Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in October 2012
<<   <   Page 2 / 4   >   >>
VA Computers Remain Unencrypted, Years After Breach
News  |  10/19/2012  | 
Report faults IT managers for 6-year delay in adopting security measures.
Malware Threatens Medical Device Security
News  |  10/19/2012  | 
Hospitals must contend with older operating systems that lack the latest security patches, and cope with the convergence of medical devices, EHRs, and mobile apps.
Zero-Day Attacks Long-Lived, Presage Mass Exploitation
News  |  10/18/2012  | 
Zero-day attacks escape detection for an average of 10 months; once they go public, attacks multiply dramatically, researchers find
Citadel Trojan Gets More Customer-Friendly
Quick Hits  |  10/18/2012  | 
RSA says 'Rain Edition' offers dynamic configuration for bots, friendlier user interface
Health Data Breach Response: Culture Change Needed
News  |  10/18/2012  | 
Seattle Children's Hospital CISO builds incident response team and culture of continuous improvement concerning data breaches.
Apple Removes Default Java Support In Browsers
News  |  10/18/2012  | 
Some Java security headache relief for Mac users
After Benghazi, State Dept. Seeks Diplomat Tracking Technologies
News  |  10/18/2012  | 
Following deadly attacks on diplomatic facilities in Libya, the Department of State wants new technology to track employees working in the field.
Product Watch: New Fortinet Tools Help Enforce Policy By Device, Reputation
Quick Hits  |  10/18/2012  | 
FortiOS 5.0 enables enterprises to restrict user access based on behavior, device ownership
Could Hackers Change Our Election Results?
News  |  10/18/2012  | 
Many of the same vulnerabilities exist in electronic voting systems as the last time we elected a president, and new ones abound that could put voter databases at risk and undermine civic confidence
Google Helps Webmasters Disavow Spammy Links
News  |  10/17/2012  | 
New Disavow tool gives website owners a way to distance their sites from linkspam.
Adobe Bolsters Security In Reader, Acrobat XI
News  |  10/17/2012  | 
Adobe builds on its sandboxing protections as part of a series of moves to improve security
The Secure Operating System Equation
News  |  10/17/2012  | 
Many experts like the idea of a purpose-built, secure operating system. It's just that adopting one is not so straightforward, even if it's specifically for security-strapped SCADA systems
How Fusion-io Makes The World's Data Go Faster
News  |  10/17/2012  | 
Fusion-io exec describes how the company's hardware and software enable data center managers to build faster, more cost-effective storage arrays, in the latest episode of Valley View.
3 Must-Fix Vulnerabilities Top Oracle CPU Patches
News  |  10/17/2012  | 
Two CVSS 10.0 and one 9.0 flaws top the charts on a Critical Patch Update list chock full of remotely exploitable vulnerabilities
What Huawei, ZTE Must Do To Regain Trust
Commentary  |  10/16/2012  | 
The U.S. is not the only country scrutinizing the security of Chinese-made telecom equipment from Huawei and ZTE. Without major changes, significant contracts are at risk.
Communication Confidential: Startup Offers P2P Encrypted Voice, Text, Video
Quick Hits  |  10/16/2012  | 
Startup Silent Circle rolls out encrypted text, voice, video -- and soon, email -- for the ultra privacy- and security-conscious
How One Midsize Bank Protects Against Hacks
News  |  10/16/2012  | 
In light of ongoing hacktivist attacks on major banks, Lake Trust Credit Union information security pro shares insights on how a smaller bank stays secure without too-big-to-fail resources.
Hackers Rob $400,000 From Washington Town
News  |  10/16/2012  | 
Small Washington State town lost funds from its own Bank of America account, as well as employees' and residents' bank account information.
Seagate Seeks Enterprise HDD Comeback
News  |  10/16/2012  | 
Seagate tries to recapture its lead from Western Digital, debuts three new hard disk drives with enterprise-class performance and security.
Meet Flame Espionage Malware Cousin: MiniFlame
News  |  10/16/2012  | 
Suspected Flame module turns out to be standalone attack code in use since at least 2010, described as targeted cyberweapon for conducting in-depth surveillance and espionage.
Keeping Data Out Of The Insecure Cloud
News  |  10/16/2012  | 
Companies looking to keep their data safe need to give their employees a choice of solid file-sharing services and apps. Otherwise, it's back to their insecure favorites
Researchers Identify Banks Targeted In Forthcoming Attack
Quick Hits  |  10/15/2012  | 
Bank of America, Chase, Citibank said to be among institutions under the gun from planned Gozi-Prinimalka malware attack
A False Sense Of Security
Commentary  |  10/15/2012  | 
Cutting-edge security technologies are critical to safeguarding data integrity. However, organizations need to also focus on developing effective policies and practices to fully protect crucial information assets
Bank Hacks: Iran Blame Game Intensifies
News  |  10/15/2012  | 
Wells Fargo official says scale of the attacks was "pretty significant." Is this the face of "cyberwar"?
Should You Buy From Huawei?
Commentary  |  10/15/2012  | 
Congress says U.S. companies should not purchase products from Chinese firms Huawei and ZTE, citing national security concerns. I say Congress is dealing more in fear than facts.
LulzSec Attacker Pleads Guilty To Sony Pictures Hack
News  |  10/15/2012  | 
Defendant agrees to pay restitution toward Sony's $600,000 data breach cleanup costs.
