Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in November 2011
<<   <   Page 2 / 4   >   >>
Android Security Becomes FUD Fest
Commentary  |  11/21/2011  | 
Big scary warnings about Android security just keep on coming. Are you focused on the right MDM questions?
Hacker Apparently Triggers Illinois Water Pump Burnout
News  |  11/21/2011  | 
Attack illustrates the extent to which industrial control systems are Internet-connected, yet lack basic password checks or access controls.
Researchers: Seven Annoying Attacks That Facebook Misses
Quick Hits  |  11/18/2011  | 
Social networking giant might have fixed its porn problem, but it has plenty of other issues to reckon with, experts say
Tech Insight: Securely Adding New Users -- And Subtracting Old Ones
News  |  11/18/2011  | 
How can enterprises quickly provision new users with secure access and "off-board" users who should no longer be on the system? Here are some tips
App Freedom Vs. Corporate Security
Commentary  |  11/18/2011  | 
IT has to walk a fine line when securing user-owned mobile devices.
Army's Next-Gen Training Tools: SMBs Invited To Compete
News  |  11/18/2011  | 
Military asks small and midsize businesses to create wearable communications gear and tech that mimics feeling of explosions and bullets.
Defense Dept. Jumps On Climate Change Research
News  |  11/18/2011  | 
DOD says poor intelligence on the negative effects of climate change poses a national security threat.
Healthcare Breach Exposes Nearly 4 Million Patients' Data
News  |  11/18/2011  | 
California healthcare organization was in the midst of an encryption rollout when unencrypted machine with patent databases was stolen.
Stolen Desktop Computer Exposes Data Of Nearly 4 Million Patients
Quick Hits  |  11/17/2011  | 
Healthcare organization was in the midst of an encryption rollout when unencrypted machine was stolen
Windows 8 To Streamline Patching Reboots
News  |  11/17/2011  | 
Only one restart per month to coincide with Patch Tuesday
Biometrics Beyond Fingerprints And Iris Scans
News  |  11/17/2011  | 
There are more exotic ways to confirm identity beyond the usual suspects, including DNA profiling and ear recognition.
Biometrics Demystified: What You Need To Know
News  |  11/17/2011  | 
From fingerprints and retina scans to DNA and gesture recognition, the technology is advancing while costs are declining. Here's what you need to know.
Pirated Software Hurts U.S. Jobs, Economy, Microsoft Says
News  |  11/17/2011  | 
Companies that use illegally copied software put more scrupulous competing companies--and countries--at a disadvantage, Microsoft argues in its latest anti-piracy push.
Facebook Porn Spam Appears Unrelated To Anonymous
News  |  11/17/2011  | 
Despite initial reports of a link, Facebook spam carrying pornographic images wasn't related to Fawkes, new malware supposedly developed by Anonymous, security experts say.
4 Security Issues SMBs Should Watch In 2012
News  |  11/17/2011  | 
Webroot's CTO looks ahead and shares security predictions that will matter to small and midsize businesses.
GAO Rips IRS Taxpayer Data Security
News  |  11/17/2011  | 
Auditors find holes in the federal revenue agency's database access control and security.
Who's In Your Database? A Look At Access Control Strategies
News  |  11/16/2011  | 
Least-privilege users. Role-based access control. What's the best way to provision database users? Here's a guide that offers some answers
Facebook: Porn, Violent Images Were Self-Inflicted
Quick Hits  |  11/16/2011  | 
Surprising images on Facebook walls are result of "self-cross-site scripting" vulnerability, social media giant says
GAO Audit Of IRS Highlights Common Database And Access Control Woes
News  |  11/16/2011  | 
Problems with incomplete initiatives to meet auditors' demands for improved access control and data security are rampant at IRS and beyond
Zero-Day BIND Flaw Crashes DNS Servers
News  |  11/16/2011  | 
ISC issues temporary patch to stop more DNS BIND server crashes, but no details yet on the actual flaw
Romanian Accused Of NASA Hacks
News  |  11/16/2011  | 
A 26-year-old Romanian man stands accused of hacking into NASA servers, modifying data, and restricting access to them last December.
Verizon Uses Predictive Modeling To Detect Health Fraud
News  |  11/16/2011  | 
Verizon software can spot doctors prescribing excessive amounts of medication and other trends that indicate falsified billings.
Patients Have Security Concerns On Data Sharing
News  |  11/16/2011  | 
New report by PwC reveals what consumers think about data sharing, privacy and security, online consultations, social media in healthcare, and more.
Big Data And Bad Security
Commentary  |  11/16/2011  | 
The rush to collect and mine big data leaves data security in the dust
7 Facts On Duqu Malware Attacks
News  |  11/16/2011  | 
Research into Duqu malware finds a component compiled in 2007, but identified successful attacks that occurred as recent as April 2011.
Facebook Blames Porn Attack On Browser Bugs
News  |  11/16/2011  | 
Attack spread a massive quantity of hardcore pornography and violence images via a cross-site scripting flaw.
