Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in October 2008
<<   <   Page 2 / 4   >   >>
Halloween Hack Haunts Web Searches
Quick Hits  |  10/23/2008  | 
Legitimate Halloween costume sites infected with rogue antivirus program
Startup Promises to Monitor, Block Text Messaging
News  |  10/23/2008  | 
TextGuard says it can reduce the likelihood of data leaks from a wide variety of mobile devices
New FTC Rules Governing Health Providers Go Into Effect Nov. 1
Commentary  |  10/23/2008  | 
Are you ready? In about a week, new so-called "Red Flag Rules" from the FTC go into effect, aimed at curbing medical identity theft.
7 Fantastic Internet Hoaxes
News  |  10/22/2008  | 
Despite our increasing technological sophistication, we can't help falling for e-mail about Bigfoot, giant mutant cats, doomed tourists, and deadly butt spiders.
Radio Daze: Are Your Keyboards Sending Signals To Cybercrooks?
Commentary  |  10/22/2008  | 
Some new research confirms that even wired keyboards may be sending detectable keystrokes as much as twenty meters. Detectable signals means signals that can be captured, and that twenty meters includes penetrating walls. Great.
Clustered NAS In The Cloud
Commentary  |  10/22/2008  | 
It seems that nowhere is the use of clustered NAS going to be more prevalent than in the cloud. They seem tailor made for each other because cloud-based services have the need for massive scaling and moderate performance while being very cost effective. Clustered NAS solutions seem to fill that bill.
Compliance Costs Increasing, Study Says
Quick Hits  |  10/22/2008  | 
Despite progress in compliance projects, most companies spent more in the past year than they did the year before
'Block the Vote' Tactics Go Online This Election
News  |  10/22/2008  | 
Electronic Privacy Information Center predicts potential for spoofed Websites, fake VOIP call blasts, phishing, and DOS - to suppress voters
Protecting Your Identity: It's About Much More Than Tech
Commentary  |  10/21/2008  | 
When thinking about identity theft, we often get caught up in the big retail hacks, the lost and unencrypted backup tapes, and how we interact with Web sites. But that's often the wrong focus. Here's why.
Computer Keyboards Betray Users' Keystrokes To Radio Eavesdroppers
News  |  10/21/2008  | 
Swiss security researchers demonstrate that even wired keyboards emanate signals that can reveal a user's keystrokes.
Counting The Costs Of Cybercrime
Commentary  |  10/21/2008  | 
Have we been underestimating the financial costs of cybercrime? Maybe so says a new guidebook from the American National Standards Institute (ANSI) and The Internet Security Alliance (ISA.) And it may well be maybe so and then some.
Report: Energy Companies Are Top Target of Web-Borne Malware
Quick Hits  |  10/21/2008  | 
ScanSafe questions whether jump indicates that sensitive industries are under organized attack
Microsoft Blue Hat: Researcher Demos No-Hack Attack
News  |  10/21/2008  | 
Wealth of available online data on individuals, businesses can be used in targeted attacks
Hackers Steal Money From French President Sarkozy's Bank Account
News  |  10/20/2008  | 
An investigation is under way and the bank in question could face sanctions if it's found to be responsible, French officials said.
SensorNets To Help Curb Retail Theft
Commentary  |  10/20/2008  | 
One of the biggest wastes retailers must endure is inventory items that mysteriously disappear. Goods all too commonly vanish from the warehouses where they're stored, during their shipment, and from within the store itself. The German Fraunhofer Institute for Integrated Circuits IIS has some ideas on how tech can be used to slow the shrinkage.
Clustered NAS, Part One
Commentary  |  10/20/2008  | 
It seems as though every manufacturer is now offering clustered NAS. There are so many variants that I can't cover everything about them in one entry, but basically each solution tends to focus on a particular capability; some are built for scale, others are built for performance, and, of course, there are solutions that try to deliver a happy medium. Over the next several entries we will do some exploration of these systems and where they might make sense for you.
Google Told To Reveal Gmail 'Spybox' Account Info In CTO Espionage Case
News  |  10/20/2008  | 
A former iMerge partner is accused of installing a backdoor server in the company's hosting center to send proprietary and financial information to his Gmail account.
