Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in January 2011
<<   <   Page 2 / 4   >   >>
Microsoft Says Outside App Hogging Windows Phone 7 Data
News  |  1/21/2011  | 
A third-party application is responsible for the mysterious 3G data use that plagued some Windows Phone 7 users, said the software maker.
Tech Insight: Layering Up For Malware Protection
News  |  1/21/2011  | 
No one layer of threat detection technology can sufficiently protect the enterprise today from malicious code—a look at five best practices
Stuxnet And Playing Offense Instead Of Defense
News  |  1/20/2011  | 
Security experts call for emphasis on resilience, offense
Crimeware Toolkits Driving Most Online Malware
Quick Hits  |  1/20/2011  | 
Symantec report connects the dots in rise in malware and easy-to-use crimeware kits
Oracle Patches Seven Database Flaws Among 66 CPUs
News  |  1/20/2011  | 
Huge patch release will seal some critical vulnerabilities, database vendor says
Malware, Mobile Lead SMB Security Threats
News  |  1/20/2011  | 
Online marketing and blogs are another key attack vector that small and midsize businesses need to guard, says Blue Coat Security researcher.
Security Experts Probe Oracle Patches
News  |  1/20/2011  | 
While the number of products in the Oracle stables has risen dramatically, the number of quarterly security patches has noticeably declined.
A Job Applicant? Nope, It's A Malware Attack
Quick Hits  |  1/20/2011  | 
Cybercriminals burying malicious code in responses to job postings, IC3 says
Report: Food And Beverage Industry Hit Most By Breaches In 2010
News  |  1/19/2011  | 
Nearly one-third of breaches likely the work of a single organized crime group
Google Docs Preparing For Life As A Platform
News  |  1/19/2011  | 
Renovated last April, Google Docs appears to be getting fixed up again, this time in preparation for third-party applications.
4 Strategies To Lower Mobile Device Risk
News  |  1/19/2011  | 
Employees want their own phones, and managers want them using apps for productivity. Your problem: Secure all this.
Smartphone Hack Highlights More GSM Woes
News  |  1/19/2011  | 
Researcher exploits new bugs in firmware to wrest control of vulnerable iPhone, Android devices
U.S. SMBs Lag In Disaster Recovery Readiness
News  |  1/19/2011  | 
Study finds that legacy equipment and lack of executive buy-in lead American firms to trail global counterparts in their ability to bounce back from an IT disaster.
Schwartz on Security: Bling Botnets Sell Gangster Lifestyle
Commentary  |  1/19/2011  | 
As profit-driven attack toolkits and their supporting botnets muscle up, organizations need more than technology to defend themselves.
Backup Deduplication 2.0 - Density
Commentary  |  1/19/2011  | 
As we continue our requirements for the next era of backup deduplication, the next important area for improvement is in the denseness of systems. This means more raw capacity in less physical space. While getting sufficient power to the data center is a problem for some data centers, the lack of available data center floor space is becoming a problem for even more of them. Backup deduplication systems need to help address that pain by increasing density.
Microsoft Releases Vulnerability Analysis Tool
News  |  1/19/2011  | 
Attack Surface Analyzer, available as a free beta, assesses operating system weaknesses which emerge after an install or an attack.
Malware Volume Doubled In 2010
News  |  1/19/2011  | 
A new threat appears more than once each second, as attackers increasingly turn their attention to social networks, reported Sophos.
Microsoft Offers Another Free SDL Tool
Quick Hits  |  1/19/2011  | 
Attack Surface Analyzer now in beta, and Microsoft adds new SDL consulting service
How Attackers Siphon Data In Targeted, APT Attacks
News  |  1/18/2011  | 
Researchers provide rare inside peek at the exfiltration methods used in targeted attacks
Verizon To Continue Rapid Cloud Ramp
News  |  1/18/2011  | 
The firm will rapidly expand its cloud offerings, with platform-based services, customer relationship management, and enterprise resourcThe telecom provider will expand its cloud computing offerings with platform-based services, and upcoming CRM and ERP apps.e planning launching in 2011.
Two Arrested For AT&T iPad Network Breach
News  |  1/18/2011  | 
One of the men charged argues it's AT&T that should be blamed.
CSC Awarded $30 Million Air Force Cybersecurity Contract
News  |  1/18/2011  | 
The contractor will oversee managed network intrusion detection and prevention systems on both classified and unclassified Defense Department networks.
Malware Toolkits Generate Majority Of Online Attacks
News  |  1/18/2011  | 
Crimeware is growing more automated and effective, lowering the bar for criminals looking to cash in, says Symantec report.
The Relative Risk Of Malware
Commentary  |  1/18/2011  | 
Trend Micro reports there are 3.5 new malware released every second, up from 1 new malware every 1.5 seconds a year ago. But what's your actual risk?
'Ransomware' Threats Growing
News  |  1/18/2011  | 
The malware typically encrypts data or disables master boot records, then extorts money to undo damage and restore access.
Cyber Warfare Risks Overblown
News  |  1/18/2011  | 
Calls for military oversight of cybersecurity distract from protecting against legitimate threats, said the Organization for Economic Cooperation and Development.