Google Wi-Fi Privacy Fix, Explained
News  |  11/15/2011  | 
Workaround stops Google from storing your network's location in its database of Wi-Fi access points, but there's a naming catch.
Survey: Half Of Firewall Rules Improperly Configured
Quick Hits  |  11/15/2011  | 
Firewall administration, auditing still mostly a manual process, leading to errors and breach risks
New Lingua Franca For Exchanging Cyberattack Intelligence
News  |  11/15/2011  | 
Free, open-source framework from Mandiant aimed at simplifying the sharing of attack information technical details among victim organizations
Focus Needed To Stem Increase In Insider Fraud
News  |  11/15/2011  | 
Latest global fraud report shows an overall decrease in fraud, but an increase in insider fraud; companies that take security measures fare best
Plugging The Kiosk-Sized Security Hole
Commentary  |  11/15/2011  | 
Companies like to set up Internet kiosks for customers and job applicants, but their convenience can be their undoing
RSA Breach: Eight Months Later
News  |  11/15/2011  | 
Worries still linger of future attacks, but experts hope the event shook industry out of black-and-white security mentality.
Gauging The Long-Term Effects Of RSA's Breach
News  |  11/14/2011  | 
Worries still linger of future attacks, but experts hope the event shook industry out of black-and-white security mentality
Breach Of University Server Threatens Personal Data Of More Than 175,000
Quick Hits  |  11/14/2011  | 
Attackers use one server to launch an attack on a second server containing sensitive info
Baking Strong Authentication Into Client Devices
News  |  11/14/2011  | 
MasterCard, Symantec's VeriSign VIP support new Intel Core two-factor authentication technology
Data Mining Snares Health Insurance Fraud
News  |  11/14/2011  | 
LexisNexis applies predictive modeling, a massive database, and high-performance computing cluster technology to spot health insurance fraud before claims are paid.
W3C Proposes Do Not Track Privacy Standard
News  |  11/14/2011  | 
Microsoft, Mozilla, Google, Apple, privacy groups, and online advertising associations work to balance consumers' interests with Web companies' requirements for user data.
Encryption Security Lags In Healthcare?
News  |  11/14/2011  | 
Tech leaders warn policymakers that even as more electronic health records flood health IT systems, more encryption is needed.
Research: Small Merchants Don't Believe PCI Compliance Will Protect Them
News  |  11/11/2011  | 
Study finds a continued lack of knowledge on PCI DSS
Encryption And Other Database Security Lag At Healthcare Organizations
News  |  11/11/2011  | 
Tech leaders warn policy makers that even as more electronic medical records flood health IT systems, security controls remain sparse
Hackers Crack Steam Database
Quick Hits  |  11/11/2011  | 
Gaming giant is platform for more than 35 million users
Facebook Privacy: 6 Key Moments
News  |  11/11/2011  | 
As FTC settlement nears on opt-in privacy settings, take a look back at Facebook's key privacy flaps.
FBI Botnet Bust Hinged On Public-Private Partnership
News  |  11/11/2011  | 
International, industry collaboration key to takedown of $14 million click fraud botnet operators.
Computershare Data Theft Underscores Insider Threat Risk
News  |  11/11/2011  | 
Former risk management professional walked off with confidential company data, says lawsuit.
Survey Shows Slack Security 'Tudes
Quick Hits  |  11/10/2011  | 
One-third of users say security policy doesn't matter, and one-fourth don't worry about security
So You Want To Be A Zero Day Exploit Millionaire?
Commentary  |  11/10/2011  | 
On the active market for reporting and selling zero day vulnerabilities, you can make big money. But you'll have to answer difficult ethical questions.
Teaming Up To Take Down Threats
News  |  11/10/2011  | 
Security professionals are leery of one-way public-private partnerships, but Operation Ghost Click shows that the model is necessary to take on international threats
DARPA Seeks New Methods For Biometric Authentication
News  |  11/10/2011  | 
Defense Department invites experts to discuss ways to identify people when they sign into to computers without interrupting their normal activity flow.
Prisons May Be Vulnerable To Stuxnet-Style Attack
News  |  11/10/2011  | 
Researchers found easy-to-write malware could subvert prison control systems, cause spontaneous opening of all cell doors.
FBI Busts $14 Million Botnet Fraud Gang
News  |  11/10/2011  | 
Estonia-based gang's malware altered computers' DNS settings, rerouted them to sites that generated referral revenue for the attackers.
<<   <   Page 2 / 4   >   >>


7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
Can Your Patching Strategy Keep Up with the Demands of Open Source?
Tim Mackey, Principal Security Strategist, CyRC, at Synopsys,  6/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12875
PUBLISHED: 2019-06-18
Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key.
CVE-2017-8335
PUBLISHED: 2019-06-18
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM (Non-volatile RAM). It seems that the POST parameters passed in this...
CVE-2017-8336
PUBLISHED: 2019-06-18
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way that...
CVE-2019-12874
PUBLISHED: 2019-06-18
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
CVE-2012-6711
PUBLISHED: 2019-06-18
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the &quot;echo -e&quot; built-in func...