Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in October 2012
<<   <   Page 2 / 4   >   >>
VA Computers Remain Unencrypted, Years After Breach
News  |  10/19/2012  | 
Report faults IT managers for 6-year delay in adopting security measures.
Malware Threatens Medical Device Security
News  |  10/19/2012  | 
Hospitals must contend with older operating systems that lack the latest security patches, and cope with the convergence of medical devices, EHRs, and mobile apps.
Zero-Day Attacks Long-Lived, Presage Mass Exploitation
News  |  10/18/2012  | 
Zero-day attacks escape detection for an average of 10 months; once they go public, attacks multiply dramatically, researchers find
Citadel Trojan Gets More Customer-Friendly
Quick Hits  |  10/18/2012  | 
RSA says 'Rain Edition' offers dynamic configuration for bots, friendlier user interface
Health Data Breach Response: Culture Change Needed
News  |  10/18/2012  | 
Seattle Children's Hospital CISO builds incident response team and culture of continuous improvement concerning data breaches.
Apple Removes Default Java Support In Browsers
News  |  10/18/2012  | 
Some Java security headache relief for Mac users
After Benghazi, State Dept. Seeks Diplomat Tracking Technologies
News  |  10/18/2012  | 
Following deadly attacks on diplomatic facilities in Libya, the Department of State wants new technology to track employees working in the field.
Product Watch: New Fortinet Tools Help Enforce Policy By Device, Reputation
Quick Hits  |  10/18/2012  | 
FortiOS 5.0 enables enterprises to restrict user access based on behavior, device ownership
Could Hackers Change Our Election Results?
News  |  10/18/2012  | 
Many of the same vulnerabilities exist in electronic voting systems as the last time we elected a president, and new ones abound that could put voter databases at risk and undermine civic confidence
Google Helps Webmasters Disavow Spammy Links
News  |  10/17/2012  | 
New Disavow tool gives website owners a way to distance their sites from linkspam.
Adobe Bolsters Security In Reader, Acrobat XI
News  |  10/17/2012  | 
Adobe builds on its sandboxing protections as part of a series of moves to improve security
The Secure Operating System Equation
News  |  10/17/2012  | 
Many experts like the idea of a purpose-built, secure operating system. It's just that adopting one is not so straightforward, even if it's specifically for security-strapped SCADA systems
How Fusion-io Makes The World's Data Go Faster
News  |  10/17/2012  | 
Fusion-io exec describes how the company's hardware and software enable data center managers to build faster, more cost-effective storage arrays, in the latest episode of Valley View.
3 Must-Fix Vulnerabilities Top Oracle CPU Patches
News  |  10/17/2012  | 
Two CVSS 10.0 and one 9.0 flaws top the charts on a Critical Patch Update list chock full of remotely exploitable vulnerabilities
What Huawei, ZTE Must Do To Regain Trust
Commentary  |  10/16/2012  | 
The U.S. is not the only country scrutinizing the security of Chinese-made telecom equipment from Huawei and ZTE. Without major changes, significant contracts are at risk.
Communication Confidential: Startup Offers P2P Encrypted Voice, Text, Video
Quick Hits  |  10/16/2012  | 
Startup Silent Circle rolls out encrypted text, voice, video -- and soon, email -- for the ultra privacy- and security-conscious
How One Midsize Bank Protects Against Hacks
News  |  10/16/2012  | 
In light of ongoing hacktivist attacks on major banks, Lake Trust Credit Union information security pro shares insights on how a smaller bank stays secure without too-big-to-fail resources.
Hackers Rob $400,000 From Washington Town
News  |  10/16/2012  | 
Small Washington State town lost funds from its own Bank of America account, as well as employees' and residents' bank account information.
Seagate Seeks Enterprise HDD Comeback
News  |  10/16/2012  | 
Seagate tries to recapture its lead from Western Digital, debuts three new hard disk drives with enterprise-class performance and security.
Meet Flame Espionage Malware Cousin: MiniFlame
News  |  10/16/2012  | 
Suspected Flame module turns out to be standalone attack code in use since at least 2010, described as targeted cyberweapon for conducting in-depth surveillance and espionage.
Keeping Data Out Of The Insecure Cloud
News  |  10/16/2012  | 
Companies looking to keep their data safe need to give their employees a choice of solid file-sharing services and apps. Otherwise, it's back to their insecure favorites
Researchers Identify Banks Targeted In Forthcoming Attack
Quick Hits  |  10/15/2012  | 
Bank of America, Chase, Citibank said to be among institutions under the gun from planned Gozi-Prinimalka malware attack
A False Sense Of Security
Commentary  |  10/15/2012  | 
Cutting-edge security technologies are critical to safeguarding data integrity. However, organizations need to also focus on developing effective policies and practices to fully protect crucial information assets
Bank Hacks: Iran Blame Game Intensifies
News  |  10/15/2012  | 
Wells Fargo official says scale of the attacks was "pretty significant." Is this the face of "cyberwar"?
Should You Buy From Huawei?
Commentary  |  10/15/2012  | 
Congress says U.S. companies should not purchase products from Chinese firms Huawei and ZTE, citing national security concerns. I say Congress is dealing more in fear than facts.
LulzSec Attacker Pleads Guilty To Sony Pictures Hack
News  |  10/15/2012  | 
Defendant agrees to pay restitution toward Sony's $600,000 data breach cleanup costs.
Next-Generation Malware: Changing The Game In Security's Operations Center
News  |  10/15/2012  | 
Sophisticated, automated malware attacks are spurring enterprises to shift their security technology, staffing strategies
U.S. Defense Secretary Sends Veiled Warning To Iran
Quick Hits  |  10/14/2012  | 
Panetta says Tehran is developing cyberplans; former official says U.S. has linked Iran to attack at Saudi Aramco
Security Monitoring An Elixir For Intrusion Costs?
