Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in March 2008
Page 1 / 3   >   >>
McAfee Volunteers Go For All The Spam They Can Stand (And Then Some!)
Commentary  |  3/31/2008  | 
Y'know those e-mails and offers and come-ons you're never never supposed to open or reply to? Well, McAfee is putting fifty, count 'em, fifty volunteers from across the world on an all-the-spam-you-can-answer diet. You get it, you answer it; you see it you click it -- every one of them for a month Seriously.
Another Trojan Targets Mac OS X
Commentary  |  3/31/2008  | 
Yet another unscrupulous chunk of malicious software is being aimed at unsuspecting Mac users.
Manage Your Risk Before It Mangles Your Business
Commentary  |  3/31/2008  | 
Informationweek has a good long piece on risk management that will more than repay your attention -- if only in calling your attention to the rapidly evolving nature of risk management -- and the risks we all need, or at least seek, to manage.
Security Issues Limit Telecommuting
Quick Hits  |  3/31/2008  | 
Want to work from home? Better beef up security first, CDW study says
Black Hat Researcher Hacks Biometric System
News  |  3/31/2008  | 
'Biologger' steals fingerprint, other biometric data
Lockdown Tradeoffs
Commentary  |  3/29/2008  | 
Enterprise users and consumers alike have been scared straight about data protection, given the regular headlines about laptop theft or misplaced hard drives. But as users rush to secure the desktop, are their good intentions making the jobs (and lives) of storage pros more difficult?
CA Customers Newly Targeted
Commentary  |  3/28/2008  | 
While most software exploits target end users and end-point applications, this one is aiming squarely at corporate users.
Hundreds Of Servers Compromised In Hannaford Breach
Commentary  |  3/28/2008  | 
More details about the credit breach at the Hannaford grocery chain are becoming known, and they aren't pretty.
Hacker Contest: And The Loser Is... MacBook Air
Commentary  |  3/28/2008  | 
The hacker contest at this year's CanSecWest Conference in Vancouver has produced a winner... er, a loser. The hack--ee? Pricey, trendy and oh so desirable MacBook Air.
Tech Insight: Keeping Your Thumb on Thumb Drives
News  |  3/28/2008  | 
Those little USB drives certainly are handy, but how do you keep your company's sensitive data from walking away? Here are a few ideas
Hacked in Two Minutes
Quick Hits  |  3/28/2008  | 
In contest, researcher cracks a Mac with lightning speed using zero-day exploit
CastleCops Hit by Another DDOS Attack
News  |  3/28/2008  | 
But this time, attackers employ a 'POST' attack
And I Recommend Caviar For Dinner
Commentary  |  3/27/2008  | 
Yes, every night. Because in this age of federal bailouts of brokerages, record mortgage defaults, and a stock market that doesn't know which way is up, it's time to indulge. At least that seems to be a piece of the logic behind this report, encouraging would-be videoconferencing customers to go HD.
EMC Gets Physical
News  |  3/27/2008  | 
Unveils services for storing data from video cameras and security systems
Free Honeypot Client Could Sting Malware
News  |  3/27/2008  | 
The Honeynet Project has released a new automated tool for thwarting botnet and other client-side attacks
Internet Evolution Reports On Test-Shy Peer-To-Peer Filters
Commentary  |  3/27/2008  | 
More than two dozen vendors say they can help ISPs filter unwanted P2P traffic. But only two were willing to put marketing claims on the line in an in-depth test of P2P filtering technology.
Attention, Stolen Credit Card Shoppers
Quick Hits  |  3/27/2008  | 
Sophisticated online marketplace for stolen credit cards and data offers buyers volume discounts and guarantees
Startup Flips On Its Virtual Switch
Commentary  |  3/26/2008  | 
A growing number of security startups aim to bring visibility to the network traffic of virtual systems. Today, Montego Networks officially came out of stealth mode.
IT And The Global Village
Commentary  |  3/26/2008  | 
"The toughest job you'll ever love," according to Lillian Carter, a tagline used for recruiting by the Peace Corps in the '70s and '80s, herself a volunteer in India at age 66. A forward-thinking IT vendor has picked up on this international service model and here's why it makes great sense.
"New" Word Vulnerability: What Did Microsoft Know And When Did They Know It?
Commentary  |  3/26/2008  | 
It turns out that Microsoft engineers knew about a vulnerability that could expose Word users to attacks, and knew about it for awhile before letting the rest of us in on the problem. A long while.
Phishers Enlist Google 'Dorks'
News  |  3/26/2008  | 
Researcher finds most phishing sites use Google search terms to locate vulnerable sites
Millions of Russians' Personal Data Posted on Free Website
News  |  3/26/2008  | 
Names, addresses, account information, and other data posted by unknown source
Quick Hits  |  3/26/2008  | 
For the first time in five years, companies will be spending more on IT governance than on Sarbanes-Oxley compliance, study says
Web App Threats Rising
Commentary  |  3/25/2008  | 
Great news: 1 out of 10 Web sites you visit may actually be secure.
The Disruption Factor
Commentary  |  3/25/2008  | 
Here's a hypothetical based on a lot of ifs. If you had a bunch of money to invest, if you had access to the smartest brokers around, and if the economy were on firm ground, which of these ideas would you invest in?
