Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in December 2009
Page 1 / 4   >   >>
2010 Security Dreams? GFI Says "Dream On!"
Commentary  |  12/31/2009  | 
Sometimes you've just got to smile, and GFI security expert David Kelleher gave me more than one with his dreams of a security utopia in 2010. Dream on is more like it.
Tech Insight: After The Holidays, It's Time To Re-Examine Smartphone Policies
News  |  12/31/2009  | 
With new portable devices coming out of the wrapping paper, how can enterprise security keep up?
Online Holiday Shopping Up In December; Phishers Follow Suit
Quick Hits  |  12/31/2009  | 
Majority of threats on the Web in December were phishing attacks, study says
2010 Security Outlook: Reply Hazy, Try Again
News  |  12/30/2009  | 
Security researchers, experts don't show much agreement on the coming year's threats
Gonzalez Pleads Guilty To Hack Of Heartland, Hannaford, 7-Eleven
Quick Hits  |  12/30/2009  | 
Guilty plea reveals Target was also victim of massive hacking ring
2010 Threat Environment: New Year's Familiar Fears
Commentary  |  12/30/2009  | 
Saying goodbye to 2009 won't, alas, let us say goodbye to many of the year's top threats, which promise to linger and persist into 2010, even as the New Year brings new threats, as well as new versions and varieties of the old ones.
Adobe To Surpass Microsoft As Hacker Target
News  |  12/30/2009  | 
McAfee says Adobe Reader and Flash will top Microsoft Office as the favorite target of cybercriminals in 2010.
Researchers Prepare Practical Demonstration Of GSM Encryption Cracking Technology
News  |  12/29/2009  | 
GSM calls can be intercepted and decoded using low-cost hardware and open-source software, researchers say
Hacker Breaks GSM Mobile Phone Code
News  |  12/29/2009  | 
A German computer scientist has cracked the encryption algorithm that secures 80% of the world's mobile phones, but it's far from a practical attack.
Mobile Botnets: A New Frontline
Commentary  |  12/29/2009  | 
There has been a recent rash of worms and malware targeting (jailbroken) iPhones. A group of researchers from SRI International published a study of an Apple iPhone bot client, captured just before Thanksgiving.
After Hacks, Louisiana Restaurants Sue POS Companies
Quick Hits  |  12/29/2009  | 
More than 100,000 credit cards exposed by keylogger attack, Secret Service says
DDoS Attack Briefly Interrupts Online Holiday Shopping
News  |  12/28/2009  | 
Attack On UltraDNS was detected 'within minutes,' and shoppers were back online in an hour
Former Executive Accused Of Selling Data From Matchmaking Firm
Quick Hits  |  12/28/2009  | 
Ex-employee allegedly ransomed customer information, then tried to deal it to competitors
Amazon Hit With DDoS Attack
News  |  12/28/2009  | 
The storage and computing cloud services, S3 and EC2, respectively, were briefly affected Wednesday.
Global CIO: My 5 Favorite Cover Stories Of 2009
Commentary  |  12/27/2009  | 
From a year's worth of InformationWeek cover stories, here's a very personal list. And I'm already regretting some I didn't pick.
Data Masking Primer
Commentary  |  12/26/2009  | 
Data masking is an approach to data security used to conceal sensitive information. Unlike encryption, which renders data unusable until it is restored to clear text, masking is designed to protect data while retaining business functionality.
Twitter Acquires GeoAPI Creator Mixer Labs
News  |  12/24/2009  | 
Software allows users to map their Twitter posts to specific locations, though some worry about privacy
5 Security Predictions For 2010
Commentary  |  12/24/2009  | 
Varonis shares five security trends that will impact SMBs in the coming year.
Top 10 Security Challenges For 2010
News  |  12/24/2009  | 
Cloud-hosted malware, bot blasts, compromised smartphones, and privacy-busting malvertising are a few of the security pitfalls we can expect this year.
Fixing The Security Disconnect
Commentary  |  12/24/2009  | 
A disconnect often exits between security teams and the population they service. I'm not referring to just users -- of course, you'll pretty much always find a rift between security and users -- but instead I mean the disconnect that often occurs among network groups, system administrators, developers, and similar groups.
Facebook Hit By Clickjacking Attack
News  |  12/23/2009  | 
Social network targeted by emerging brand of attack that's hard to kill
Feds Need To Push Forward On Cybersecurity, Says Former FBI CIO
News  |  12/23/2009  | 
Key to any plan is to focus on hardware, software, and people, and to understand that cybersecurity is a risk management effort, says Zal Azmi
Intel Website Hacked With SQL Injection
Quick Hits  |  12/23/2009  | 
Hacker reveals major hole that exposes personal passport information on channel partner events Website
Global CIO: A Holiday Miracle: Do You Believe In Angels?
Commentary  |  12/23/2009  | 
Our recent column "The Thanksgiving Angels Of Flight 3405" sparked dozens of letters so we're rerunning it for Christmas and the holiday season. Do you believe?
Former FBI CIO Urges 'Actionable' Cybersecurity Plan
News  |  12/23/2009  | 
The first step: harden desktops, servers, switches, and routers and the software that runs them via security and management tools, says Zal Azmi.