Next-Generation Malware: Changing The Game In Security's Operations Center
News  |  10/15/2012  | 
Sophisticated, automated malware attacks are spurring enterprises to shift their security technology, staffing strategies
U.S. Defense Secretary Sends Veiled Warning To Iran
Quick Hits  |  10/14/2012  | 
Panetta says Tehran is developing cyberplans; former official says U.S. has linked Iran to attack at Saudi Aramco
Security Monitoring An Elixir For Intrusion Costs?
News  |  10/13/2012  | 
A recent study of the costs of cybercrime finds that security intelligence, including monitoring and threat intelligence, reduces the costs of cyberattacks the most
6 Reasons iOS 6 Jailbreaks Will Be Tough
News  |  10/12/2012  | 
Glory hounds hoping to jailbreak Apple's newest devices won't have an easy time of it. Security experts detail the challenges.
DOD: Hackers Breached U.S. Critical Infrastructure Control Systems
News  |  10/12/2012  | 
Defense secretary Leon Panetta says cyberattacks against critical infrastructure at home and abroad--some of which he called the worst to date--should spark urgent action against the hacker threat.
U.S. Bank Hacks Expand; Regions Financial Hit
News  |  10/12/2012  | 
Attacks by self-described Muslim hackers, now in their fourth week, hit Regions Financial Thursday. Hacking campaign has also disrupted Capital One and SunTrust banking websites.
iOS6 Ad Tracking: How To Opt Out
News  |  10/12/2012  | 
By default, iOS 6 tracks iPhone and iPad owners' browsing history to serve advertisements.
Bolster SMB Security Practices, Budgets Through Risk Management
News  |  10/12/2012  | 
Simplification of risk quantification, smart partnering, and automation all play a role in helping SMBs take advantage of IT risk management benefits
Bromium Strengthens Desktop Security Using Virtualization
News  |  10/11/2012  | 
Ex-Citrix CTO Simon Crosby says Bromium's vSentry technology isolates suspicious activity in a virtual machine, then identifies and flushes it when the VM is erased.
Popular RATs Found Riddled With Bugs, Weak Crypto
News  |  10/11/2012  | 
Research by former interns for Matasano Security exposes flaws in remote administration tools
Florida University Breach Exposes Data On 279,000
Quick Hits  |  10/11/2012  | 
At least 50 Northwest Florida State College employees hit by identity theft at this point -- including the university's president
Advertisers' 'Do Not Track' Protests Fail Smell Test
Commentary  |  10/11/2012  | 
An almost comic war of words continues between advertisers and Microsoft regarding do not track technology in Internet Explorer 10. Funny thing: The only tracking option advertisers want is opt-out.
Hackers Launch New Wave Of U.S. Bank Attacks
News  |  10/11/2012  | 
Hacker group disrupts Capital One, SunTrust websites, compares its campaign against anti-Muslim movie to Kate Middleton's suit against a French magazine.
Mozilla Suspends Firefox 16 Downloads: Serious Bug
News  |  10/11/2012  | 
Mozilla warns that Firefox 16 contains significant vulnerability, plans to offer patched version for download as soon as possible.
Report: Four Out Of Five Phishing Attacks Use Security Scams
Quick Hits  |  10/11/2012  | 
Phishers scare users into clicking by sending security 'alerts,' Websense says
Dodging 5 Dangerous Database Default Settings
News  |  10/11/2012  | 
Out-of-the-box settings and weak configuration of databases make it easier for thieves to break into data stores and harder for IT to quickly detect breaches
Walking The Mobile Mile
Commentary  |  10/10/2012  | 
Putting the 'i' in identity means navigating the hidden complexities in mobile identity
Mild-Mannered Malware Sleuth Rocks Security
News  |  10/10/2012  | 
Botnet and malware expert Joe Stewart chats up his self-taught skill of picking apart malware and botnets, how targeted companies are in denial, Metallica -- and his raucous rock 'n' roll years
Appthority Cuts Through Enterprise Mobility Chaos
News  |  10/10/2012  | 
Startup pitches its tech for simplifying mobile app and device management. Check out our video coverage from InformationWeek 500 and Valley View.
Web API Allows Phishing Attack
News  |  10/10/2012  | 
A recent addition to HTML5, the Fullscreen API, appears to be easily abused.
Windows 8: 4 Smart Security Improvements
News  |  10/10/2012  | 
Will Windows 8 be the most secure Microsoft operating system to date? One security expert sees promising signs.
BYOD: Filling The Holes In Your Security Policy
News  |  10/10/2012  | 
Allowing personal mobile devices at work can create new risks for your enterprise. Is your security policy ready?
Clear Ballot's Mission: Fast Audits Of Election Results
News  |  10/10/2012  | 
Software audits voting results in time for elections officials to fix problems before results are certified. Trials begin in Florida, New York, and New Hampshire in November.
Appthority & The Mobile Enterprise
Appthority & The Mobile Enterprise
Dark Reading Videos  |  10/9/2012  | 
Some of the most innovative new enterprise technologies come from start-ups, but doing business with them can be risky, given their unproven products and short track records. With Anthony Bettini, Co-Founder and CEO of Appthority.
<<   <   Page 2 / 4   >   >>

Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/&quot;IPMacBindIndex &quot;request. This occurs because the &quot;formIPMacBindDel&quot; function directly passes the parameter &quot;IPMacBind...
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/&quot;portMappingIndex &quot;request. This occurs because the &quot;formDelPortMapping&quot; function directly passes the parameter &quot;portMappingIn...
PUBLISHED: 2021-04-14
An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for...
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wor...
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wo...