Tool Emerges to Automate Companies' Battle Against Identity Theft
Commentary  |  3/25/2008  | 
The problems associated with identity theft have become so great that the federal government is forcing corporations to put checks in place to prevent it. Now, help has arrived for businesses that have to comply with these new regulations.
WhiteHat: 90% of Sites Still Vulnerable
News  |  3/25/2008  | 
Most sites open to hacks via cross-site scripting, CSRF, report says
Child Charities Stand Against Web 'Intelligence Gathering'
Quick Hits  |  3/25/2008  | 
People shouldn't lose opportunities because of something they wrote on MySpace at age 14, consortium says
Medical Records For 2,500 Study Participants Are Stolen
Commentary  |  3/24/2008  | 
Only after a laptop is stolen from the trunk of a car owned by a researcher at the National Heart, Lung, and Blood Institute (NHLBI) does this organization promise to do better when it comes to security. Why does it always go down this way?
Real Tossers
Commentary  |  3/24/2008  | 
How long do you hang on to decommissioned hard drives and storage devices? Do you at least wait to make sure your new drives or backup applications are functioning properly? If you answered yes to that last question, there might be a job at the White House for you.
More Passport Problems, More Business Security Lessons
Commentary  |  3/24/2008  | 
Or maybe just more of the same. As the Obama passport-filepeek story expanded to become the Obama/Clinton/McCain passport pry-in story, the business lessons the snafu offered only grew more important.
Intel Researching New Approach to Laptop Security
News  |  3/24/2008  | 
'Proteus' technology tracks user behavior, flags atypical activity
Has Banking Industry Overlooked Its Biggest Breach Ever?
Quick Hits  |  3/24/2008  | 
Insider theft case at Compass Bank affected more than 1M customers
But Cling If You Must To The Illusion Of Privacy
Commentary  |  3/21/2008  | 
I'm trying to work up a head of steam over the presidential candidate passport snooping. But my contract with TechWeb limits my self-righteousness to certain decibel levels, which, frankly is quite smart when the subject is data privacy.
SnooperGate: Two Fired Over Illegal Obama Passport Snooping
Commentary  |  3/21/2008  | 
It's the second time in a week where workers improperly accessed electronic records of the rich, powerful, or famous.
Passport Privacy Problem Offers Business Lessons
Commentary  |  3/21/2008  | 
The current news cycle hot-button -- State Department contractors poking into Barack Obama's passport files -- will give the pundits plenty to spout and sputter about from all sides. It should give small and midsize businesses pause to consider some of their own security procedures, policies and potential vulnerabilities.
US Treasury Department Adopts Dual-Factor Authentication
News  |  3/21/2008  | 
Entrust IdentityGuard costs only 25 cents per card for each user
Obama Suffers Personal Data Breach
Quick Hits  |  3/21/2008  | 
State Department contractors under investigation for accessing passport files without authorization
Behind Microsoft's Visor
Commentary  |  3/21/2008  | 
What if Microsoft decided to get really serious about server virtualization? Yeah, yeah, I know Hyper-V is coming this summer. But especially now that they've made such a hash of Vista, virtualization's a natural place for the company to regain a bit of
The Start Of NAC Market Consolidation?
Commentary  |  3/20/2008  | 
Lockdown Networks has closed its doors and is looking for someone to buy it's IP. Is this just the beginning of the NAC market consolidation, or an isolated event?
Hacker Contest Next Week: The Real March Madness
Commentary  |  3/20/2008  | 
It's fierce comeptition time again, and not just for basketball fans. At next week's CanSecWest conference in Vancouver, the second annual hacker contest offers big bucks to the first person to hack a supposedly secure laptop.
US Firms Brace for Cyber War
News  |  3/20/2008  | 
Last year's cyber attack on Estonia was the shape of things to come, warns expert
A Peek at Snort 3.0
News  |  3/20/2008  | 
Next-generation of open source platform will be more than just IDS/IPS
Vietnam: 95% of Its PCs Infected With Viruses
Quick Hits  |  3/20/2008  | 
Brokerages, other sensitive Websites also vulnerable to attack, Vietnamese officials report at security conference there
De-Dupe Do-Si-Do
Commentary  |  3/19/2008  | 
I'm not sure if you need a dance card or a scorecard to keep track of the pairings in the data deduplication market. One thing's abundantly clear: this storage app must have more commercial appeal than most everything else that's come down the pike lately, given the scramble for partners.
In Massive Patch, Apple Mends Roughly 90 Security Vulnerabilities
Commentary  |  3/19/2008  | 
In one swing, Apple unleashes a tally of security updates that nearly surpasses all of the patches it released last year.
Page 1 / 3   >   >>

HackerOne Drops Mobile Voting App Vendor Voatz
Dark Reading Staff 3/30/2020
Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/31/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-04-05
PRTG Network Monitor before allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.
PUBLISHED: 2020-04-05
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.
PUBLISHED: 2020-04-04
3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring.
PUBLISHED: 2020-04-04
Ivanti Workspace Control before, when SCCM integration is enabled, allows local users to obtain sensitive information (keying material).
PUBLISHED: 2020-04-04
Common/Grav.php in Grav before 1.6.23 has an Open Redirect.