Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in March 2008
<<   <   Page 3 / 3
WhiteHat, F5 Offer 'Click & Fix' for Web App Vulnerabilities
Quick Hits  |  3/10/2008  | 
Integration deal automatically fixes cross-site scripting, SQL injection flaws on Websites
Breach: British Police Force Allegedly Infiltrated By Al-Qaeda
Commentary  |  3/9/2008  | 
According to a story that ran in today's edition of the Daily Mail, four officers in Britain's Met police force have been eyed as terrorist spies.
A Taxing Response
Commentary  |  3/7/2008  | 
"No effort to control greenhouse-gas emissions or to lower the carbon footprint ... can succeed unless those emissions are priced properly," writes Michael Specter in the Feb. 25 issue of The New Yorker. "There are several ways to do that: they can be taxed heavily, like cigarettes, or regulated, which is the way many countries have established mileage-per-gallon standards for automobiles." Exchanges where entities buy and sell rights to pollute are another way. While Specter's article i
Cyber Preparedness Symposium Leaves Unanswered Questions
News  |  3/7/2008  | 
Effort to jump-start discussion between government, industry, and academia is clearly Version 1.0
Art Imitates Malware
Quick Hits  |  3/7/2008  | 
Or does malware imitate art? Award-winning artist uses malware code to create artistic renditions of Storm, Netsky, and other infamous threats
Online Gaming Firm Bets on PCI
News  |  3/7/2008  | 
bwin Interactive Entertainment AG chose a Web-based risk management/PCI compliance solution that integrates with its existing apps
Microsoft Preps Bevy Of Office Patches
Commentary  |  3/6/2008  | 
Microsoft is readying four "critical" security patches for next week. While it's a far cry from last month's 11 patches, IT shops will be busy nonetheless.
In Love With Wireless
Commentary  |  3/6/2008  | 
And public Wi-Fi hotspots, texting galore, and the iPhone are the tools of this seduction. But with more applications and wireless spectrum (and YouTube clips) on the way, where exactly are we going to store all this new content?
Surge of Phishing Kits Hits the Net
News  |  3/6/2008  | 
Researchers are investigating an unusually high volume of free phishing kits - over 400 - now in the wild
Encrypted PCs Still at Risk
Quick Hits  |  3/6/2008  | 
Scientists demonstrate ability to extract encryption keys that linger in PC memory
Missing White House E-Mail -- Politics Or Bad Tech Policy?
Commentary  |  3/5/2008  | 
The White House's assertion that as many as 5 million e-mails have gone missing has raised a lot of political hackles on both sides of the aisle and throughout the pundit-sphere over the last couple of years. Far less attention has been paid to a far more serious (and less politically secular) question: just what is the tech infrastructure underlying the White House's electronic communications?
USB & Firewall System Attacks Surface: Disable Your External Media Ports
Commentary  |  3/5/2008  | 
It appears as though, more than ever before, if you lose physical sight, and especially control, of your notebook, your data could be hosed. This is even more so now that tools that attack disk-based crypto are surfacing at an alarming rate.
Julienne Storage
Commentary  |  3/5/2008  | 
Given the variety of ways that stored data gets sliced and diced these days, it's hard not to imagine that Ron Popeil of Veg-o-Matic fame didn't have a hand in there somewhere along the way. Here's what I mean.
Hacking: The New Child's Play?
News  |  3/5/2008  | 
Researchers worry as teens and pre-teens play an increasing role in illegal online exploits
Tool Physically Hacks Windows
News  |  3/5/2008  | 
Lets an attacker use Firewire to take over a 'locked' Windows machine
What Are You Looking at?
Quick Hits  |  3/5/2008  | 
Prototype 'cyber-goggles' record everything they see - and index it for later analysis
Is This Really A Good Idea?
Commentary  |  3/4/2008  | 
In a world concerned with terrorism, is providing the capability to monitor factory and plant information from a handheld device really a good idea?
SRM Gets The Gas
Commentary  |  3/4/2008  | 
In Vendor Land, it's a short hop from capacity planning to storage resource management (SRM). A couple product guys from IBM volunteered to explain why this makes good business sense (even if it blows your budget).
Teens Still In The Hacking Biz -- On Both Sides
Commentary  |  3/4/2008  | 
Way on the other side of our little blue planet, folks in New Zealand are reeling from the recent arrest of 18-year old Owen Thorn Walker, who masterminded a group of programmers that infected more than a million computers around the world.
Researchers Map Method for Spotting Suspicious Insiders
News  |  3/4/2008  | 
Mining of email data could help companies spot dangerous employees before they do damage
New Method IDs Phishing, Malicious Domains
News  |  3/4/2008  | 
Researchers at a secretive security summit hosted by Yahoo revealed new ways they are finding phishers and other bad sites
Survey: Enterprises Don't Know Sensitive Data Flow
Quick Hits  |  3/4/2008  | 
Upcoming report from The 451 Group demonstrates how little progress enterprises have made in identifying and protecting sensitive data
Good News: Federal Agency IT Security Improving
Commentary  |  3/3/2008  | 
Usually the government releases news it wants to bury over the weekend. This Saturday, however, the Office of Management and Budget released a report stating that, overall, federal IT security is improving.
A Bracketed Discussion
Commentary  |  3/3/2008  | 
You know, the kind where you want to decide where to go for dinner, and suddenly your significant other/spouse/soulmate is off and running on the past, present, and future of the relationship and why you never ... well, you get the point. This is actually good practice for when you try to talk to a vendor or reseller about storage capacity planning. Why? Because this very specific function you want help with snowballs quickly into a referendum on the future and sanctity of your enterprise's da
A Dozen Thumb Drives With Security Features
Commentary  |  3/3/2008  | 
Thumb drives are convenient, cheap -- and all too easily lost, stolen, left behind or otherwise compromised... with potentially catastrophic consequences. Informationweek recently took a look at twelve drives that include security features.
SNMP Scan Nets Thousands of Vulnerable Devices
News  |  3/3/2008  | 
Researchers find products from Cisco, Apple, and Microsoft are vulnerable
Canadian Cops Bust Identity Theft 'Hub'
News  |  3/3/2008  | 
Nine arrested, suspected of being part of larger ID theft ring
Hackers Cut in Line to Buy Tickets
Quick Hits  |  3/3/2008  | 
Hack allows buyers to jump to the front of the queue and purchase prime tickets online before fans can get to them
Is That A Trojan Calling?
Commentary  |  3/1/2008  | 
Numerous security researchers, including the US-CERT, are warning of a new Trojan that attempts to attack Microsoft Windows Mobile Devices. Is that threat anything to worry about?
<<   <   Page 3 / 3


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41393
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
CVE-2021-41394
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations.
CVE-2021-41395
PUBLISHED: 2021-09-18
Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted database name or username.
CVE-2021-3806
PUBLISHED: 2021-09-18
A path traversal vulnerability on Pardus Software Center's &quot;extractArchive&quot; function could allow anyone on the same network to do a man-in-the-middle and write files on the system.
CVE-2021-41392
PUBLISHED: 2021-09-17
static/main-preload.js in Boost Note through 0.22.0 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal Electron API.