Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in January 2008
Page 1 / 5   >   >>
Does This Storage Make My Butt Look Big?
Commentary  |  1/31/2008  | 
This is a curious link to follow if you agree that women as storage buyers: A) Are aliens B) Constitute a completely different species C) Need to be spoken to like prostitutes (the "Pretty Woman" Julia Roberts kind, not that Theresa Russell sort)
Toward Buffer Overflow Extinction
Commentary  |  1/31/2008  | 
The first time a buffer overflow was used as part of an attack on information systems, at least the best I can find, was the infamous 1988 Morris worm. While the Morris worm propagated across Unix, buffer overflows have been the bane of Windows security for years. Microsoft is furthering its efforts to push this problem into the history books.
When Criminal Intent Lurks One Cube Away
Commentary  |  1/31/2008  | 
The ongoing Société Général fraud story is a case study in insider threats. The costs, north of $7 billion for the French bank, are high and likely to go higher. For the rest of us, it leaves an uneasy question: Do we have a rogue in our organization? And if so, what do we do about it?
Fortify Offers States Analysis
News  |  1/31/2008  | 
Secretaries of State are offered free source code analyzer to ensure security of state-owned electronic voting systems
Malware for Windows Is Widespread
News  |  1/31/2008  | 
BitDefender Lab's top 10 malware list for January reveals domination of malware exploiting Microsoft Windows Graphics
Spyware Threat Isn't Dead, Experts Say
News  |  1/31/2008  | 
Traditional spyware attacks being replaced by more clandestine, malware-style deployments
Startup Aims for Meatier Signatures
News  |  1/31/2008  | 
New technology promises more visibility into threats, fewer false positives
Stopping Google Blog Spam
News  |  1/31/2008  | 
Removing spam from your Google blog - in seven 'easy' steps
90% of Facebook Apps Have Unnecessary Access to Private Data
Quick Hits  |  1/31/2008  | 
Researcher is building a prototype to protect users' privacy from Facebook 'widgets'
Federal Government To Spend $30 Billion On New Security Efforts
Commentary  |  1/30/2008  | 
One of the most interesting IT security news stories to hit this week is that the Bush administration is apparently proposing $6 billion (maybe this is an increase on existing spending. That's not yet clear) be invested to shore up federal network security next year, and up to $30 billion across seven years. This is good news. Maybe.
The Four (Non) Myths Of IT Security
Commentary  |  1/30/2008  | 
Some of the reports and surveys security firm Symantec has provided over the years I've found both useful and informative. This most recent report, which hit today, isn't one of them.
Tizor Launches Discovery Service
News  |  1/30/2008  | 
Insight into potentially dangerous user behavior with data improves enterprise compliance and security initiatives
Lumension Rolls Out Security Configuration
News  |  1/30/2008  | 
Lumension Security unveils new configuration management to help organizations streamline compliance, improve posture, and reduce costs
Online Tax Service Selects EV SSL
News  |  1/30/2008  | 
Leading online tax filing service turns to VeriSign's Green Bar to ensure trust at tax time
8e6 Technologies Reports Growth in 2007
News  |  1/30/2008  | 
Leader in Internet filtering and reporting expands strategic channel partnerships and European presence for continued growth in 2008
MessageLabs Releases Jan. Spam Report
News  |  1/30/2008  | 
MessageLabs intelligence: spammers exploit new year diffidence - financial uncertainties and personal insecurities
Paper Outlines Methods for Beating Anonymity Technology
News  |  1/30/2008  | 
University professor postulates multiple methods for collecting data on 'anonymous' users
'L0pht ' Reunion on Tap
News  |  1/30/2008  | 
Famed and controversial '90s hacker group plans on-stage get-together in March in Boston
Real Estate Investment Trusts Deploys NAC
News  |  1/30/2008  | 
One of nation's largest real estate investment trusts deploys Mirage Networks to protect against zeroday threats
IR for the Enterprise
News  |  1/30/2008  | 
Mandiant's new incident response appliance carries a big price tag, but comes with heavy-duty features
11 Truths We Hate to Admit
News  |  1/30/2008  | 
To get better, we need to admit we have a few problems
Real Men Don't Fear the Web
Quick Hits  |  1/30/2008  | 
Study reveals 'macho factor' in online security as many males express overconfidence in their system integrity
Are You SCAP Ready?
Commentary  |  1/29/2008  | 
In case you missed it, about a year ago the Office of Management and Budget issued policy memorandum M-07-11, aka the Implementation of Commonly Accepted Security Configurations for Windows Operating Systems. Essentially, this mandates that all federal agency systems must adhere to the Federal Desktop Core Configuration (FDCC) by February 2008. That's this Friday.
Free Identity Theft Webinar Tomorrow
Commentary  |  1/29/2008  | 
This week's release of a new report on Identity Theft (and strategies for avoiding and combating it) will be accompanied by an online Identity Theft Webinar tomorrow, Thursday, January 31, at 2 pm EST.
Reflex Security Now Supports XenServer
News  |  1/29/2008  | 
Reflex Security announces reflex VSA support for Citrix XenServer; leading virtual security solution secures virtual server environment
Point. Click. Phish.
