Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Opinion

Content posted in March 2008
<<   <   Page 2 / 2
Malware Made Real
Commentary  |  3/11/2008  | 
Romanian visual artist Alex Dragulescu has created a series of images depicting malware, under a commission from MessageLabs, a communications security company. The results are stunning because they sustain the expectation that malicious code is somehow alive.
Students Successfully Hack RFID Crypto
Commentary  |  3/11/2008  | 
RFID-chips -- commonly used for wireless payments, access key cards, and even to open car doors -- have been shown relatively easy to hack.
Disaster Recovery: Practice = Protection
Commentary  |  3/11/2008  | 
How prepared can you be for a data disaster? Clearly the answer is never enough -- no matter how prepared you are, the recovery will undoubtedly reveal aspects of your preparation that can be improved upon. So why not start scouting out those improvable aspects before disaster strikes? Why not practice for problems and rehearse your recovery? Doing so now might eliminate post-disaster disasters later.
Skepticism and Safety
Commentary  |  3/11/2008  | 
Welcome to the Internet. Trust no one.

Living in my bubble of tech-savvy friends and acquaintances, it's easy for me to forget that people need to be told this. But then, I get an e-mail from a particular person (who shall remain nameless) warning me about a virus going around in the form of an e-mail attachment entitled "Life is Beautiful." Of course, it's a forward, and I can see the chain of suckers going back several generations. I'm admonished not to op
Demise Of The Specialist
Commentary  |  3/10/2008  | 
Security's never been an afterthought in storage, but it wasn't exactly a major cornerstone as stored bytes moved beyond the mainframe and into storage networks. Lost or stolen hard drives, laptops, and backup tapes have made big headlines in recent years, and prompted state and federal lawmakers to horn in on the act.
Breach: British Police Force Allegedly Infiltrated By Al-Qaeda
Commentary  |  3/9/2008  | 
According to a story that ran in today's edition of the Daily Mail, four officers in Britain's Met police force have been eyed as terrorist spies.
A Taxing Response
Commentary  |  3/7/2008  | 
"No effort to control greenhouse-gas emissions or to lower the carbon footprint ... can succeed unless those emissions are priced properly," writes Michael Specter in the Feb. 25 issue of The New Yorker. "There are several ways to do that: they can be taxed heavily, like cigarettes, or regulated, which is the way many countries have established mileage-per-gallon standards for automobiles." Exchanges where entities buy and sell rights to pollute are another way. While Specter's article i
Microsoft Preps Bevy Of Office Patches
Commentary  |  3/6/2008  | 
Microsoft is readying four "critical" security patches for next week. While it's a far cry from last month's 11 patches, IT shops will be busy nonetheless.
In Love With Wireless
Commentary  |  3/6/2008  | 
And public Wi-Fi hotspots, texting galore, and the iPhone are the tools of this seduction. But with more applications and wireless spectrum (and YouTube clips) on the way, where exactly are we going to store all this new content?
Missing White House E-Mail -- Politics Or Bad Tech Policy?
Commentary  |  3/5/2008  | 
The White House's assertion that as many as 5 million e-mails have gone missing has raised a lot of political hackles on both sides of the aisle and throughout the pundit-sphere over the last couple of years. Far less attention has been paid to a far more serious (and less politically secular) question: just what is the tech infrastructure underlying the White House's electronic communications?
USB & Firewall System Attacks Surface: Disable Your External Media Ports
Commentary  |  3/5/2008  | 
It appears as though, more than ever before, if you lose physical sight, and especially control, of your notebook, your data could be hosed. This is even more so now that tools that attack disk-based crypto are surfacing at an alarming rate.
Julienne Storage
Commentary  |  3/5/2008  | 
Given the variety of ways that stored data gets sliced and diced these days, it's hard not to imagine that Ron Popeil of Veg-o-Matic fame didn't have a hand in there somewhere along the way. Here's what I mean.
Is This Really A Good Idea?
Commentary  |  3/4/2008  | 
In a world concerned with terrorism, is providing the capability to monitor factory and plant information from a handheld device really a good idea?
SRM Gets The Gas
Commentary  |  3/4/2008  | 
In Vendor Land, it's a short hop from capacity planning to storage resource management (SRM). A couple product guys from IBM volunteered to explain why this makes good business sense (even if it blows your budget).
Teens Still In The Hacking Biz -- On Both Sides
Commentary  |  3/4/2008  | 
Way on the other side of our little blue planet, folks in New Zealand are reeling from the recent arrest of 18-year old Owen Thorn Walker, who masterminded a group of programmers that infected more than a million computers around the world.
Good News: Federal Agency IT Security Improving
Commentary  |  3/3/2008  | 
Usually the government releases news it wants to bury over the weekend. This Saturday, however, the Office of Management and Budget released a report stating that, overall, federal IT security is improving.
A Bracketed Discussion
Commentary  |  3/3/2008  | 
You know, the kind where you want to decide where to go for dinner, and suddenly your significant other/spouse/soulmate is off and running on the past, present, and future of the relationship and why you never ... well, you get the point. This is actually good practice for when you try to talk to a vendor or reseller about storage capacity planning. Why? Because this very specific function you want help with snowballs quickly into a referendum on the future and sanctity of your enterprise's da
A Dozen Thumb Drives With Security Features
Commentary  |  3/3/2008  | 
Thumb drives are convenient, cheap -- and all too easily lost, stolen, left behind or otherwise compromised... with potentially catastrophic consequences. Informationweek recently took a look at twelve drives that include security features.
Is That A Trojan Calling?
Commentary  |  3/1/2008  | 
Numerous security researchers, including the US-CERT, are warning of a new Trojan that attempts to attack Microsoft Windows Mobile Devices. Is that threat anything to worry about?
<<   <   Page 2 / 2


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/&lt;id&gt;.html allows authenticated attackers to delete all users.
CVE-2016-6555
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in ver...
CVE-2016-6556
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This iss...