Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in October 2010
Page 1 / 4   >   >>
State Sues WellPoint Over Data Breach Notification
Commentary  |  10/31/2010  | 
The state of Indiana's attorney general is suing insurer WellPoint Inc. for $300,000 for not notifying customers in a timely enough manner that their data was at risk.
Java Worm Targets Mac OS X
Commentary  |  10/30/2010  | 
A just uncovered Trojan horse is employing an old social engineering ploy on social networks to lure Mac users.
Facebook Launches Friendship Pages, Raises Privacy Concerns
News  |  10/29/2010  | 
The new feature can show the relationship between two Facebook friends through the public information they've shared between each other through Wall posts, photos and more.
Slideshow: The 10 Most Common Database Vulnerabilities
Slideshows  |  10/29/2010  | 
AppSec's Team SHATTER shares the top 10 database vulnerabilities it sees most commonly plaguing organizations over and over again
Firesheep Exposes Need For Encryption
News  |  10/29/2010  | 
Using Facebook, Twitter, Yelp, Flickr, or other Web services on an open WiFi network could lead to lead to account hijacking.
MeeGo 1.1 Released To Developers
News  |  10/29/2010  | 
Linux-based mobile OS allows software creation on Intel Atom and ARMv7 architectures.
Bredolab Botnet Still Spewing Malware
News  |  10/29/2010  | 
Days after Dutch authorities disabled 143 command and control servers, security researchers are seeing new signs of life.
New DDoS Trojan Attacks Sites That Criticize Vietnamese Communist Party
Quick Hits  |  10/29/2010  | 
Politically motivated attacks are becoming more sophisticated, researcher says
Adobe Acknowledges Active Flash Exploit
News  |  10/29/2010  | 
Zero-day bug, which won't be patched for two weeks, is being delivered in a malicious PDF targeted toward job seekers.
Tech Insight: The Five Stages Of Vulnerability Management
News  |  10/29/2010  | 
Like grief, vulnerability management can be a heart-wrenching and complex challenge. Here's a road map that will help you get from denial to acceptance
Identity Theft Council Aims To Bring 'Neighborhood Watch' Concept To Cybersecurity
News  |  10/28/2010  | 
Regional initiatives designed to attack security awareness problem at the grass roots
Small Vendors Driving Innovation In Security, Venture Capitalists Say
News  |  10/28/2010  | 
Major vendors dominate industry revenue, but startups and emerging vendors are the ones behind real change, panelists say
Microsoft Profits Soar 51%
News  |  10/28/2010  | 
Sales of Microsoft Office were up 15% year over year and the software maker's business division, which includes the server and database units, saw 11% growth.
Things To Look Out For In New PCI Version 2.0
News  |  10/28/2010  | 
Payment card security standard hasn't changed much, but there are a few issues to prepare for
The Futility Of A Single Storage Platform
Commentary  |  10/28/2010  | 
Every storage supplier wants to be your only vendor. It sounds like a good idea. It would simplify storage management, simplify purchasing and make it easier to train new IT staff and protect you if the current staff has some turnover. While meeting with users at SNW Europe, I was reminded just how futile of a goal this really is.
Easy-To-Find Brute-Force Tools
News  |  10/28/2010  | 
Tools are available to create word lists that can be used for brute-force attacks to nab passwords.
Social Networks' Threat To Security
News  |  10/28/2010  | 
Weak passwords and insecure personal information could put your company's data at risk.
Banks Weak Against Credit Card Skimming Attacks
News  |  10/28/2010  | 
Gartner warns that anti-skimming standards and technologies aren't keeping up with recent spate of attacks, which can quickly net individual gangs $500,000 a month.
Microsoft Windows Still Vulnerable To DLL Hijacking
News  |  10/28/2010  | 
Even patched applications aren't safe from bug, says ACROS security researcher.
President Should Have 'Kill Switch' For Internet, Most Americans Say
Quick Hits  |  10/28/2010  | 
Worries of Internet security rank below financial, personal, and national security among people worldwide surveyed by Unisys
CIA Invests In Cloud, Web Analytics Startups
News  |  10/28/2010  | 
In-Q-Tel, a Central Intelligence Agency-based non-profit, will work with Cleversafe and Silver Tail Systems to adapt the companies' technologies for intelligence work.
AT&T Partners With Mobile Payment Providers
News  |  10/28/2010  | 
Deals with BilltoMobile, Boku, and Zong give the carrier's wireless subscribers the ability to buy online goods and services from their cell phones.
Talk About Evasion
Commentary  |  10/28/2010  | 
Security research, like fashion, sometimes gets recycled, restyled, and even rebranded. Take network security evasion and sidejacking attacks, both of which have recently re-emerged with researchers taking new spins on these known threats.
Cloud Creates SIEM Blind Spot
News  |  10/27/2010  | 
Current SIEM and log management approaches for network and security devices are 'moot' in the cloud
Java Trojan Bungles Mac Attack
News  |  10/27/2010  | 
Mac malware might be worrisome if it were coded better.
