News & Commentary

Content posted in February 2012
Page 1 / 4   >   >>
Google Privacy Changes: 6 Steps To Take
News  |  2/29/2012  | 
Don't let Google's data unification scheme send you running scared on privacy. Consider these actions to control your data.
Tracking Down Advanced Threats In Your Network
News  |  2/29/2012  | 
If you had an advanced attacker in your network, would your security team know it? At the RSA Conference, HBGary's Greg Hoglund shared four ways to defend against pernicious attacks
It's True: Compliance Can Be Good For Your Business
Commentary  |  2/29/2012  | 
The best insurance for your organization is often the processes required for compliance
Report Offers Insight Into Anonymous' M.O.
News  |  2/29/2012  | 
Research presented before RSA reveals hacktivist collective's specific strategies, tools, and tactics
Federal Cybersecurity Guidelines Now Cover Cloud, Mobility
News  |  2/29/2012  | 
Emerging technologies and cyber threats are focus of NIST's first update to feds' security handbook in three years.
How To Evaluate Next-Generation Firewalls
News  |  2/29/2012  | 
A host of new network threat-protection products will be introduced at RSA, but not all firewalls are built the same.
Can Cisco Deliver On Security Strategy?
News  |  2/29/2012  | 
New leadership makes promises, but some pundits remain skeptical
Outsider Hacks Dominated 2011 Security Breaches
News  |  2/29/2012  | 
Insider attacks comprised only 5% of breaches; most outsiders exploited weak passwords to enter networks, reported Verizon.
Anonymous Leaves Clues In Failed Vatican Attack
News  |  2/29/2012  | 
Researchers at RSA detail a rare glimpse into the specific strategies, tools, and tactics used by Anonymous to infiltrate or take down websites.
New Verizon Breach Data Shows Outside Threat Dominated 2011
Quick Hits  |  2/28/2012  | 
Preview of Verizon Business' data breach cases shows malware and hacking the top breach methods
Anonymous Partners With WikiLeaks, Then Turns On Stratfor
News  |  2/28/2012  | 
Stratfor appears to have run afoul of Anonymous and WikiLeaks on account of its intelligence-gathering activities
Startup Targets The Attackers Behind The APT
News  |  2/28/2012  | 
Former McAfee execs in new stealth venture will demonstrate an APT-type targeted attack against a smartphone at RSA Conference
Mozilla 'Collusion' Reveals Online Tracking
News  |  2/28/2012  | 
Mozilla enlists Ford Foundation to support development of tracking visualization software to help Internet users make informed privacy choices.
Google Offers $1 Million For Chrome Hacks
News  |  2/28/2012  | 
Google prepares to open its wallet for reports of security flaws, but outside annual Pwn2Own hacker competition.
Why BYOD Doesn't Always Work In Healthcare
Commentary  |  2/28/2012  | 
Security and screen layout problems make it difficult to let clinicians bring their own tablets and smartphones to work.
WikiLeaks Stratfor Disclosure Highlights Email Encryption Failure
News  |  2/28/2012  | 
Hacktivist group Anonymous said it obtained the intelligence contractor's clear-text emails, and shared them with whistleblower and information-release website WikiLeaks, as part of a new working relationship.
3 Ways For SMBs To Plug IPv6 Security Holes
News  |  2/28/2012  | 
Small and midsize businesses need not fret over the newest internet protocol. An expert explains what you need to know.
Most Security Pros Wouldn't Bet On The Security Of Their Networks
Quick Hits  |  2/28/2012  | 
Majority of security pros say they wouldn't bet any amount of money that they could prevent compromises in the next year
Cloud's Future Security Depends On Mobile
News  |  2/28/2012  | 
Passwords are a major weakness for cloud providers. Industry experts say that, in the future, mobile will be the authentication platform of choice
RSA: Top-Level Execs Not On Top Of Risk Management
News  |  2/28/2012  | 
New RSA-Carnegie Mellon CyLab survey finds most Fortune 2000 execs have little to do with their firms' security and privacy policies
RSA Conference, One Year Later
Commentary  |  2/27/2012  | 
How I hope history has reshaped this year's RSA Conference one year after one of the most significant breaches in the past decade
Cavium Unveils World's First Adapter With 1 Million SSL Transactions Per Second For Virtualized Data Center And Cloud Computing
News  |  2/27/2012  | 
NITROX III XL CNN35XX-NHB adapter family includes PCI-Express Gen2 and PCI-Express Gen3 versions
Can You Train A Great Penetration Tester?
Commentary  |  2/27/2012  | 
The hacker mindset can't be taught -- it must be developed and refined over time
Five Strategic Security Metrics To Watch
News  |  2/24/2012  | 
Is your security program paying off for the business? Here are five high-level metrics that the executive suite needs to watch
Bots: Stand Up And Be Counted
Commentary  |  2/24/2012  | 
A new FCC-backed initiative will gather real ISP data on infected bot machines, but will it make a dent on the botnet scourge?
RSA Preview: 5 Hot Security Worries
News  |  2/24/2012  | 
From securing mobile devices to spotting and stopping APTs and hacktivists, here's what's keeping security managers awake at night--and what will dominate discussion at the upcoming RSA conference.
Do Not Track: 7 Key Facts
News  |  2/24/2012  | 
Key provision in the Obama administration's new Consumer Privacy Bill of Rights has benefits and limitations. Check out some of the compromises.
