Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in November 2009
Page 1 / 4   >   >>
Global CIO: Fear Of Facebook For The Enterprise
Commentary  |  11/30/2009  | 
Enterprise social networking, at its worst, looks like another way to get buried in data.
The Futility Of Security By Obscurity
Commentary  |  11/30/2009  | 
Last week saw the launch of Shodan, a search engine for machines (servers, routers, etc.) connected to the Internet.
Free Tool Paints Picture Of Stealthy Attacks
News  |  11/30/2009  | 
Honeynet Project's 'Picviz' gets a graphical user interface
July Theft Of Navy Laptops Serves As Important Reminder
News  |  11/30/2009  | 
Bottom line: External storage drives shouldn't be overlooked as a security risk
IBM Buys Database Security Company
News  |  11/30/2009  | 
By purchasing Guardium, IBM is strengthening its ability to sell to healthcare and financial companies.
Security Gets Top Billing On Cyber Monday
Quick Hits  |  11/30/2009  | 
FBI, others offer tips to protect shoppers during online shopping season
Product Watch: IBM Buys Database Security Firm Guardium
News  |  11/30/2009  | 
Big Blue plans to integrate Guardium's database activity monitoring technology into its information management software products
AppGate Introduces AppGate Mobile Filter Version 1.1
News  |  11/30/2009  | 
AppGate Mobile Filter version 1.1 allows administrators to fully control browsing from mobile units
Security Lessons From Couple's White House Hijinks
Commentary  |  11/30/2009  | 
Even the most stringent security procedures have failures. That fact was evident when the U.S. Secret Service learned a Virginia couple slipped into last week's state dinner at the White House.
'Black Screen of Death' Linked To Microsoft Patch
News  |  11/30/2009  | 
A recent Microsoft security fix has been fingered as one of several possible causes of black screen Windows crashes.
Heap Spraying: Attackers' Latest Weapon Of Choice
News  |  11/30/2009  | 
Difficult to detect reliably, heap spraying was behind an exploit of IE and Adobe Reader
Famous Password Auditing Tool, L0phtCrack Is Back
Commentary  |  11/30/2009  | 
After a couple of years of rest, L0phtCrack, one of the most famous password auditing and recovery tools is back.
Navy Finds Lessons In Stolen Laptops, Storage Drives
News  |  11/30/2009  | 
The theft of computer equipment from a Naval office turned out to be less serious than feared, but served as a reminder on the importance of securing external hard drives and encrypting data.
Cloud Storage Now
Commentary  |  11/30/2009  | 
Cloud storage is constantly being discussed in the IT media today. When you get right down to it, what can businesses really use cloud storage for now? The small office, individual user has embraced cloud storage for backups and for collaboration, but what can larger businesses use these services for?
Global CIO: Oracle, Larry Ellison, The EU, And MySQL
Commentary  |  11/30/2009  | 
Would you be shocked--shocked!--to learn that the EU's battle against Oracle is all about politics, power, and preserving jobs?
Microsoft Provides Insight Into Password Attacks
Commentary  |  11/29/2009  | 
For about a year now, Microsoft has been trying to gather data on real-world attacks, the types of attacks normal users might encounter in their day to day Internet use - and the software maker just released some interesting data on password attacks.
Secure Software Needs Careful Testing--And Lots Of It
News  |  11/25/2009  | 
Security must be woven throughout the software development process. Testing tools are helping make that happen.
Kudos To F-Response's New IR Tool For Ease Of Use
Commentary  |  11/25/2009  | 
F-Response TACTICAL will be released on Thanksgiving Day, with the promise of a plug-and-play ease to help cyber investigators quickly get the evidence they need from live systems.
New Exploit Masquerades As Flash Player Upgrade
News  |  11/25/2009  | 
Phishing campaign has hit more than 3.5 million mailboxes, researchers say
Spammer Gets Four Years In Slammer
News  |  11/25/2009  | 
'Godfather of Spam' Alan Ralsky and three associates sentenced for stock fraud spam scheme
Security Is Chief Obstacle To Cloud Computing Adoption, Study Says
Quick Hits  |  11/25/2009  | 
Half of organizations say they have no plans to use cloud technology; many cite security concerns
NIST Director Sees Key Role In Emerging Technologies
News  |  11/25/2009  | 
Newly confirmed director Patrick Gallagher outlines the agency's efforts in healthcare IT, smart grid, and cybersecurity.
Cyber Monday Security Risks Are All Business
Commentary  |  11/25/2009  | 
Why Cyber Monday for the online shopping surge? Because for many, Monday's the first working day after Thanksgiving. Which means they can do their online shopping on business time, on the business dime, using business machines over business connections. You may not be able -- or want -- to do anything about the productivity drop, but at least you can tell your people to shop safely.
Stay On Top of Source Code Security Flaws
News  |  11/25/2009  | 
Fortify's 360 Server helps developers track flaws and fixes in applications.
Exploit Code Targets Internet Explorer Zero-Day
Commentary  |  11/24/2009  | 
There's exploit code circulating that can be used to target certain versions of Internet Explorer, Microsoft says it's working on a fix.
'Godfather Of Spam' Gets Four Years In Prison
News  |  11/24/2009  | 
Prosecutors hope the prison sentence sends a message to spammers.
