Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in January 2014
<<   <   Page 2 / 3   >   >>
Politically Motivated Cyberattackers Adopting New Tactics, Report Says
News  |  1/21/2014  | 
Organized cybergroups from China, Syria, and Russia are finding new ways to breach enterprises, CrowdStrike reports
HIPAA, SOX & PCI: The Coming Compliance Crisis In IT Security
Commentary  |  1/21/2014  | 
New mandates around datacenter virtualization, enterprise apps, and BYOD will stretch IT security staffs and budgets to the max in 2014.
Target, Neiman Marcus Malware Creators Identified
News  |  1/21/2014  | 
Eastern European team developed memory-scraping Kaptoxa (BlackPOS) malware, sold it at least 40 times, says cyber-intelligence firm
Target, Neiman Marcus Malware Creators Identified
News  |  1/21/2014  | 
Eastern European team developed memory-scraping Kaptoxa (BlackPOS) malware, sold it at least 40 times, says cyber-intelligence firm.
Target Malware Origin Details Emerge
News  |  1/21/2014  | 
Kaptoxa POS malware cited as culprit behind sophisticated, two-stage operation that moved 11 GB of stolen Target data via FTP to a hijacked server in Russia
What Would Judge Leon Say About The 'Big 8'?
Commentary  |  1/21/2014  | 
Why Apple, Facebook, Google, Microsoft, Twitter, and others' open letter against NSA spying practices rings of hypocrisy
Obama Outlines 5 Surveillance Reforms
Quick Hits  |  1/21/2014  | 
NSA's controversial bulk collection of phone records will end, but businesses may be asked to retain data in case the government needs it
Malware: More Hype Than Reality
Commentary  |  1/17/2014  | 
Sure, malware exists, but is it really as bad as the news suggests?
10 Free Or Low-Cost Network Discovery And Mapping Tools
Slideshows  |  1/17/2014  | 
Understand your network so you can defend it better
Microsoft Delays XP Antivirus Doomsday
Quick Hits  |  1/17/2014  | 
Security Essentials for XP gets 15-month extension, but some antivirus vendors promise updates through 2017 and beyond
Target Malware Origin Details Emerge
News  |  1/17/2014  | 
Kaptoxa POS malware cited as culprit behind sophisticated, two-stage operation that moved 11 GB of stolen Target data via FTP to a hijacked server in Russia.
The PLC As An ICS/SCADA Hacking Tool
News  |  1/16/2014  | 
'PLCpwn' hacking tool tucked inside a legitimate programmable logic controller can shut down plant systems -- via a text message
Microsoft Delays Windows XP Antivirus Doomsday
News  |  1/16/2014  | 
Security Essentials for XP gets 15-month extension, but some antivirus vendors promise updates through 2017 and beyond.
5 Surprising Security Gains Achieved From Security Analytics
News  |  1/15/2014  | 
Getting the most out of big data sets and seemingly unrelated security information
SCADA Researcher Drops Zero-Day, ICS-CERT Issues Advisory
News  |  1/15/2014  | 
Flaw could allow an attacker to crash or remotely execute code on Web-based SCADA software product
Java 'Icefog' Malware Variant Infects U.S. Businesses
News  |  1/15/2014  | 
APT attack campaign uses tough-to-detect Java backdoor to compromise US oil company and two other organizations
Feds Fail To Secure Mobile Devices
News  |  1/15/2014  | 
New study finds one-third of government workers use public WiFi and one-fourth don't password-protect the devices.
Java 'Icefog' Malware Variant Infects US Businesses
News  |  1/15/2014  | 
APT attack campaign uses tough-to-detect Java backdoor to compromise US oil company and two other organizations.
Blackphone Promises To Block Snooping
News  |  1/15/2014  | 
Geeksphone and Silent Circle promise their new smartphone will lock out spies. But the details, including how it works, aren't clear.
What Healthcare Can Teach Us About App Security
Commentary  |  1/15/2014  | 
The Centers for Disease Control protects people from health threats and increases the health security of our nation. Its a mission thats not so different from InfoSec.
5 Security Services To Consider In 2014
News  |  1/15/2014  | 
Managed and cloud security services will continue to grow this year; companies should focus on a few mature, or maturing, offerings
The Changing Face Of The IT Security Team
News  |  1/14/2014  | 
Big data means big changes in the makeup of IT security teams at large vendors and enterprises
RSA Conference Controversy Swirls, Spurs Debate Over Boycotts
News  |  1/14/2014  | 
Talk of boycotts has circled the RSA conference, but what will the outcome of it all be?
Target Breach: 8 Facts On Memory-Scraping Malware
News  |  1/14/2014  | 
Target confirmed that malware compromised its point-of-sale systems. How does such malware work, and how can businesses prevent infections?