Don't Be Fooled By Buzzwords, Flash, And Empty Promises
Commentary  |  2/24/2012  | 
Heading to San Francisco for RSA, BSides and AGC? Make sure you know how to navigate the vendor gauntlet
Free Anti-Virus Software Fails To Charm Enterprises
Commentary  |  2/24/2012  | 
As free AV gains popularity with consumers, could Symantec and McAfee ever be chased from their top spots in the enterprise?
Mobile Devices Just Another Endpoint
News  |  2/23/2012  | 
Two mobile security surveys out this week show that as mobile devices are more tapped into mission critical systems, security focus must remain on the data
New Oracle ERP Vulnerabilities Unmasked
News  |  2/23/2012  | 
Design flaws could allow attackers to access, alter, or take over ERP systems -- but will enterprises do anything about the vulnerabilities?
'Do Not Track' Won't Save You From Yourself
Commentary  |  2/23/2012  | 
Just because you now have a Consumer Privacy Bill of Rights, don't assume you have privacy.
Survey: Post-It Notes, Spreadsheets Used To Manage Digital Certificates
Quick Hits  |  2/23/2012  | 
More than half have incomplete or inaccurate inventory of their certs, new Osterman-Venafi report finds
RSA Conference To Spotlight Mobile Security
News  |  2/23/2012  | 
This year's conference will delve into the world of mobile security, from malware to management
Obama Administration Unveils Privacy Bill Of Rights
News  |  2/23/2012  | 
Nine facts about the White House's new proposed consumer privacy framework
Anonymous, NSA Square Off On Power Grid Attacks
News  |  2/23/2012  | 
Anonymous calls claim that it might target U.S. power grid 'ridiculous;' security expert says power grid security can already be hacked.
Web Encryption That Works
News  |  2/23/2012  | 
SSL technology isn't perfect, but it can be an effective security tool for your organization. Here are four tips for optimizing its performance
Obama's Consumer Privacy Bill of Rights: 9 Facts
News  |  2/23/2012  | 
Here's what you need to know about the White House's new proposed consumer privacy framework--and its limits.
Five Dangerous Compliance Assumptions
Commentary  |  2/23/2012  | 
Many businesses fool themselves about their compliance problems
CA Unveils Hybrid Data Protection Service For SMBs
News  |  2/23/2012  | 
CA's new ARCserve D2D On Demand for small businesses uses Microsoft Azure cloud.
Study: Users Of Social Networks, Smartphones More Likely To Be Fraud Victims
Quick Hits  |  2/23/2012  | 
Keeping identity safe means learning how to safely use emerging consumer technologies, Javelin says
Strengthening Third-Party Contracts To Lower Breach Risks
News  |  2/22/2012  | 
FTC breach, contract deficiencies highlight importance of including security provisions within technology contracts
Orphaned Bots Facing Internet Blackout
News  |  2/22/2012  | 
DNSChanger botnet takedown poses unique challenges and risks that other botnet overthrows do not
How Anonymous Are Your Online Posts?
News  |  2/22/2012  | 
Beware flamebait-throwers, grammar police, and all-around trolls: New algorithm can correctly identify an author 80% of the time, using sufficient source documents.
Bank Customers Favor Birthdate PINs
News  |  2/22/2012  | 
Too many people use a date for their bank card PIN, giving attackers an edge in figuring out the number, reports Cambridge University researchers.
Can You Delete A Database?
Commentary  |  2/22/2012  | 
Data and databases keep growing, but there's a security tradeoff
Five Schemes For Redeeming Trust In SSL
News  |  2/21/2012  | 
Creativity loves constraint and for security thinkers trying to shore up Web authentication today, that constraint is SSL/TLS
Disclosure Clouded By Obscurity
Commentary  |  2/21/2012  | 
Shockingly, the responsible disclosure debate rears its head once again, and amazingly enough some vendors still don't get it. Guess we'll never learn
NIST Cybersecurity Center Tackles Public And Private Threats
News  |  2/21/2012  | 
Researchers will use National Cybersecurity Center of Excellence to develop new products and services to combat cybersecurity threats faced by U.S. government agencies and companies.
Security Startup Takes On SIEM
News  |  2/21/2012  | 
Former TippingPoint founders launch Click Security with a new platform based on automation and collaboration
Page 1 / 4   >   >>


Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
White Hat to Black Hat: What Motivates the Switch to Cybercrime
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
PGA of America Struck By Ransomware
Dark Reading Staff 8/9/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Now about that mortgage refinance offer from Wells Fargo .....
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-7097
PUBLISHED: 2018-08-14
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow cross-site request forgery.
CVE-2018-7098
PUBLISHED: 2018-08-14
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow directory traversal.
CVE-2018-7099
PUBLISHED: 2018-08-14
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow disclosure of privileged information.
CVE-2018-7100
PUBLISHED: 2018-08-14
A potential security vulnerability has been identified in HPE OfficeConnect 1810 Switch Series (HP 1810-24G - P.2.22 and previous versions, HP 1810-48G PK.1.34 and previous versions, HP 1810-8 v2 P.2.22 and previous versions). The vulnerability could allow local disclosure of sensitive information.
CVE-2018-7077
PUBLISHED: 2018-08-14
A security vulnerability in HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager (DevMgr 8.5.0-00 and prior to 8.6.0-00), Configuration Manager (CM 8.5.0-00 and prior to 8.6.0-00) could be exploited to allow local and remote unauthorized access to sensitive information.