Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in February 2010
<<   <   Page 4 / 4
Tool Helps Prepare For Disaster
Commentary  |  2/3/2010  | 
When I see an event like the Haiti earthquake, I worry that we treat disaster preparedness much like we do data backup -- we don't really think about it until it's too late. We are faced with putting in place a plan to deal with disaster, and then realize we don't aren't properly prepared. But I might have found a tool that can help.
Black Hat DC: Researchers Reveal Connection String 'Pollution' Attack
News  |  2/2/2010  | 
Tool released tests for so-called Connection String Parameter Pollution (CSPP) attack
U.S. 'Severely Threatened' By Cyber Attacks
News  |  2/2/2010  | 
The U.S. intelligence chief is urging greater cooperation and funding to defend against online threats.
Homeland Security Plans Cybersecurity, Data Center Investments
News  |  2/2/2010  | 
Other big-ticket tech projects in the department's fiscal 2011 plans include advanced imaging for airport security and upgrades to the E-verify system for employee verification.
Product Watch: Microsoft Rolls Out Free SDL Code For 'Agile' Development
News  |  2/2/2010  | 
Beta version of Agile SDL template now available, as well as new simplified implementation of SDL and expanded partner program that includes tools from Fortify, Veracode, Codenomicon
Researcher Cracks Security Of Widely Used Computer Chip
News  |  2/2/2010  | 
Electron microscopy could enable criminals to develop counterfeit chips, Tarnovsky says at Black Hat DC
Security Scoreboard Lists Services By Specialty
Commentary  |  2/2/2010  | 
A new service, Security Scorecard, aims to help simplify the search for qualified security specialists simpler by listing them, categorizing them, making them searchable. Service providers will have the option of buying premium display space.
Majority Of Online Banking Customers Use Same Credentials On Other Less-Secure Websites
Quick Hits  |  2/2/2010  | 
Trusteer data finds that 73 percent use the same password for their online banking account on at least one nonfinancial Website
Global CIO: IBM Calls Out Oracle's Ellison On Database Claims
Commentary  |  2/1/2010  | 
Ellison said Oracle-Sun "blew the doors off" IBM's top database system, but IBM says he's blowing hot air.
Mac vs. PC Security Not The Real Question
Commentary  |  2/1/2010  | 
The argument over whether Macs are more secure than Windows PCs may never be resolved, but it's no longer the relevant issue, according to a survey of security experts.
Chinese Spies Targeting U.K., MI5 Warns
News  |  2/1/2010  | 
A leaked report tells of gifts with malware and blackmail traps targeting U.K. enterprises.
Hack On Iowa Racing/Gaming Unit Jeopardizes Data Of 80,000 Employees
Quick Hits  |  2/1/2010  | 
Hacked server contained casino employee information, state officials say
Product Watch: Security Scoreboard Goes Live
News  |  2/1/2010  | 
New site brings security vendors and products under one roof, along with customer reviews
Health Net Sued Over Data Breach
News  |  2/1/2010  | 
The insurance company is accused of failing to protect medical records, Social Security numbers, and bank account information of 446,000 customers.
When Software Glitches Are Fatal -- Literally
Commentary  |  2/1/2010  | 
Hearing about how many companies were hacked during the Aurora attacks due to a software vulnerability in Microsoft's Internet Explorer (IE) is frustrating. Now another attack is ready to be unveiled at Black Hat DC that also uses an IE "feature." The thought of what can and has happened because of these flaws is scary -- theft of personal information, espionage, identity theft, etc. -- but what happens when software glitches lead to death?
Botnet Floods Major Websites With Fake SSL Connections
News  |  2/1/2010  | 
DDoS-like traffic surge against CIA, Chase, Google Chrome, FBI, and others has researchers puzzled by Pushdo botnet's plans
Global CIO: CIOs Bet Big On Data Center Strategies
Commentary  |  2/1/2010  | 
Cloud sounds good, but it's still often a brick-and-mortar decision.
U.S. Navy Launches Cyber Command
News  |  2/1/2010  | 
The Navy becomes the third branch of the U.S. military to establish an organization to oversee its cybersecurity activities and protect against attack.
SSD Is Not Disruptive
Commentary  |  2/1/2010  | 
One of the concerns about adopting Solid State Disk (SSD) is that it can be disruptive to the overall data management process that you may have in your data center. SSD is obviously a new and fast but somewhat more expensive alternative to your good old mechanical drives. However, when implemented correctly the addition of SSD can be relatively non-disruptive.
Global CIO: Data Centers Behaving Boldly: Meet Tech's New Rock Stars
Commentary  |  2/1/2010  | 
From Disney tourist attraction to economic-growth saviors to nuke-hardened The Bunker: data centers, always strategic, are becoming way cool.
<<   <   Page 4 / 4


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30485
PUBLISHED: 2021-04-11
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.