FTC Warns Users Of New Twist On Tech Support Scam
Quick Hits  |  1/14/2014  | 
Scammers now offering "refunds" on bogus tech support services, stealing customer data, FTC says
Feds Failing To Secure Their Mobile Devices
Quick Hits  |  1/13/2014  | 
New study finds one-third of government workers use public WiFi and one-fourth don't password-protect the devices
Target, Neiman Marcus Data Breaches Tip Of The Iceberg
News  |  1/13/2014  | 
'Smash-and-grab' attacks targeted point-of-sale systems -- and, in some cases, spread to databases
9 Security Experts Boycott RSA Conference
News  |  1/13/2014  | 
Several leading security experts have pulled out of the RSA conference over unanswered questions concerning the NSA's $10 million payment to RSA
Neiman Marcus, Target Data Breaches: 8 Facts
News  |  1/13/2014  | 
A cyberattack campaign, likely coordinated, breached data from Target, Neiman Marcus, and at least three other retailers.
Why IT Security RFPs Are Like Junk Food
Commentary  |  1/13/2014  | 
Buying the latest security technology won't save you if your company isn't carrying out basic health checks.
Knowing Your Cyber Enemy: New Services Open Up Possibilities, But Experts Differ On Techniques, Value
News  |  1/13/2014  | 
As commercial capabilities for identifying online attackers improve, experts, service providers debate methods, costs
Target Breach Widens: 70 Million Warned
Quick Hits  |  1/13/2014  | 
Target discovers that personal information -- including names and contact information -- for 70 million customers was compromised in recent data breach
Using Attackers' Tactics To Battle Banking Trojans
News  |  1/10/2014  | 
At the upcoming RSA conference, Trustwave researchers will discuss using obfuscation to break the functionality of banking Trojans, such as ZeuS
Target Breach Widens: 70 Million Warned
News  |  1/10/2014  | 
Target discovers that personal information -- including names and contact information -- for 70 million customers was compromised in recent data breach.
NSA Fallout: Why Foreign Firms Wont Buy American Tech
Commentary  |  1/10/2014  | 
Mounting evidence points to billions of dollars in lost US business thanks to the NSA's collect-everything mindset.
Top 5 IT Risk Management Resolutions For 2014
News  |  1/9/2014  | 
Priorities for improving risk management practices for better security in the coming year
Cloud Gazing: 3 Security Trends To Watch
Commentary  |  1/9/2014  | 
The ultimate success of cloud computing depends on the security solutions we wrap around it.
Q&A: McAfee's CTO On The New Intel Security Brand
Quick Hits  |  1/9/2014  | 
Mike Fey, McAfee enterprise vice president, CTO, and general manager of corporate products, discusses the end of the McAfee brand name
Zero-Day Flaws Found, Patched In Siemens Switches
News  |  1/9/2014  | 
Researcher to release tool to test for the authentication flaws in the Siemens SCALANCE X-200 switch line
Fearing NSA Surveillance, 25 Percent Of Firms Plan To Move Data Offshore
Quick Hits  |  1/9/2014  | 
Scandal over NSA privacy violations causes a quarter of companies to change data hosting locations
Leaked NSA Hacking Tools, Tactics, In Focus
News  |  1/8/2014  | 
Enterprises worry about NSA 'copycat' spying scenarios
Why I Pulled Out Of The RSA Conference
Commentary  |  1/8/2014  | 
Dave Kearns can't abide RSA's reported dealings with the NSA or its suspect security practices.
9 Security Experts Boycott RSA Conference
News  |  1/8/2014  | 
Several leading security experts have pulled out of the RSA conference over unanswered questions concerning the NSA's $10 million payment to RSA.
Senior Managers As The Insider Threat
Quick Hits  |  1/8/2014  | 
New survey exposes poor practices and gaffes by managers who expose company data
How Windows 'Crash Dumps' Aid Defenders
News  |  1/7/2014  | 
The NSA is reportedly using crash dumps to collect feedback on its attempts to exploit flaws in targeted companies and networks, but crash dumps still remain a successful defensive technology
Beware PowerLocker Ransomware
News  |  1/7/2014  | 
Chatter on underground forums traces development of Blowfish-based shakedown malware that encrypts infected PCs.
How Cloud Security Drives Business Agility
Commentary  |  1/7/2014  | 
Cloud computing represents a unique opportunity to re-think enterprise security and risk management.
McClure: Hacking Exposed
News  |  1/7/2014  | 
Security researcher-turned-executive Stuart McClure on surviving a plane crash, witnessing the Morris worm firsthand -- and hacking a college buddy's password
Researcher Uncovers Backdoor In DSL Routers
Quick Hits  |  1/7/2014  | 
Flaw in DSL routers could give attackers full, unauthenticated administrative access, researcher says
Name That Toon: Contest Winners Named
Commentary  |  1/6/2014  | 
We enjoyed all the laughs on the road to choosing the winner of our first cartoon caption contest. Check out the funniest entries.
<<   <   Page 2 / 3   >   >>


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27706
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/&quot;IPMacBindIndex &quot;request. This occurs because the &quot;formIPMacBindDel&quot; function directly passes the parameter &quot;IPMacBind...
CVE-2021-27707
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/&quot;portMappingIndex &quot;request. This occurs because the &quot;formDelPortMapping&quot; function directly passes the parameter &quot;portMappingIn...
CVE-2021-28098
PUBLISHED: 2021-04-14
An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for...
CVE-2021-30493
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wor...
CVE-2021-30494
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wo...