Anti-Social Network: Criminal Web Data Brokerage Busted
Commentary  |  10/20/2008  | 
An online members-only marketplace trading in stolen credit card and other financial and confidential information got shut down by the FBI, resulting in dozens of arrests and a renewed law enforcement commitment to chasing economic crimes. Maybe large-scale cycbercrimes and crime networks are going to start getting the sort of concerted and concentrated attention their spread and influence demands.
Making ID & Access Management More Accessible
News  |  10/20/2008  | 
New tools automate, simplify the access certification process
When Dates Attack
Quick Hits  |  10/20/2008  | 
Dating 'alert' sites allow women to put an 'ex' on trial without rebuttal
ANSI Launches Guide to Help Calculate Cyber Security Risk
News  |  10/20/2008  | 
Standards body advocates multi-disciplinary approach to security breach planning
New Calif. State Legislation Threatens Stiff Medical Privacy Penalties
Commentary  |  10/18/2008  | 
Two new state medical privacy laws, AB211 and SB541, make it possible for institutions and individuals to be fined up to $250,000 for being lax when it comes to the medical privacy of California residents. It's about time.
Adobe Flash Player Fix Stops 'Clickjacking'
News  |  10/17/2008  | 
Adobe recommends users upgrade to Flash Player version 10.0.12.36 to avoid bugs that could lead to an attack over Internet Explorer, Firefox, Safari, Opera, or Chrome Web browsers.
Anti-Malware Ain't Effective If It's Fake (And Plenty Of It Is!)
Commentary  |  10/17/2008  | 
30 million anti-virus users can be wrong, very wrong. That's the number estimated to have installed fake anti-malware programs. Not just ineffective against malware, but malware itself!
NASing Around
Commentary  |  10/17/2008  | 
Primary storage needs a break from the capacity optimization drumbeat ... at least mine. Let's focus on one of the other top subjects at SNW: network-attached storage (NAS). It's certainly not a new technology, but NAS has remained near the top of everyone's mind and now with the growing interest in NFS and VMware, there's additional wind in the sails of NAS adoption.
'Human Error' Exposes Personal Information of 3,300 in Indianapolis
Quick Hits  |  10/17/2008  | 
Spreadsheet sat on city Web server for at least 11 days
SSL VPN Secures iPhone, Extranet Sessions
News  |  10/17/2008  | 
Silicon Valley startup gets more mileage out of its VPN
Adobe (Somewhat) Fixes ClickJacking Vulnerability
Commentary  |  10/16/2008  | 
With the release of Flash Player 10, Adobe fixes a critical security vulnerability known as "clickjacking." But for those users who can't or don't want to update to the latest version -- well, they're out of luck for a while.
Primary Storage Under Siege
Commentary  |  10/16/2008  | 
It seemed like Storage Networking World was all set to make solid-state disks the big theme at this year's event, and then the economy went in the tank. Primary storage suddenly became an evil, expensive power-hungry monster that needed to be eradicated. To the rescue came solutions that would compress, dedupe, thin, and migrate this villain down to size.
Georgia Tech Security Report Scarier Than Its Football Team
Commentary  |  10/16/2008  | 
Ready for your cellphone to get grabbed by a botnet? What happens if your VOIP system is targeted by blackmailers? Those are just a couple of the cybercrime concerns raised by a new report from Georgia Tech's computer security watchers and researchers.
Inspector General Report: Two IRS Applications Leave Taxpayer Data at Risk
News  |  10/16/2008  | 
IRS knowingly rolled out systems that contained security vulnerabilities
Report: Paper Ballots More Secure, Accurate Than E-Voting
Quick Hits  |  10/16/2008  | 
Fortify Software gives tips for ensuring your vote is actually counted and uncompromised by hackers
Cell Phone New Cybercrime Frontline
Commentary  |  10/15/2008  | 
Whether it's your iPhone, Windows Mobile device, Android, or BlackBerry -- you're probably using your smartphone more like a computer more and more. That's great, but the more your phone acts like a PC -- the more likely all of the problems associated with PCs will follow, researchers said today. Should you care?
