Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in November 2010
<<   <   Page 2 / 4   >   >>
Royal Navy Attack Stresses SQL Injection Dangers
News  |  11/19/2010  | 
Attack vector remains a major threat to databases
Google, Microsoft Grow Search Share
News  |  11/19/2010  | 
comCore rankings for October also show Yahoo, Ask Network and AOL slipping a bit.
Malaysian National Charged With Hacking Federal Reserve Bank
Quick Hits  |  11/19/2010  | 
Defendant stole more than 400,000 credit and debit card numbers, authorities say
Server Virtualization's Encapsulation And Its Impact On Backup
Commentary  |  11/19/2010  | 
In our last entry we discussed how the encapsulation of the millions of files that make up a single server into a single file has changed what we expect from storage and the network infrastructure. The same encapsulation may have an even more dramatic impact on data protection that will fundamentally change the way you protect and recover data. It may also change who the 'go to' data protection vendors a
Cox Communications Launches Cell Service
News  |  11/19/2010  | 
First cable provider to start mobile network debuts in California, Nebraska and Virginia using 700-MHz spectrum.
Dark Reading Switches To New App Platform; Please Pardon Our Dust
Commentary  |  11/18/2010  | 
New PHP environment will make site more flexible -- sorry for the bumps!
Dangerous Safari Bugs Patched
Commentary  |  11/18/2010  | 
Just days after Apple Inc. patched about 150 vulnerabilities in OS X, the company is releasing yet another batch of security updates for Safari that runs on both OS X and Windows.
Penetration Testing, Vulnerability Scanning, And The Big Picture
News  |  11/18/2010  | 
New technologies aim to show organization's overall security posture
Cisco Videoconferencing Products Contain Vulnerable Credentials
Quick Hits  |  11/18/2010  | 
Researchers were able to use these hard-coded and unchangeable passwords, other vulnerabilities, to access internal network
Qualcomm Details Faster Snapdragon Chipset
News  |  11/18/2010  | 
The MSM8960, heading for smartphones and tablets, supports 4G/LTE and WCDMA and CDMA2000 networks.
U.S. Warns Of 'Huge' Cyber Threats
News  |  11/18/2010  | 
Departments of Defense and Homeland Security are monitoring Stuxnet worm and China, among other critical infrastructure risks.
White Hat Hacker Cracks ZeroAccess Rootkit
News  |  11/18/2010  | 
Analysis may help security firms develop better botnet defenses.
Cloud Security Alliance Unveils GRC Stack
News  |  11/18/2010  | 
Free tools help organizations create public and private clouds that comply with accepted governance, risk, and compliance best practices
Server Virtualization's Encapsulation And Its Impact On Storage
Commentary  |  11/18/2010  | 
To say that server virtualization changes everything is an understatement. In storage though I don't think we understand or give credit to just how much of a game changer storage virtualization really is. For storage managers and backup administrators it has brought new capabilities, new requirements and new problems to solve.
Researchers Link Most Spam To Only 50 ISPs
News  |  11/18/2010  | 
Discovery that spammers are using only a relative handful of Internet providers suggests new ways of stopping botnets.
PhoneFactor Adds Major Retailers To Roster
News  |  11/17/2010  | 
New York & Company, Party City, and Uno Chicago Pizza are three of the largest
U.S.-Based Internet Traffic Was Redirected To China, Researchers Say
News  |  11/17/2010  | 
For 18 minutes, world's Internet traffic was in China's hands
Nearly Two-Thirds Of Companies Have Been Breached In The Past Year, Study Says
Quick Hits  |  11/17/2010  | 
IT security becoming a higher priority in many organizations, CompTIA reports
Possible New Threat: Malware That Targets Hardware
News  |  11/17/2010  | 
Researchers demonstrate proof-of-concept for developing malware that attacks specific hardware processors with 'surgical' precision
Cloud Consortium Releases Security Compliance Tools
News  |  11/17/2010  | 
Free governance, risk management, and compliance stack from the Cloud Security Alliance aims for data-handling and security transparency.
Cisco Sees Jump In Java Attacks
News  |  11/17/2010  | 
About 10% of malware encounters come through search engines, with Google leading the list.
Dell Introduces File Level Encryption
News  |  11/17/2010  | 
Available in locally and centrally managed options, Dell Data Protection Encryption, includes policy templates to support regulatory compliance and reporting.
TSA Turns To YouTube, Twitter Amid Security Backlash
News  |  11/17/2010  | 
The federal agency is using the Web to defend its use of body scanning X-ray machines and physical pat downs for increased airport security
Survey Provides Peek Inside Database Security Operations
Commentary  |  11/17/2010  | 
Database security budgets on the rise, 20 percent expect to suffer a data breach in the next 12 months
Verizon Offers Free Security Credentials To Healthcare Professionals
News  |  11/16/2010  | 
The credentials meet Level 3 authentication requirements and allow healthcare providers to receive digitized health data from other clinicians securely.
Slide Show: Extreme And Alternative Authentication Methods
Slideshows  |  11/16/2010  | 
Passwords are the weakest link in access control, but there are plenty of other, less-traveled options for authentication
Emergency Patch From Adobe Arrives
Commentary  |  11/16/2010  | 
Adobe today released a patch designed to patch a number of critical flaws in Adobe Reader. You'll want to patch this one, quickly.