News  |  10/13/2012  | 
A recent study of the costs of cybercrime finds that security intelligence, including monitoring and threat intelligence, reduces the costs of cyberattacks the most
6 Reasons iOS 6 Jailbreaks Will Be Tough
News  |  10/12/2012  | 
Glory hounds hoping to jailbreak Apple's newest devices won't have an easy time of it. Security experts detail the challenges.
DOD: Hackers Breached U.S. Critical Infrastructure Control Systems
News  |  10/12/2012  | 
Defense secretary Leon Panetta says cyberattacks against critical infrastructure at home and abroad--some of which he called the worst to date--should spark urgent action against the hacker threat.
U.S. Bank Hacks Expand; Regions Financial Hit
News  |  10/12/2012  | 
Attacks by self-described Muslim hackers, now in their fourth week, hit Regions Financial Thursday. Hacking campaign has also disrupted Capital One and SunTrust banking websites.
iOS6 Ad Tracking: How To Opt Out
News  |  10/12/2012  | 
By default, iOS 6 tracks iPhone and iPad owners' browsing history to serve advertisements.
Bolster SMB Security Practices, Budgets Through Risk Management
News  |  10/12/2012  | 
Simplification of risk quantification, smart partnering, and automation all play a role in helping SMBs take advantage of IT risk management benefits
Bromium Strengthens Desktop Security Using Virtualization
News  |  10/11/2012  | 
Ex-Citrix CTO Simon Crosby says Bromium's vSentry technology isolates suspicious activity in a virtual machine, then identifies and flushes it when the VM is erased.
Popular RATs Found Riddled With Bugs, Weak Crypto
News  |  10/11/2012  | 
Research by former interns for Matasano Security exposes flaws in remote administration tools
Florida University Breach Exposes Data On 279,000
Quick Hits  |  10/11/2012  | 
At least 50 Northwest Florida State College employees hit by identity theft at this point -- including the university's president
Advertisers' 'Do Not Track' Protests Fail Smell Test
Commentary  |  10/11/2012  | 
An almost comic war of words continues between advertisers and Microsoft regarding do not track technology in Internet Explorer 10. Funny thing: The only tracking option advertisers want is opt-out.
Hackers Launch New Wave Of U.S. Bank Attacks
News  |  10/11/2012  | 
Hacker group disrupts Capital One, SunTrust websites, compares its campaign against anti-Muslim movie to Kate Middleton's suit against a French magazine.
Mozilla Suspends Firefox 16 Downloads: Serious Bug
News  |  10/11/2012  | 
Mozilla warns that Firefox 16 contains significant vulnerability, plans to offer patched version for download as soon as possible.
Report: Four Out Of Five Phishing Attacks Use Security Scams
Quick Hits  |  10/11/2012  | 
Phishers scare users into clicking by sending security 'alerts,' Websense says
Dodging 5 Dangerous Database Default Settings
News  |  10/11/2012  | 
Out-of-the-box settings and weak configuration of databases make it easier for thieves to break into data stores and harder for IT to quickly detect breaches
Walking The Mobile Mile
Commentary  |  10/10/2012  | 
Putting the 'i' in identity means navigating the hidden complexities in mobile identity
Mild-Mannered Malware Sleuth Rocks Security
News  |  10/10/2012  | 
Botnet and malware expert Joe Stewart chats up his self-taught skill of picking apart malware and botnets, how targeted companies are in denial, Metallica -- and his raucous rock 'n' roll years
Appthority Cuts Through Enterprise Mobility Chaos
News  |  10/10/2012  | 
Startup pitches its tech for simplifying mobile app and device management. Check out our video coverage from InformationWeek 500 and Valley View.
Web API Allows Phishing Attack
News  |  10/10/2012  | 
A recent addition to HTML5, the Fullscreen API, appears to be easily abused.
Windows 8: 4 Smart Security Improvements
News  |  10/10/2012  | 
Will Windows 8 be the most secure Microsoft operating system to date? One security expert sees promising signs.
BYOD: Filling The Holes In Your Security Policy
News  |  10/10/2012  | 
Allowing personal mobile devices at work can create new risks for your enterprise. Is your security policy ready?
Clear Ballot's Mission: Fast Audits Of Election Results
News  |  10/10/2012  | 
Software audits voting results in time for elections officials to fix problems before results are certified. Trials begin in Florida, New York, and New Hampshire in November.
Appthority & The Mobile Enterprise
Appthority & The Mobile Enterprise
Dark Reading Videos  |  10/9/2012  | 
Some of the most innovative new enterprise technologies come from start-ups, but doing business with them can be risky, given their unproven products and short track records. With Anthony Bettini, Co-Founder and CEO of Appthority.
<<   <   Page 2 / 4   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-39229
PUBLISHED: 2021-09-20
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. In affected versions users who use Apprise granting them access to the IFTTT plugin (which just comes out of the box) are subject to a denial of service attack...
CVE-2021-41083
PUBLISHED: 2021-09-20
Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any ma...
CVE-2021-34650
PUBLISHED: 2021-09-20
The eID Easy WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the error parameter found in the ~/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.6.
CVE-2021-41082
PUBLISHED: 2021-09-20
Discourse is a platform for community discussion. In affected versions any private message that includes a group had its title and participating user exposed to users that do not have access to the private messages. However, access control for the private messages was not compromised as users were n...
CVE-2020-16630
PUBLISHED: 2021-09-20
TI&acirc;&euro;&trade;s BLE stack caches and reuses the LTK&acirc;&euro;&trade;s property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that...