Cellphone Botnets, Blackmailing VOIP & a Healthy Cybercrime Economy
News  |  10/15/2008  | 
New report from Georgia Tech Information Security Center highlights the top threats for '09 and beyond
Test Shows Shortcomings of Antivirus Programs
News  |  10/15/2008  | 
Symantec is leader in very weak field of AV products, Secunia study says
Users Know Security Policy & Break It Anyway, Study Says
Quick Hits  |  10/15/2008  | 
Many users feel they need to work around company security rules, according to RSA research
Demise Of Storm Botnet Clears Way For More Nimble Botnets
Commentary  |  10/14/2008  | 
A number of security researchers now say the infamous Storm botnet, which has been quiet for about a month, could very well be dead. Some are saying the era of big botnets may be over.
Microsoft's Patch Tuesday Vital For Windows Server 2000 Users
News  |  10/14/2008  | 
While it's the Active Directory vulnerability that is rated "critical," fixes for Windows Server 2008 and Windows Vista show the newer operating systems are not immune from attacks.
My (Tentative) Wish List For A Better Secure Browser
Commentary  |  10/14/2008  | 
Web browsers are where the client machine rubber meets the Web server road. So it stands to reason that strong Web browser security is paramount -- far more effective than relying on thousands of Web application/plug-in developers to write more secure code. There are definitely some browser developers that are making strides in the right directions, but none of them are quite there yet. I'm still thinking through this, but if I were writing my wish list for a more secure Web browser today (and,
Intellectual Property Bill Becomes Law: Critics Say It Goes Too Far
News  |  10/14/2008  | 
New law gives authorities more leeway to prosecute thieves who steal sensitive data for piracy or espionage
Feds Shut Down Major Spam Operation
News  |  10/14/2008  | 
Herbal King gang sent billions of spam messages pushing prescription drugs and phony male-enhancement products
Report: Profiting From Patch Tuesday
Quick Hits  |  10/14/2008  | 
New McAfee research shows by the numbers how attackers could manipulate the stock market
McAfee Offers One-Stop Business Security: In 15 Minutes!
Commentary  |  10/13/2008  | 
McAfee's new Total Protection for Secure Business aims to address the top small and midsized business security concerns and give you the tools to deal with them in 15 minutes a day.
Microsoft Readies For Likelihood Of Attacks
Commentary  |  10/13/2008  | 
We provided you the heads up about the Microsoft "Exploitability Index" a couple of months ago when the software company announced the new index, designed to predict the likelihood its security vulnerabilities would be attacked. It's an interesting idea, but will it have much value for practitioners?
Stolen eBay Account Booty Found
Quick Hits  |  10/13/2008  | 
Over 5,000 pilfered accounts - mostly from newly registered, less active eBay user accounts
Saving Storage Dollars -- Manual Moves
Commentary  |  10/13/2008  | 
With the current financial news, IT professionals are looking for ways to keep budgets flat. There is a common misconception in storage that there is only so much you can do. Over the next several entries, we'll explore a host of options that you can implement to curb storage costs. Today, it's manual moves.
Storm May Finally Be Over
News  |  10/13/2008  | 
The infamous botnet has been inactive for nearly a month, which researchers say may signal the demise of Storm as we know it
World Bank (Allegedly) Hacked
Commentary  |  10/11/2008  | 
It seems, based on a FoxNews.com report that broke Friday that the World Bank Group suffered a series of cyberattacks during the past few months. The claims of the level of access gained by the attackers are troubling -- but the real extent of the breach remains in dispute, and unknown.
Stop #1, Munich. Made It
Commentary  |  10/11/2008  | 
I rolled into Munich this morning on the S1 train from the airport, looking forward to public transportation but instead ran smack dab into the Munich Marathon, which means that streets were blocked off and the trams shut down. Oh well, I could have rented a bicycle, but I'm too lazy for that, even though Munich is a bicycle kind of town. I would have rented a motor scooter, but Munich doesn't appear to be a motor scooter burg. Except for those three guys on Vespas who about took me ou
New Back Door Targeting Windows Users Surfaces
Commentary  |  10/10/2008  | 
Security firm Barracuda Networks says it spotted a new virus that attempts to install a back door on the systems of its victims. It's spread via an e-mail purporting to be a Microsoft security update.
<<   <   Page 2 / 4   >   >>


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.