Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in November 2012
<<   <   Page 3 / 3
SCADA Security In A Post-Stuxnet World
News  |  11/6/2012  | 
More SCADA bugs, exploits in the wake of Stuxnet, but gradually improving security in some products, new data shows
More VMware Source Code Leaks To Internet
News  |  11/6/2012  | 
Does the second release -- in less than a year -- of stolen VMware ESX source code put users at risk?
Hackers Hit Symantec, ImageShack, But Not PayPal
News  |  11/6/2012  | 
Despite threats, Anonymous did not take down Facebook or Zynga on Monday. But other hackers detailed their own exploits, releasing employee credentials and source code.
PayPal Denies It Was Hacked By Anonymous
Quick Hits  |  11/6/2012  | 
Hacktivist group claims multiple breaches on Guy Fawkes Day; NBC, Lady Gaga site defaced
Preventing Infrastructure From Becoming An Insider Attack
News  |  11/6/2012  | 
Vulnerable technology supply chains have become a concern of security professionals and politicians alike, but a few steps could help minimize the possibility of attacks
Windows 8 Security Improvements Carry Caveats
News  |  11/5/2012  | 
Many new Windows 8 security features were previously available standalone, or require businesses to buy in to Microsoft's server and cloud vision.
Ex-NSA Official Heads New Global Consortium Issuing Attack-Driven Security Controls
News  |  11/5/2012  | 
'Volunteer army' issues Top 20 Critical Security Controls that public- and private-sector organizations should use for locking down their environments from the latest attacks
VMware ESX Source Code Leaked Online -- Again
News  |  11/5/2012  | 
A hacker has made source code for VMware's ESX hypervisor available for download
Consolidation At The Disk Backup Appliance
Commentary  |  11/5/2012  | 
With a few enhancements, such as tape support and improved reporting capabilities, backup appliances could become the perfect solution for consolidating data protection.
Anonymous Threatens Zynga, Facebook Takedowns
News  |  11/5/2012  | 
Hacktivist collective plans Guy Fawkes Day protest over purported internal Zynga documents that reveal plans to lay off another 1,000 later this month.
Twinstrata Unveils Cloud Storage Platform
News  |  11/5/2012  | 
CloudArray 4.0 adds network attached storage (NAS) capability, new appliances and support for additional cloud service providers.
Tech Insight: Five Steps To Implementing Security Intelligence
News  |  11/4/2012  | 
Building an initiative to collect and analyze threat and risk information takes some planning. Here's a look at the key steps toward making it happen
Team GhostShell Declares War On Russia's Cyberspace
Quick Hits  |  11/4/2012  | 
Hacktivist group leaks 2.5 million accounts and records from a variety of Russian organizations
Apache Server Setting Mistakes Can Aid Hackers
News  |  11/2/2012  | 
Numerous large companies that use free Apache server software leave internal status pages visible, which can help hackers exploit networks.
9 Facts: Play Offense Against Security Breaches
News  |  11/2/2012  | 
Striking back by hacking hackers is a legal and corporate no-no. But IT and security managers can shore up defenses and trick attackers into revealing their identities.
3 Ways To Get Executives To Listen About Risk
News  |  11/2/2012  | 
The C-suite can't make informed decisions about IT security risks that they don't truly understand -- here's how to better communicate what they need to hear
Researchers Develop Cross-VM Side-Channel Attack
News  |  11/1/2012  | 
A new attack vector shows that isolation in public clouds is not a perfect answer for security, researcher says
4 Best Practices: Combat Health Data Breaches
News  |  11/1/2012  | 
Senior health IT experts offer tips on how to bolster security and create a culture of privacy and compliance.
More Than 25% Of Android Apps Know Too Much About You
Quick Hits  |  11/1/2012  | 
Free apps more likely to access personal information than paid apps, and 100,000 apps have access to potentially sensitive information, a pair of new reports say
Android Apps Fail Risk Assessment Check
News  |  11/1/2012  | 
Study finds 26% of Android apps available via official Google Play app store pose a potential risk to enterprise security.
Companies Should Think About Hacking Back Legally, Attorney Says
Quick Hits  |  11/1/2012  | 
Fighting back against cybercriminals can be risky, but there are legal ways to do it, says Hacker Halted speaker
Lies We Tell Our CEOs About Database Security
News  |  11/1/2012  | 
South Carolina government executives' response to breach shows how nontech leadership often views security through a distorted lens
<<   <   Page 3 / 3


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.