Commentary  |  1/29/2008  | 
Are you ready to launch your own phishing scam, but don't know where to start? Too tired from your day job to copy write your own fraudulent e-mails? Or, are you like millions of others who just don't know how to leverage Facebook or Orkut for illicit profit? These are no longer problems for you.
Researchers Expose 'Stupid Phisher Tricks'
News  |  1/29/2008  | 
Researchers discover that phishers aren't so good at covering their tracks and protecting their 'booty'
Researchers, Vendors Gear Up for Whaling Attacks
News  |  1/29/2008  | 
Increasingly sophisticated phishing exploits target top executives, wealthy end-users
Barracuda Responds to Trend Micro Lawsuit
News  |  1/29/2008  | 
Barracuda Networks defends free and open source software from patent threat by Trend Micro
Imperva Doubles Revenues, Customers
News  |  1/29/2008  | 
Imperva doubles revenues and customer base in 2007 to extend lead in application data security and compliance market
Lancope Reports Record Growth
News  |  1/29/2008  | 
Lancope dominates global network behavior analysis market in 2007; adoption of StealthWatch drives 100% growth for 2nd consecutive year
Akonix: IM Threats More Sophisticated
News  |  1/29/2008  | 
Akonix issues warnings on trends in instant messaging threat activity; publishes January IM threat report
Sourcefire to Hold Q4/Year-End Report Call
News  |  1/29/2008  | 
Sourcefire will release 4Q07 and full-year financial results after the market closes on February 27, 2008
One-Fourth of iPhones Hacked to Bypass AT&T
Quick Hits  |  1/29/2008  | 
Analyst estimates that 1 million iPhones have been 'unlocked'
Third Brigade Joins PCI SSC
News  |  1/29/2008  | 
Third Brigade announces that it has joined the PCI Security Standards Council as a participating organization
Abaca Launches Channel Program
News  |  1/29/2008  | 
Abaca launches comprehensive channel program designed to maximize partner success
Should Your IP Address Be Private?
Commentary  |  1/29/2008  | 
The European Union has just ruled that Spain's Telefonica SA doesn't have to hand over the identities of file sharers on its networks . At least, not simply because the allegedly aggrieved party asks for such information.

Whoops: $73 Billion In Fraudulent Trades Just Slipped By Us
Commentary  |  1/28/2008  | 
While there's no hard evidence yet released on what could prove to be one of the largest frauds in financial history, some details are starting to surface. It's my hunch that this case, other than its financial magnitude, will not prove much different than previous insider frauds.
Klocwork Rolls Out Insight
News  |  1/28/2008  | 
Klocwork Insight delivers innovative, patent-pending technology to empower the developer community
IronPort Upgrades Email Security Appliance
News  |  1/28/2008  | 
IronPort eases messaging administrator's workload with advanced M-Series security management appliance
IT Security Vs. Censorship
Commentary  |  1/28/2008  | 
In a memo distributed to employees, Tribune Co. owner Sam Zell called for all of Tribune's business units to yank the use of content filters. Now, I'm not sure anyone, myself included, would list content filters among their most favorite things. Yet, I'm not so sure Zell made a good move -- at least not for Tribune's IT security.
Google, NTT, & GSA Deploy SAML 2.0
News  |  1/28/2008  | 
Organizations leverage SAML 2.0 Liberty Federation to enable business services, meet regulatory requirements, and protect against fraud
Happy Data Privacy Day!
Commentary  |  1/28/2008  | 
We're less than a week away from finding out whether Punxsutawney Phil predicts six more weeks of winter. While we wait for him to make his annual weather forecast, we've got time to squeeze in another holiday. You may not be as familiar with this one -- there's no parades, gift-giving or time off from work. Frankly, it's a shame we have to acknowledge it at all. But it's a testament of the kind of world we live in. Today is Data Privacy Day.
Exploit Could Taint Forensics
News  |  1/28/2008  | 
Cross-site request forgery (CSRF) attack could falsely implicate an innocent user
Societe Generale: How Did It Happen?
News  |  1/28/2008  | 
Investigation continues as French bank and others try to figure out how a junior trader lost $7B
TriGeo Joins PCI Security Standards Council
News  |  1/28/2008  | 
TriGeo joins PCI Security Standards Council
Metasploit Gets User-Friendlier
News  |  1/28/2008  | 
Version 3.1 of the popular open hacking tool is available
Page 1 / 5   >   >>

FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Take me to your BISO 
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-10
IBM Cloud Pak for Security (CP4S) and could allow a user to obtain sensitive information or perform actions they should not have access to due to incorrect authorization mechanisms. IBM X-Force ID: 198919.
PUBLISHED: 2021-05-10
IBM Control Desk and is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199228.
PUBLISHED: 2021-05-10
IBM Cloud Pak for Security (CP4S) and is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...
PUBLISHED: 2021-05-10
Ticketer is a command based ticket system cog (plugin) for the red discord bot. A vulnerability allowing discord users to expose sensitive information has been found in the Ticketer cog. Please upgrade to version 1.0.1 as soon as possible. As a workaround users may unload the ticketer cog to disable...
PUBLISHED: 2021-05-10
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.