Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Opinion

posted in November 2009
<<   <   Page 2 / 2
Cloud Security Certification In Development, But It Won't Be Quick
Commentary  |  11/5/2009  | 
The news that formal security certification for cloud-based services is in development is welcome news indeed. The news that the players involved understand just how complicated devising a certification will be is also good news, however little it may seem so at the moment.
Wolfe's Den: HP Revs Data Center Strategy, Stabbing At Cisco
Commentary  |  11/5/2009  | 
Hewlett-Packard has fired back at Cisco in the increasingly contentious race to field an overarching data-center strategy, which will enable enterprises to rein in the complexity of sprawling networks and rampant virtualization.
What To Do With Too Much Storage Performance
Commentary  |  11/5/2009  | 
I recently concluded a series that examined the components of the storage environment that can impact overall storage I/O performance. There was storage I/O bandwidth, controllers and drives. What if you are like
IBM CEO Sam Palmisano Talks With Global CIO
Commentary  |  11/4/2009  | 
In a rare and exclusive interview, the man who transformed IBM speaks out on business analytics, cloud computing, and the emerging Smarter Planet.
A Tool For Investigating Suspicious Activity
Commentary  |  11/4/2009  | 
Dealing with malware-infected computer systems can be time-consuming. If the compromised system has sensitive information, then often digital forensics will be employed to see whether the data was or could have been accessed by the malware. With the hit-or-miss performance of antivirus solutions and craftiness of malware authors, determining whether a computer system is infected is getting harder.
What DAM Does
Commentary  |  11/4/2009  | 
Database activity monitoring (DAM) tools have a range of capabilities, including data collection and analysis. But the real question is: How does this technology help you?
FBI: SMBs Losing Millions To Cybercrooks
Commentary  |  11/4/2009  | 
Cybercrooks may have tried to nab as much as $100 million from small and midsized U.S. businesses in payroll scams over he last year. Now the FBI is talking about how to protect yourself from this automated threat.
Global CIO: IBM's New CIO Sheds Light On Priorities And Plans
Commentary  |  11/3/2009  | 
After two months as IBM's first company-wide CIO, Pat Toole talks about battling 80/20, a massive data-center consolidation, cloud initiatives, and cutting 11,500 apps.
Fundamental Failures With Incident Response Plans
Commentary  |  11/3/2009  | 
I recently got back from a sizable IT security conference in London. As I've experienced countless times at shows, everyone was most intrigued by the war stories about organizations that were victims of a data breach. Security folks have an innate desire to learn what happened to others so they can prevent encountering the same fate -- or so they say. However, after personally investigating hundreds of data breaches for my clients, there seems to be a number of recurring themes that nobody seems
Fighting The Fear Factor
Commentary  |  11/3/2009  | 
It's hard work being prey. Watch the birds at a feeder. They're constantly on alert, and will fly away from food -- from easy nutrition -- at the slightest movement or sound. Given that I've never, ever seen a bird plucked from a feeder by a predator, it seems like a whole lot of wasted effort against not very big a threat.
Mainstreaming SSD
Commentary  |  11/3/2009  | 
Most of the major Solid State Disk (SSD) manufacturers and providers are reporting record sales both in terms of units and capacity being purchased. Much of this success is being driven by cost reductions in the technology and an increased understanding of how to best implement the technology. Mainstreaming SSD is going to require more than just price drops, its going to require intelligent leveraging of the technology.
Hacking Is A Way Of Life
Commentary  |  11/2/2009  | 
We've heard the stories and seen the statistics about insider attacks and how devastating they are to enterprises and their data. However, we've heard little about the underlying causes for many of the insider attacks other than it's the user's fault and the incident could have been avoided if proper precautions were in place. A recent article over at CSO Online sheds light on one of the causes and how it's due in large part to a generation gap and a need to stay connected.
Manhattan DA Announces Major ID Theft Indictment
Commentary  |  11/2/2009  | 
A Manhattan DA brought an 149-count indictment accusing a computer technician of stealing the identities of more than 150 employees of the Bank of New York Mellon and using those identities to orchestrate more than $1.1 million in thefts against charities and non-profits, among other institutions.
Worm Infections Double In First Half Of Year: Microsoft
Commentary  |  11/2/2009  | 
Microsoft's latest Security intelligence Report confirms what we all know: worms are spreading faster and faster, and although rogue anti-virus scams remain the top threat, the rate of worm infection doubled in the first six months of 2009.
Global CIO: Juniper Attacks Cisco Head-On With Help Of IBM And Dell
Commentary  |  11/1/2009  | 
Sensing Cisco is distracted with its non-networking ventures as CIOs are growing unhappy with rising network costs, Juniper is going after Cisco full-bore with key new products and partners.
<<   <   Page 2 / 2


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-16060
PUBLISHED: 2021-10-15
Mitsubishi Electric SmartRTU devices allow remote attackers to obtain sensitive information (directory listing and source code) via a direct request to the /web URI.
CVE-2018-16061
PUBLISHED: 2021-10-15
Mitsubishi Electric SmartRTU devices allow XSS via the username parameter or PATH_INFO to login.php.
CVE-2021-27561
PUBLISHED: 2021-10-15
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.
CVE-2020-4951
PUBLISHED: 2021-10-15
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.
CVE-2021-28021
PUBLISHED: 2021-10-15
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.