Botnets Make Early Splash In New Year
News  |  1/17/2011  | 
As Rustock and Waledac begin pumping spam again, botnet experts say the bad guys will be up to their old tricks -- with some new twists -- in 2011
Backup Deduplication 2.0 - Power Savings
Commentary  |  1/17/2011  | 
In our last entry we opened a discussion of what is needed as we move into the next era of backup deduplication and focused on integration to backup software. Another area that is becoming increasingly important is to be able to lower the power requirements that disk backup deduplication hardware requires. Power is a pressing issue in the data center and disk backup systems need to address those concerns
Report: Stuxnet Joint Israeli-U.S. Operation
Commentary  |  1/16/2011  | 
A story published this weekend adds evidence to what many have suspected all along: that the Stuxnet worm was nation-state designed and developed to set-back Iran's nuclear ambitions.
PS3 Hacker Asserts Right To Alter Sony Hardware
News  |  1/14/2011  | 
George Hotz's lawyers say Sony can't prevent people who have bought the PlayStation 3 from doing whatever they want with the video-game console.
Spectrum Analyzer Catches Cell Phone Cheats In Taiwan
News  |  1/14/2011  | 
Anti-cheating use aside, security experts say spectrum analysis tools could be a new data breach threat vector.
Defying Skeptics, Wikipedia Thrives
News  |  1/14/2011  | 
Rather than being overwhelmed by vandalism, Wikipedia has managed to remain one of the more vital, if not always 100% accurate, sources of information online.
PenFed Breach Shows That Endpoint Compromise Can Affect Database Security
News  |  1/14/2011  | 
Infected laptop led to database breach, credit union says
Mozilla Firefox 4 Beta 9 Available
News  |  1/14/2011  | 
Faster processing of bookmarks and history data arrives alongside many bug fixes.
Obama Administration Scraps 'Virtual Border'
News  |  1/14/2011  | 
The over-budget, under-performing multi-billion SBInet, which had only been deployed over 53 miles of border in four years, will be replaced with a more geographically tailored approach.
DHS Invests $16M In Cybersecurity Testbed
News  |  1/14/2011  | 
The DETECT project will make improvements over the next five years to the Information Sciences Institute's DETERLab at the University of Southern California.
Waledac Botnet Makes Its First Push Of The New Year
Quick Hits  |  1/14/2011  | 
Previously quiet net is now spewing spam again, Websense researchers say
Botnets Resurge After Holiday Break
News  |  1/14/2011  | 
After going dark for about a week, the Waledac and Rustock botnets suddenly resurfaced and began unleashing large quantities of pharmaceutical spam.
CIA Invests In Secure Virtualization, Infrastructure Monitoring
News  |  1/14/2011  | 
Teradici and Red Seal, developers of secure desktop virtualization technology and continuous security infrastructure monitoring, respectively, have formed investment and development agreements with In-Q-Tel, the CIA-based investment firm.
iPhone Users To Ditch AT&T In Droves
News  |  1/14/2011  | 
Apple's decision to allow Verizon into the iPhone market is bad news for its existing carrier partner.
Kudos To Tucson University Medical Center For Firing Alleged Snoops
Commentary  |  1/13/2011  | 
The Tucson University Medical Center reportedly has let go three employees for accessing the medical records of those involved in the Tuscon shooting tragedy without authorization.
Adobe Helps Users Wipe Out Flash 'Cookies'
Quick Hits  |  1/13/2011  | 
Worries over privacy abuse of Adobe Flash's local storage objects led to collaboration with browser vendors for new features
Closing The Chapter On Stuxnet
News  |  1/13/2011  | 
Researcher at Black Hat DC to dispel myths, misconceptions about who was behind the targeted attack, and their motives
Security Researcher Targets SCADA, Releases Exploit
Commentary  |  1/13/2011  | 
Another exploit for SCADA software emphasizes the need for organizations to review their network design and device exposure before they become a victim.
Backup Deduplication 2.0 - Integration
Commentary  |  1/13/2011  | 
Deduplication has moved from a risky hard to explain technology to one that is almost expected by customers from a disk backup device. Next generation backup deduplication systems are going to require a new set of capabilities to make them more than just disk backup. They will have to integrate with the backup software, begin to provide power management, and there needs to be a greater focus on recovery performance.
Google Acquires eBook Technologies
News  |  1/13/2011  | 
The deal strengthens Google's digital content distribution capabilities and diminishes its vulnerability to potential patent lawsuits.
Password Reset
Commentary  |  1/13/2011  | 
The downside of crafting a strong password is that while it's harder to guess or crack, it's also harder to remember and then use
TSA Hacker Sentenced To Prison
News  |  1/13/2011  | 
Former Transportation Security Administration worker Douglas Duchak pled guilty for trying to inject malicious code into government databases after he was fired.
China Industrial Control Software Vulnerable To Trojan Attack
News  |  1/13/2011  | 
Bug could allow an attacker to take control of a widely used Chinese SCADA system by using a Stuxnet-type exploit.
IBM's Database Security Strategy: A Closer Look
News  |  1/12/2011  | 
After years of paying little attention to DB security, Big Blue steps up
<<   <   Page 2 / 4   >   >>


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.