Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Opinion

Content posted in March 2009
<<   <   Page 2 / 2
5 Ways To Avoid Adware And Malware
Commentary  |  3/9/2009  | 
Think you're protected from adware and malware? Think again. But here are five tips to avoid leaving your computer vulnerable.
Symantec: New Conficker/Downadup Defends Itself Against Defenses
Commentary  |  3/9/2009  | 
Good news: the Conficker/Downadup worm infection seems to be shrinking. Bad news: the worm-makers have developed a new strategy aimed directly at defeating defenses erected against it.
New Dark Reading Tech Center Highlights Insider Threats
Commentary  |  3/9/2009  | 
Today marks the official launch of the Insider Threat Tech Center, a subsite of Dark Reading devoted to bringing you news, opinion, and analysis of the security threats that come from inside the organization -- and the technologies used to prevent them. This is the first of what we hope will be several Dark Reading Tech Centers, which are designed to provide you with a more focused view of specific issues, threats, and tec
Make Daylight Savings Time Daylight (And Nighttime!) Security Time
Commentary  |  3/6/2009  | 
The clock resets that come every spring and fall offer a convenient reminder to doublecheck security procedures and programs, patch status and also to remind your staff to change their passwords.
Offensive Computing: A Bad Idea That Never Dies
Commentary  |  3/5/2009  | 
Your network is getting scanned from some system on the other side of the country, or perhaps the globe. You traceroute the IP address, and discern the offending system is infected with a bot that's trying to infect you. You take a look at the device and see it's not patched for a multitude of OS vulnerabilities. Is it ethical (never mind legal) for you to take the system down with some exploits of your own?
Identity Finder: Tax Time Is Identity Protection Time -- And Not Just Online!
Commentary  |  3/5/2009  | 
As tax season moves into higher gear, so do criminals' efforts to liberate your personal information from your private files. According to one identity theft expert, our online identity protection vigilance needs to be matched by offline wariness as well.
Storage QoS For Virtualized Environments
Commentary  |  3/5/2009  | 
As the initial wave of virtualization projects come to a close, many are finding an odd result. CPU utilization is actually lower than when it started. Now users are looking to pile on more workloads but before they do they need to prioritize storage I/O performance to those workloads; they need a QoS for storage.
Lack Of Manpower Leads To Insecurity
Commentary  |  3/4/2009  | 
The "PHPBB Password Analysis" blog entry here on Dark Reading by Robert Graham offers some truly interesting insight into how users choose passwords -- great info for infosec pros and hackers alike. What I want to point out is something Robert mentions about the phpBB hack in his company's Errata Security blog that
Symantec: Norton 360 v. 3.0 Released Today
Commentary  |  3/4/2009  | 
Symantec's third iteration of its Norton 360 Internet security product offers online backup and data management tools as well the expected array of anti-virus, firewall and identity protection. All, the company says, at higher speed while making lower system demands. Marketed to home users, the package can be effective for small offices as well.
Is Antivirus Software Slipping?
Commentary  |  3/3/2009  | 
A "study," released by a security firm just yesterday, points out the well-known weakness in signature-based antivirus software. But does this mean you shouldn't rely on antivirus software?
iSCSI Strikes Back
Commentary  |  3/3/2009  | 
With all the talk about FCoE and NFS it seems that iSCSI has become the odd man out. All reports indicate that Dell continues to do well with the EqualLogic acquisition but what Hewlett-Packard is doing with its LeftHand Networks purchase remains unclear. Don't count iSCSI out yet, though -- companies are planning iSCSI storage solutions aimed r
Peter Parker's Uncle Ben Would Not Approve
Commentary  |  3/3/2009  | 
Note to Web browsers: With great power comes great responsibility.
Facebook Insecurity: The Worm Returns
Commentary  |  3/3/2009  | 
Facebook and other social network users need to be on the alert for the return of the Koobface worm, which sniffs out cookies associated with social nets, then uses that info to spread itself to other network members.
Breaking Out Of Your Zone
Commentary  |  3/2/2009  | 
There is a blog entry over at the Security Catalyst website titled "Running Outside the Zone" that I think all IT security pros should take the time to read, ponder and put into practice. I won't rehash all of the details here, but the gist of the post is that as an infosec professional, you need to get step outside your comfort zone once in a while. It helps you stay sharp, learn new skills and get better in some areas you'
Sophos: Downadup May Cause Friday the 13th / Southwest Airlines Problems
Commentary  |  3/2/2009  | 
The Downadup/Conficker infestation may be about wreak a little more havoc. Security firm Sophos says the botnet is gearing up for a Friday the 13th move, with Southwest Airlines among its possible targets.
<<   <   Page 2 / 2


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26587
PUBLISHED: 2021-09-27
A potential DOM-based Cross Site Scripting security vulnerability has been identified in HPE StoreOnce. The vulnerability could be remotely exploited to cause an elevation of privilege leading to partial impact to confidentiality, availability, and integrity. HPE has made the following software upda...
CVE-2021-36878
PUBLISHED: 2021-09-27
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions &lt;= 2.0.5) makes it possible for attackers to update settings.
CVE-2021-37539
PUBLISHED: 2021-09-27
Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution.
CVE-2021-33907
PUBLISHED: 2021-09-27
The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an elevated privileged context.
CVE-2021-34408
PUBLISHED: 2021-09-27
The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This could allow for potential privilege escalation if a link was created between the user writable direct...