Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in March 2008
<<   <   Page 2 / 3   >   >>
New Secure Mail Release Pushes Price/Performance Leap
Commentary  |  3/19/2008  | 
Secure Computing's announcement of the latest version of its Secure Mail appliance puts the emphasis on volume, promising to process up to "7 million mails a day on a single appliance."
Lockdown Networks Shuts Down
News  |  3/19/2008  | 
NAC vendor cites slow adoption of technology, sagging economy, and lack of VC funding
Feds Get Guilty Plea From Operation Bot Roast
News  |  3/19/2008  | 
A 21-year-old bot herder faces 10 years and a $250,000 fine
Nigerian Scammers Put Victims on Their Calendars
Quick Hits  |  3/19/2008  | 
New Google Calendar exploit is harder for filtering systems to detect
4.2 Million Credit Cards Leaked
Commentary  |  3/18/2008  | 
A New England-based supermarket, Hannaford Bros., said Monday that a system breach may have given criminals access to more than 4 million credit and debit cards. It's a significant event, and while the facts aren't out yet, it looks unlike most other breaches.
Information Is Power
Commentary  |  3/18/2008  | 
Government officials' seeming inability to manage information has led me to conclude they don't need a backup and archiving policy so much as they need a virtual Roto-Rooter turned on their servers and tape drives and cardboard boxes. And here are three cases in point.
Hannaford, Security Industry Hunt for Cause of Massive Breach
News  |  3/18/2008  | 
Speculation runs rampant as grocery retailer attempts to find out how 4.2 million credit card records were stolen
Compliance Tools Filter Down to Small and Medium Sized Businesses
Commentary  |  3/18/2008  | 
As companies have automated more business processes, the government as well as industry market leaders have mandated that checks be put in place to ensure that those items are processed safely. Consequently, compliance tools have become a hot IT topic.
Mass Hack Hits 200,000 Web Pages
Quick Hits  |  3/18/2008  | 
New exploit differs significantly from last week's ASP-oriented attacks, McAfee says
Not As Dumb As Eliot Spitzer
Commentary  |  3/17/2008  | 
Don't get me wrong -- I think Chris Crocker would make a crap spokesperson for HIPAA. But the medical staff of the UCLA Health System facing discipline or dismissal for snooping in Britney Spears' medical records deserve everything coming to them.
Hospital Workers Busted For Snooping On Britney Spears' Medical Records
Commentary  |  3/17/2008  | 
The Los Angeles Times reported over the weekend that medical workers violated the star's privacy when she visited the UCLA Medical Center in late January and early February of this year. They're all getting fired.
P2P Points To Plenty Of Business Problems
Commentary  |  3/17/2008  | 
Turns out the problems with peer-to-peer file-sharing goes way beyond piracy. A new investigative piece indicates that there's plenty of business and personal data afloat on P2P networks.
FTC Deal Suggests Enterprises Could Be Liable for Poor Security
News  |  3/17/2008  | 
ValueClick found negligent when Commission discovers vulnerabilites contrary to privacy policies promising encryption and 'reasonable security measures'
Big Bucks Bug-Brokering Program Shuttered
News  |  3/17/2008  | 
'Cadillac' buyers were taking too long to close the deal
Curiosity Over Britney Kills Careers of 13 Cats
Quick Hits  |  3/17/2008  | 
UCLA Medical Center employees lose jobs after peeking at pop star's private files
The Clock Is Ticking For Retailer Web Application Security
Commentary  |  3/16/2008  | 
In a few months time, what is now considered merely an advisable best practice will become mandatory for any business accepting credit card payments over the Web. Problem is, the mandate is ill conceived.
Worth Watching
Commentary  |  3/14/2008  | 
Back when I covered storage networking a lot more closely, I learned to anticipate the industry's rhythms. If any one of EMC, HP, IBM, or NetApp introduced something, one of the other three would frequently contact me on the QT to let me know why their solution was still superior.
T.J. Maxx To Hold 'We Got Hacked' Sale
Commentary  |  3/14/2008  | 
As part of class-action settlement for one of the most egregious breaches of consumer credit cards in U.S. history, T.J. Maxx plans to hold a special one-day sales event. Seriously?
Trend Micro Anti-Virus Site Hacked
Commentary  |  3/14/2008  | 
If the anti-virus makers can't keep their sites safe, how safe are the rest of us? That's one of the questions raised by a hack of Trend Micro earlier this week.
Hacking Vista's Smart Cards
News  |  3/14/2008  | 
Former Microsoft security team member will demonstrate how his new fuzzer hacks smart card plug-in
Tech Insight: De-Fanging P2P
News  |  3/14/2008  | 
Peer-to-peer has gotten a bad rap, but there are ways to secure its legitimate use in your organization
Kurt Cobain: Ghost or ID Theft Victim?
Quick Hits  |  3/14/2008  | 
Legendary rock star is still buying houses long after his tragic death, according to widow Courtney Love
Air Force Sheds (Some) Light On A Strategic Cyberspace Vision
Commentary  |  3/13/2008  | 
But after reading the Air Force Cyber Command Strategic Vision, I'm still not clear on what the strategy actually is ... or if it's just PR posturing.
What Sticks
Commentary  |  3/13/2008  | 
And what doesn't in the startup world doesn't appear to have much to do with technology. Like in sports, whoever can deliver on the fundamentals -- in this case, basic business fundamentals, stands a better chance of thriving in the market.