Google Issuing Fix For Latest Android Vulnerability Disclosure
News  |  11/16/2010  | 
Vulnerabilities could let bad guys install apps on the smartphone without user's permission
Intel Sued By New Mexico University
News  |  11/16/2010  | 
Lawsuit claims the microprocessor giant infringed on the school's patented double-patterning lithography used in chip manufacturing.
TiVo Discounts DVR Pricing
News  |  11/16/2010  | 
Consumers who commit to one- and two-year contracts would get price breaks on Premiere and Premier XL boxes in time for holiday season.
Encryption Adoption Rises, Mainly Thanks To Compliance
Quick Hits  |  11/16/2010  | 
New Ponemon Institute study commissioned by Symantec finds 84 percent of U.S. organizations either deploying encryption or in the process of doing so
Apple Puts The Beatles On iTunes
News  |  11/16/2010  | 
Years of negotiations and a decades-long lawsuit culminate in a settlement.
Larry Ellison's Mistress, And Security As A Blame Game
Commentary  |  11/16/2010  | 
Focus on security, not on finger-pointing
Profiling The Evil Insider
Commentary  |  11/16/2010  | 
How to sniff out a rogue insider
When To Change Passwords
Commentary  |  11/16/2010  | 
Knowing when to change your password depends mainly on what your password is for
NTIA Identifies Spectrum For Commercial Broadband
News  |  11/15/2010  | 
Two spectrum bands totaling 115 MHz that would count toward the president's 500 MHz goal have been named by the National Telecommunications and Information Administration.
Cybercriminals, Insiders May Work Together To Attack Businesses
News  |  11/15/2010  | 
Gaining access and stealing data from companies is sometimes a joint effort between bad guys and employees, experts say
Half Of SMBs Block Social Networks At Work Due To Security Concerns
Quick Hits  |  11/15/2010  | 
One in six small businesses say they have been infected through Web 2.0, Webroot study says
LightSquared Launches SkyTerra 1 Satellite
News  |  11/15/2010  | 
Hybrid satellite/LTE 4G network is planned, with AT&T as the carrier.
Defense Department Aligning Insider Threat Detection
News  |  11/15/2010  | 
Navy, Air Force, Army, and Marines will collaborate to prevent security incidents such as last year's deadly shooting at Fort Hood.
Fake Angry Birds App Exposes Android Vulnerability
News  |  11/15/2010  | 
Flaw bypasses a security control, allowing an application to silently download and grant complete access rights to additional apps.
SSD Lessons From The iPad
Commentary  |  11/15/2010  | 
In their latest quarterly filings Apple stated that they have sold over 4.2 million iPads, exceeding most people's expectations. So popular is the iPad that Apple is taking some of the lessons learned on the product and incorporating them into their next generation of notebooks starting with the MacBook Air. One of those lessons is how Apple is integrating Solid State Disk (SSD) into the product line. Enterprise storage manufacturers need to pay attention and learn a lesson.
Google Sued Over Past Toolbar Troubles
News  |  11/12/2010  | 
The Google Toolbar ignored users' privacy choices, the lawsuit claims.
Spam Trips Symantec Hosted Services
News  |  11/12/2010  | 
Anti-spam service SORBS blacklisted Symantec's hosted email service after Symantec customer's webmail was hacked by spammer.
Police Recruits Screened For Social Media Personas
News  |  11/12/2010  | 
Some law enforcement agencies demand passwords, text messages and identities as part of the hiring process.
Tech Insight: The Basics Of Implementing DNSSEC
News  |  11/12/2010  | 
DNSSEC can help protect your organization from critical Internet threats. But how does it work? This short guide will help you get started
Web-Only Joojoo Tablet Discontinued
News  |  11/12/2010  | 
Manufacturer Fusion Garage pulls plug after one year, but says it will launch Android-based tablets in 2011.
Spam Down In October: Symantec
News  |  11/12/2010  | 
Bust-up of multiple Zeus-using gangs in recent months contribute to decrease
Drive-By Downloads: Malware's Most Popular Distribution Method
Quick Hits  |  11/12/2010  | 
After years of burying malicious software in email and portable storage media, attackers now favor quick downloads via legitimate websites, researcher says
Forget FCoE - The War Is About Convergence
Commentary  |  11/12/2010  | 
There has been a lot written about Fibre Channel over Ethernet (FCoE) the last few years but FCoE was merely an initial skirmish in the battle for the infrastructure. The major systems manufacturers are all placing their bets on everything over Ethernet and that is were the battle will be waged. 2011 may not be the year that you implement a converged infrastructure but it may be the year you decide which vendors you are going to use for convergence.
<<   <   Page 2 / 4   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-32411
PUBLISHED: 2022-07-01
An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.
CVE-2022-32412
PUBLISHED: 2022-07-01
An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.
CVE-2022-34903
PUBLISHED: 2022-07-01
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
CVE-2022-32324
PUBLISHED: 2022-07-01
PDFAlto v0.4 was discovered to contain a heap buffer overflow via the component /pdfalto/src/pdfalto.cc.
CVE-2022-32325
PUBLISHED: 2022-07-01
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.