get a lot of attention when a lot of confidential data gets stolen along with the device.
Employee Security: Don't Let Layoffs Go From Bad To Worse
Commentary  |  10/12/2007  | 
Layoffs, terminations and firings are never easy -- but they also shouldn't expose your company, network and equipment to more risk than they have to.
Microsoft Security Patches: 4 Critical, 2 Important
Commentary  |  10/10/2007  | 
Yesterday was Patch Day at Microsoft and a Big Day it was, with both Vista and Internet Explorer getting some fixes.
Security Costs: Are You Spending Enough? Too Much?
Commentary  |  10/9/2007  | 
The average company spends 20 percent of its technology budget on security. Does that finding match your security outlay?
Websense Emerging as Viable Security Supplier
Commentary  |  10/9/2007  | 
Are you a bit insecure about your security supplier? In this highly volatile marketplace, Websense is emerging as a vendor that medium and small businesses may want to take a closer look at.
Business Security Requires Network Security Requires Employee Security Requires Job Security
Commentary  |  10/8/2007  | 
The employee security I'm talking about here is your technical team's -- and your ability to hold onto them.
Network Security Problems? Blame The Boss!
Commentary  |  10/4/2007  | 
A recent pre-prison interview with a convicted hacker offers some surprising and important lessons in network and computer security.
Consumers May "Get" Cyber Security -- But That Doesn't Mean They've Got It
Commentary  |  10/3/2007  | 
More than 90 percent of consumers think their PCs -- and their computing habits -- are safe. Half of them are wrong.
Laptop Security: Mind The Gap
Commentary  |  10/1/2007  | 
More big retailer cyber security lessons for small to midsize businesses: This time a security gap hit The Gap.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41617
PUBLISHED: 2021-09-26
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with gro...
CVE-2021-3830
PUBLISHED: 2021-09-26
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.