Hackers Mass-Target Gamers
Commentary  |  3/13/2008  | 
A mass attack identified by McAfee tagged more than 10,000 Web pages. The target: gamers' passwords.
McAfee Warns of Mass Web Attack
News  |  3/13/2008  | 
At least 10,000 pages affected, researchers warn
Certegy Victims Offered Less Than a Buck
Quick Hits  |  3/13/2008  | 
Proposed settlement includes free credit monitoring services and $4M in reimbursements following massive data breach
Hacking WiFi
News  |  3/13/2008  | 
Here's an evil twin that can seriously alter your Starbucks experience
NSA Pushes 'Labeled' Access Control for NFS
News  |  3/13/2008  | 
National Security Agency's technology would tighten access to sensitive files and apps on NFS storage
IBM Buys Single-Sign-On Upstart
News  |  3/13/2008  | 
Acquisition of Encentuate will broaden IBM/Tivoli's identity management offerings, officials say
Developers: Check Your %*^& Inputs
Commentary  |  3/12/2008  | 
Better watch where you click, you just may be stepping into a Web page with a Trojan horse, according to security researcher Dancho Danchev. This warning brought to you by the fact that developers continue to neglect to check their application -- and in this case, search engine -- inputs.
I Smell A Reality Show
Commentary  |  3/12/2008  | 
Geeky? Unsociable? Does this sound like you? It's how the European Union's top technology official summed up the current lot holding down jobs in IT. Her prescription for change isn't likely to win her tons of support, either.
AV Still Weak on Rootkit Detection, Fixing Infections
News  |  3/12/2008  | 
New AV-Test.org results reveal some nagging problems with antivirus products
When Bad Tech Leads to Worse Results
News  |  3/12/2008  | 
E-voting, 'friendly' worms may be flawed - and misunderstood
eEye to Add Retina Web App Scanner
Quick Hits  |  3/12/2008  | 
New software is rebranded version of NT Objectives's NTOSpider
Economic Spin
Commentary  |  3/11/2008  | 
While we contemplate the wisdom of locking Eliot Spitzer and Geraldine Ferraro in a room together for all eternity, let's take a deep breath and give thanks for some positive economic news (Go, Dow, go) and wonder what in the world they're smoking over at the freshly renamed NetApp.
Malware Made Real
Commentary  |  3/11/2008  | 
Romanian visual artist Alex Dragulescu has created a series of images depicting malware, under a commission from MessageLabs, a communications security company. The results are stunning because they sustain the expectation that malicious code is somehow alive.
Students Successfully Hack RFID Crypto
Commentary  |  3/11/2008  | 
RFID-chips -- commonly used for wireless payments, access key cards, and even to open car doors -- have been shown relatively easy to hack.
Spam Takes a Vacation
News  |  3/11/2008  | 
South sea islands account for more spam per capita than anyplace else in the world
Disaster Recovery: Practice = Protection
Commentary  |  3/11/2008  | 
How prepared can you be for a data disaster? Clearly the answer is never enough -- no matter how prepared you are, the recovery will undoubtedly reveal aspects of your preparation that can be improved upon. So why not start scouting out those improvable aspects before disaster strikes? Why not practice for problems and rehearse your recovery? Doing so now might eliminate post-disaster disasters later.
Security's 'See-Through' Camera
Quick Hits  |  3/11/2008  | 
New camera lets administrators check for objects under an individual's clothes - without seeing the family jewels
FTP Hacking on the Rise
News  |  3/11/2008  | 
First it was stolen FTP server admin privileges. Now it's spam messages with bot-infected FTP links
Skepticism and Safety
Commentary  |  3/11/2008  | 
Welcome to the Internet. Trust no one.

Living in my bubble of tech-savvy friends and acquaintances, it's easy for me to forget that people need to be told this. But then, I get an e-mail from a particular person (who shall remain nameless) warning me about a virus going around in the form of an e-mail attachment entitled "Life is Beautiful." Of course, it's a forward, and I can see the chain of suckers going back several generations. I'm admonished not to op
Demise Of The Specialist
Commentary  |  3/10/2008  | 
Security's never been an afterthought in storage, but it wasn't exactly a major cornerstone as stored bytes moved beyond the mainframe and into storage networks. Lost or stolen hard drives, laptops, and backup tapes have made big headlines in recent years, and prompted state and federal lawmakers to horn in on the act.
Australian Government Systems Under Attack
News  |  3/10/2008  | 
Officials not ready to say China is the source
Battle Against Fast-Flux Botnets Intensifies
News  |  3/10/2008  | 
ICANN proposes recommendations to help disrupt, and ultimately take down, these stealthy botnets
<<   <   Page 2 / 3   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41393
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
CVE-2021-41394
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations.
CVE-2021-41395
PUBLISHED: 2021-09-18
Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted database name or username.
CVE-2021-3806
PUBLISHED: 2021-09-18
A path traversal vulnerability on Pardus Software Center's &quot;extractArchive&quot; function could allow anyone on the same network to do a man-in-the-middle and write files on the system.
CVE-2021-41392
PUBLISHED: 2021-09-17
static/main-preload.js in Boost Note through 0.22.0 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal Electron API.