CSI Annual Report: Financial Fraud, Malware On The Increase
News  |  11/24/2009  | 
Security pros generally happy with products; not so much with awareness programs
Microsoft Issues Internet Explorer Security Advisory
News  |  11/24/2009  | 
Users of Internet Explorer 6 and 7 may be vulnerable to a malware attack.
NIST Urges Feds To Continuously Monitor Cybersecurity Efforts
News  |  11/24/2009  | 
New document puts more onus on applying risk management throughout the life cycle of IT systems
Report: China's After U.S. Secrets, Technology
News  |  11/24/2009  | 
U.S.-China Economic and Security Review Commission notes a 'marked increase in cyber intrusions originating in China and targeting U.S. government and defense-related computer system'
Microsoft Warns Of Zero-Day Flaw In Older Versions Of IE
Quick Hits  |  11/24/2009  | 
Pointer reference flaw could enable attackers to run their own code on IE machines, software giant says
Employees Stealing Data At Frightening Rate
Commentary  |  11/24/2009  | 
Two new studies indicate that workers are not only able to steal confidential data from employers, they're ready and willing to do so -- at rates that are troubling, if not downright frightening.
The Future Of Storage As A Virtual Machine
Commentary  |  11/24/2009  | 
In our last few entries we looked at what can be done today with storage software running as virtual machines. In this entry we will consider what the future holds for storage as a virtual machine. Storage as a virtual machine may be the only way you apply data services in the future.
Employees Willing To Steal Data; Companies On The Alert
News  |  11/23/2009  | 
Separate studies offer a scary glimpse into the minds of employees, management
Many Enterprises Still Struggling With Remote Security, Cisco Study Finds
Quick Hits  |  11/23/2009  | 
Businesses still not prepared for mobile devices, operational disruptions, report says
New Tool For Centralizing Windows Logs
Commentary  |  11/23/2009  | 
Microsoft has always overlooked centralized logging in Windows. To date, the most effective way to centralize Windows Event Logs has been through event log to syslog tools and custom agents for the various SIEM solutions. But now there's a new kid on the block with a full-featured agent that goes beyond what's previously been offered for free.
Product Watch: Database Acquisition Could Help Check Point Handle Social Network Attacks
Quick Hits  |  11/23/2009  | 
Additional data will help Check Point provide security in Web 2.0 environs, officials say
Jailbroken iPhones Vulnerable To 'Duh' Worm
News  |  11/23/2009  | 
Cybersecurity companies are warning that new malware can turn modified iPhones and iPods into zombies.
Encryption Making Little Headway Among IT Pros: Survey
News  |  11/23/2009  | 
Only 14% of respondents to InformationWeek Analytics' State of Encryption Survey say encryption is pervasive in their organizations
NIST Drafts Cybersecurity Guidance
News  |  11/23/2009  | 
The National Institute for Standards and Technology is urging the government to continuously monitor its own cybersecurity efforts.
New Facebook Worm Warning: Wanna See Something Hot?
Commentary  |  11/22/2009  | 
A new Facebook worm is making the rounds today, with a brilliant landing page that has already caused many infections.
Cisco Rolls Out iPhone Security App
News  |  11/20/2009  | 
The SIO To Go app sends realtime alerts to users' iPhones, notifying of attacks and potential threats to corporate networks.
Microsoft: 'TaterF' Worm Top Malware Threat So Far This Month
News  |  11/20/2009  | 
Software giant reveals November stats from Malicious Software Removal Tool
Former Database Administrator Convicted Of Hacking His Old Firm
News  |  11/20/2009  | 
Ex-employee attacked his old database months after being terminated
Chrome OS Security: Initial Impressions
Commentary  |  11/20/2009  | 
There is much developers can do to build a secure operating system when limits are set on what devices are supported, and there's no regard for compatibility with all types of software applications. I'm sure it's a luxury some software designers in Redmond and Cupertino certainly envy. But that's the clean shot Google has with its new Chrome OS.
Three Indicted For Comcast Site Hack
Quick Hits  |  11/20/2009  | 
'Kryogeniks' gang redirected traffic to its own Web page in 2008
China Cyber Espionage Threatens U.S., Report Says
News  |  11/20/2009  | 
A Congressional advisory report warns that cyber attacks against defense computers are on the rise.
Product Watch: BitArmor Launches Cloud-Based Encryption Managed Service For USBs, Email, Disks
News  |  11/20/2009  | 
DataControl 4.0 service offers military-grade encryption for midsize companies
Storage As A Virtual Machine Details - Part Two
Commentary  |  11/20/2009  | 
Completing our storage as a virtual machine re-interviews were conversations we had with EMC and Nexenta. While our last entry focused on systems that leveraged virtual machines to deliver block I/O storage services these two companies are delivering something a little different, NAS services and backup services.
Twilight's Latest Hacking: Vampire Byte Scam Targets Stephanie Meyer Fans
Commentary  |  11/20/2009  | 
Scareware masquerading as an interview with Twilight author Stephanie Meyer is making the rounds, and fast. Time to pass the word to any of your employees who are Twilight-obsessed and, more importantly, have them pass the word to their kids who may well be chasing the phenomenon on the same computers their parents may use for work-at-home.
Page 1 / 4   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Practical Network Security Approaches for a Multicloud, Hybrid IT World
The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-05-09
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
PUBLISHED: 2022-05-09
In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to tra...
PUBLISHED: 2022-05-08
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
PUBLISHED: 2022-05-08
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
PUBLISHED: 2022-05-08
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.