Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in March 2008
<<   <   Page 3 / 3
WhiteHat, F5 Offer 'Click & Fix' for Web App Vulnerabilities
Quick Hits  |  3/10/2008  | 
Integration deal automatically fixes cross-site scripting, SQL injection flaws on Websites
Breach: British Police Force Allegedly Infiltrated By Al-Qaeda
Commentary  |  3/9/2008  | 
According to a story that ran in today's edition of the Daily Mail, four officers in Britain's Met police force have been eyed as terrorist spies.
A Taxing Response
Commentary  |  3/7/2008  | 
"No effort to control greenhouse-gas emissions or to lower the carbon footprint ... can succeed unless those emissions are priced properly," writes Michael Specter in the Feb. 25 issue of The New Yorker. "There are several ways to do that: they can be taxed heavily, like cigarettes, or regulated, which is the way many countries have established mileage-per-gallon standards for automobiles." Exchanges where entities buy and sell rights to pollute are another way. While Specter's article i
Cyber Preparedness Symposium Leaves Unanswered Questions
News  |  3/7/2008  | 
Effort to jump-start discussion between government, industry, and academia is clearly Version 1.0
Art Imitates Malware
Quick Hits  |  3/7/2008  | 
Or does malware imitate art? Award-winning artist uses malware code to create artistic renditions of Storm, Netsky, and other infamous threats
Online Gaming Firm Bets on PCI
News  |  3/7/2008  | 
bwin Interactive Entertainment AG chose a Web-based risk management/PCI compliance solution that integrates with its existing apps
Microsoft Preps Bevy Of Office Patches
Commentary  |  3/6/2008  | 
Microsoft is readying four "critical" security patches for next week. While it's a far cry from last month's 11 patches, IT shops will be busy nonetheless.
In Love With Wireless
Commentary  |  3/6/2008  | 
And public Wi-Fi hotspots, texting galore, and the iPhone are the tools of this seduction. But with more applications and wireless spectrum (and YouTube clips) on the way, where exactly are we going to store all this new content?
Surge of Phishing Kits Hits the Net
News  |  3/6/2008  | 
Researchers are investigating an unusually high volume of free phishing kits - over 400 - now in the wild
Encrypted PCs Still at Risk
Quick Hits  |  3/6/2008  | 
Scientists demonstrate ability to extract encryption keys that linger in PC memory
Missing White House E-Mail -- Politics Or Bad Tech Policy?
Commentary  |  3/5/2008  | 
The White House's assertion that as many as 5 million e-mails have gone missing has raised a lot of political hackles on both sides of the aisle and throughout the pundit-sphere over the last couple of years. Far less attention has been paid to a far more serious (and less politically secular) question: just what is the tech infrastructure underlying the White House's electronic communications?
USB & Firewall System Attacks Surface: Disable Your External Media Ports
Commentary  |  3/5/2008  | 
It appears as though, more than ever before, if you lose physical sight, and especially control, of your notebook, your data could be hosed. This is even more so now that tools that attack disk-based crypto are surfacing at an alarming rate.
Julienne Storage
Commentary  |  3/5/2008  | 
Given the variety of ways that stored data gets sliced and diced these days, it's hard not to imagine that Ron Popeil of Veg-o-Matic fame didn't have a hand in there somewhere along the way. Here's what I mean.
Hacking: The New Child's Play?
News  |  3/5/2008  | 
Researchers worry as teens and pre-teens play an increasing role in illegal online exploits
Tool Physically Hacks Windows
News  |  3/5/2008  | 
Lets an attacker use Firewire to take over a 'locked' Windows machine
What Are You Looking at?
Quick Hits  |  3/5/2008  | 
Prototype 'cyber-goggles' record everything they see - and index it for later analysis
Is This Really A Good Idea?
Commentary  |  3/4/2008  | 
In a world concerned with terrorism, is providing the capability to monitor factory and plant information from a handheld device really a good idea?
SRM Gets The Gas
Commentary  |  3/4/2008  | 
In Vendor Land, it's a short hop from capacity planning to storage resource management (SRM). A couple product guys from IBM volunteered to explain why this makes good business sense (even if it blows your budget).
Teens Still In The Hacking Biz -- On Both Sides
Commentary  |  3/4/2008  | 
Way on the other side of our little blue planet, folks in New Zealand are reeling from the recent arrest of 18-year old Owen Thorn Walker, who masterminded a group of programmers that infected more than a million computers around the world.
Researchers Map Method for Spotting Suspicious Insiders
News  |  3/4/2008  | 
Mining of email data could help companies spot dangerous employees before they do damage
New Method IDs Phishing, Malicious Domains
News  |  3/4/2008  | 
Researchers at a secretive security summit hosted by Yahoo revealed new ways they are finding phishers and other bad sites
Survey: Enterprises Don't Know Sensitive Data Flow
Quick Hits  |  3/4/2008  | 
Upcoming report from The 451 Group demonstrates how little progress enterprises have made in identifying and protecting sensitive data
Good News: Federal Agency IT Security Improving
Commentary  |  3/3/2008  | 
Usually the government releases news it wants to bury over the weekend. This Saturday, however, the Office of Management and Budget released a report stating that, overall, federal IT security is improving.
A Bracketed Discussion
Commentary  |  3/3/2008  | 
You know, the kind where you want to decide where to go for dinner, and suddenly your significant other/spouse/soulmate is off and running on the past, present, and future of the relationship and why you never ... well, you get the point. This is actually good practice for when you try to talk to a vendor or reseller about storage capacity planning. Why? Because this very specific function you want help with snowballs quickly into a referendum on the future and sanctity of your enterprise's da
A Dozen Thumb Drives With Security Features
Commentary  |  3/3/2008  | 
Thumb drives are convenient, cheap -- and all too easily lost, stolen, left behind or otherwise compromised... with potentially catastrophic consequences. Informationweek recently took a look at twelve drives that include security features.
SNMP Scan Nets Thousands of Vulnerable Devices
News  |  3/3/2008  | 
Researchers find products from Cisco, Apple, and Microsoft are vulnerable
Canadian Cops Bust Identity Theft 'Hub'
News  |  3/3/2008  | 
Nine arrested, suspected of being part of larger ID theft ring
Hackers Cut in Line to Buy Tickets
Quick Hits  |  3/3/2008  | 
Hack allows buyers to jump to the front of the queue and purchase prime tickets online before fans can get to them
Is That A Trojan Calling?
Commentary  |  3/1/2008  | 
Numerous security researchers, including the US-CERT, are warning of a new Trojan that attempts to attack Microsoft Windows Mobile Devices. Is that threat anything to worry about?
<<   <   Page 3 / 3


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30485
PUBLISHED: 2021-04-11
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.