Vietnam Is Riskiest Country Domain, Study Says
Quick Hits  |  10/27/2010  | 
Bad guys say good morning, Vietnam, good night, Singapore
Talk About Evasion
Commentary  |  10/27/2010  | 
What's new is old and what's old is still news
DHS Urged To Bolster Cyber Infrastructure Security
News  |  10/27/2010  | 
Homeland Security must work more with power and telecom network owners to ensure they could survive a disaster, GAO reports.
FTC Ends Google Street View Investigation
News  |  10/27/2010  | 
The steps Google has taken to improve its internal controls are enough for the FTC.
Americans Maximize Social Network Security
News  |  10/27/2010  | 
The U.S. leads the world in restricting the personal information that people can access on their Facebook, Twitter, and other pages, reports Unisys study.
Iranian Cyber Army Joins Botnet Business
News  |  10/27/2010  | 
Up to 20 million machines may be infected by malware network, which may be backed by Iranian authorities, finds Seculert.
Bredolab Botnet Busted
News  |  10/26/2010  | 
The Dutch High Tech Crime Team has seized 143 servers used to infect an estimated 30 million computers and arrested the alleged mastermind behind the botnet.
Virgin America Goes Google
News  |  10/26/2010  | 
The airline is dropping Microsoft Exchange and moving to Google Apps for e-mail.
Emerging Qakbot Exploit Is Ruffling Some Feathers
News  |  10/26/2010  | 
Fast-spreading attack spreads like a worm, stings like a Trojan, RSA researchers say
Retailers Biggest Victims Of Targeted Attacks
Quick Hits  |  10/26/2010  | 
New Symantec data shows one-fourth of all focused attacks hitting retail organizations this month
Java Keeps Security Managers Up At Night
News  |  10/26/2010  | 
Attacks aimed at exploiting vulnerabilities in the Java platform have skyrocketed. Is your enterprise prepared?
Yet Another Botnet Dismantled, Alleged Botmaster Arrested
News  |  10/26/2010  | 
Dutch authorities take unusual tack in directly contacting machines infected by 'Bredolab' botnet
Microsoft Launches Office 2011 For Mac
News  |  10/26/2010  | 
Productivity suite for Mac includes Outlook for first time, in addition to collaboration and social networking tools.
Google 'Mortified' Over WiFi Data Gathering
News  |  10/25/2010  | 
New procedures have been implemented to prevent similar incidents from occurring.
Why Windows Phone 7 Could Be Most Secure Smartphone At Launch
Commentary  |  10/25/2010  | 
One of the interesting things I learned from spending a few days with McAfee recently was that the iPhone is actually one of the most secure smartphones.
Microsoft Windows 8 To Arrive In 2012
News  |  10/25/2010  | 
The next version of the operating system is reported to be coming in the second half of 2012.
New Firefox Plug-In Offers WiFi Cookie-Jacking For 'Average Joe'
News  |  10/25/2010  | 
'Firesheep' tool executes point-and-click sidejacking attacks
Wi-Fi Direct Products Connect Without A Network
News  |  10/25/2010  | 
Atheros, Broadcom, Intel, Ralink and Realtek form first test suite for certification program.
Personal Data Of 280,000 At Risk Following Healthcare Breach
Quick Hits  |  10/25/2010  | 
Portable drive containing data on nearly 300,000 Medicaid patients in Pennsylvania is missing
More Patient Data Dumps
Commentary  |  10/25/2010  | 
Yet another case where patient medical records are left in a dumpster and out in plain sight.
Workers Abusing Social Sites On Corporate Networks
News  |  10/25/2010  | 
Employees' use of Facebook, Gmail, Hotmail and BitTorrent is posing security risks, according to study by Palo Alto Networks.
What Business Data Should Be In The Cloud?
Commentary  |  10/25/2010  | 
In our last entry we discussed different ways that you can move data into the cloud, something I call onramps. In theory the ability now exists to put all your data types on a cloud storage platform, but is that the right choice for your business? How do you determine which data you should put in the cloud?
White House Unveils Internet Privacy Committee
News  |  10/25/2010  | 
Technology council subcommittee will work with federal agencies and lawmakers to balance consumer protection with economic opportunity.
MySpace Sharing User Info With Advertisers
News  |  10/25/2010  | 
Days after Facebook disclosure, the second largest social media site is found committing the same privacy breach.
Americans Ignoring Social Media Privacy Risks
News  |  10/25/2010  | 
Users are worried about the dangers of disclosing personal information on Facebook and other sites, but they do it anyway, finds Lawyers.com study.
Page 1 / 4   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Incorporating a Prevention Mindset into Threat Detection and Response
Threat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time. The report covers areas enterprises should focus on: What positive response looks like. Improving security hygiene. Combining preventive actions with red team efforts.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-05-24
SiteServer CMS < V5.1 is affected by an unrestricted upload of a file with dangerous type (getshell), which could be used to execute arbitrary code.
PUBLISHED: 2022-05-24
SiteServer CMS V6.15.51 is affected by a SQL injection vulnerability.
PUBLISHED: 2022-05-24
SiteServer CMS V6.15.51 is affected by a Cross Site Scripting (XSS) vulnerability.
PUBLISHED: 2022-05-24
Business Logic Errors in GitHub repository erudika/para prior to 1.45.11.
PUBLISHED: 2022-05-24
Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product.