Report: FBI Probes Citigroup Breach
Quick Hits  |  12/22/2009  | 
Federal officials say they are investigating loss of tens of millions of dollars; Citigroup says there was no breach or loss
The 9 Coolest Hacks Of 2009
News  |  12/22/2009  | 
Digital faces, missile defenses, iPod Touches, and even texting teens all were the subject of extreme hacks
White House Names Howard Schmidt As Cybersecurity Czar
News  |  12/22/2009  | 
Former Bush administration official will head U.S. cybersecurity initiative for Obama, but experts question whether the post has much power
Obama Names Cybersecurity Coordinator
News  |  12/22/2009  | 
Former Bush administration official and Microsoft security official Howard Schmidt is tapped to develop a federal cybersecurity strategy.
Security PR: How To Disclose A Vulnerability
Commentary  |  12/22/2009  | 
When your team discovers a new security vulnerability in a third-party product, there are ways to handle it correctly to achieve maximum visibility.
Global CIO: Oracle's Incredible Profit Machine: 22% Maintenance Fees
Commentary  |  12/21/2009  | 
How important are your 22% annual fees to Oracle? It earned $3 billion on those fees last quarter while losing $800 million across the rest of the company.
2010 Year Of Fibre Channel-Over-Ethernet?
Commentary  |  12/21/2009  | 
Will 2010 be the year of Fibre Channel-Over-Ethernet (FCoE)? I am always hesitant to predict that any particular year with be "the year" but I do think that FCoE will move out of conversation and testing phases and more into production.
Smartphone Security Startup Offers Free Beta
News  |  12/21/2009  | 
Product to mix lightweight mobile client with cloud-based security, backup, and anti-theft features
Paper-Based Breaches Just As Damaging
Commentary  |  12/21/2009  | 
IT tends to forget about things that aren't electronic. But you remember that stuff called paper, right? Have you considered that printed documents are just as damaging to a company's reputation should they get into the wrong hands as electronic data stored in an Excel spreadsheet or database server?
How The Koobface Worm Gang Makes Money
Quick Hits  |  12/21/2009  | 
Trend Micro report looks at the true motivation behind the widespread malware-laden botnet
Global CIO: Glimmers Of Growth In Outlook 2010 Research
Commentary  |  12/21/2009  | 
Our exclusive research shows IT shops may spend more this year, but not much on hiring people.
Feds Grant $60M For Health IT Research
News  |  12/21/2009  | 
The grant program is focused on areas, including security, where breakthroughs are needed to drive adoption and meaningful use of health IT.
4 Factors To Consider Before Firing Up That DLP Solution
News  |  12/21/2009  | 
There's an ugly truth that DLP vendors don't like to talk about
Season's Security Greetings: 12 Holiday Tips To Keep Your Data Safe
Commentary  |  12/21/2009  | 
'Tis the season -- for holiday time off, extended trips, office parties... and security negligence. Time to tighten the defenses and clamp down on the user indulgences. No Grinch or Scrooge stuff here: Just a few tips for keeping your workplace systems and data safe, as well as merry and bright.
Global CIO: The Top 10 CIO Issues For 2010
Commentary  |  12/21/2009  | 
For CIOs, 2010 will require new emphases on customers, revenue, external information, and a passion for rapid change.
SkyGrabber Is For Porn, Not For Hacking Predator Drones
Commentary  |  12/18/2009  | 
According to a sensationalized news story from late last week, Iraqi insurgents have intercepted live feeds from Predator drones. But the story's facts seem fishy: it claims the $26 off-the-shelf software product, SkyGrabber, was used to intercept live video feeds from U.S. Predator drones. But SkyGrabber does not have this ability.
Making Your IDS Work For You
Commentary  |  12/18/2009  | 
Talk to anyone who knows anything about running an intrusion detection system (IDS), and he will tell you one of the most important processes during the initial deployment is tuning. It's also one of the important operational tasks that go on as new rules are released to make sure they are relevant to the environment you're tasked to protect.
Attack Of The RAM Scrapers
News  |  12/18/2009  | 
Beware of malware aimed at grabbing valuable data from volatile memory in point-of-sale systems
Electronic Medical Records: The Good, Bad, And Ugly
News  |  12/18/2009  | 
EMRs offer huge benefits, but privacy and security threats are massive as well
Twitter Hit By DNS Hijacking Attack
Quick Hits  |  12/18/2009  | 
Twitter site redirected to 'Iranian Cyber Army' Website for about an hour last night
Global CIO: Oracle CEO Larry Ellison On The Future Of IT
Commentary  |  12/18/2009  | 
Ellison speaks out on Oracle's new Sun-enabled strategy and how that points to where the entire IT industry is headed.
Twitter Downed By 'Iranian' Hackers
News  |  12/18/2009  | 
Social networking site infiltrated by group claiming ties to Middle Eastern country.
Oracle Makes 10 Commitments To Seal EU Deal
News  |  12/17/2009  | 
Oracle has just released 10 commitments to customers and developers about MySQL's future accessibility and openness in the hope of gaining EU approval to acquire Sun.
Security Reminders From "Hacked" Predator Drones
Commentary  |  12/17/2009  | 
The Wall Street Journal reported today that Iraqi militants are able to intercept live feeds from U.S. military predator drones with standard hardware equipment and a $30 software application.
Improved Security In Microsoft Office 2010
Commentary  |  12/17/2009  | 
Microsoft has made Office 2010 available in public beta. After playing around with it for a while, I am not yet sure I need any of the new functionality.
Page 1 / 4   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-01-23
xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based buffer overflow via a crafted EPUB document.
PUBLISHED: 2022-01-23
Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 1.0.34.
PUBLISHED: 2022-01-22
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.
PUBLISHED: 2022-01-22
An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances.
PUBLISHED: 2022-01-22
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.