Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in March 2012
<<   <   Page 2 / 4   >   >>
LulzSec Announces April Fool's End To Retirement
News  |  3/21/2012  | 
LulzSec hacktivists use YouTube video to announce they'll reboot on April 1, despite arrest of six alleged core members.
Quantum Launches Hybrid Data Protection
News  |  3/21/2012  | 
Combines on-premises storage, cloud backup, and deduplication appliance to reduce storage needs, ensure disaster recovery.
U.S. Military Readies Cyber 'Rules of Engagement'
News  |  3/21/2012  | 
DOD soon will release rules instructing the military how and when to fight fire with fire in the event of a cyber attack.
New Malware Puts Nasty Spin On Remote Control
News  |  3/21/2012  | 
Georbot Trojan steals remote-desktop configuration files to provide surreptitious access to targeted PCs, including recording audio and video.
Russian Police Arrest Eight In Bank Malware Scheme
News  |  3/20/2012  | 
Notorious cybercriminal gang used the Carberp and RDP-door Trojans to snare victims
Simple Settings That Could Curtail Some Attacks
News  |  3/20/2012  | 
Free tool created by eEye Digital Security checks health of key configurations that can reduce risk
Web Services' Single Sign Ons Contain Big Flaws
News  |  3/20/2012  | 
Microsoft Research report shows how risky single sign on can be without good integration and better support from Web service providers such as Google and Facebook.
Alert Logic Announces Security For Amazon EC2
News  |  3/20/2012  | 
Subscribers gain access to fully managed network intrusion detection solution for Amazon Web Services
Data Breach Costs Drop
News  |  3/20/2012  | 
Better response plans, improved investigation experience, and customer fatigue from breach notifications result in lower costs overall.
Breach Fatigue? Cost Of A Data Breach Declines For The First Time
Quick Hits  |  3/20/2012  | 
New Ponemon study says cost to an organization hit by a breach fell to $5.5 million last year
Shanghai Police Investigate Database Of More Than 150 Million
Quick Hits  |  3/20/2012  | 
Personal information contained in huge database may have been obtained illegally, Roadway, D&B
GlobalSign Introduces Automated SSL Technology
News  |  3/19/2012  | 
ISPsystem integrates GlobalSign’s OneClickSSL technology in custom control panel
Web Services Single Sign-On Contain Big Flaws
News  |  3/19/2012  | 
Microsoft Research report shows how risky single sign-on can be without solid integration and better support from Web service providers like Google and Facebook
Duqu Code Written By Seasoned Programmers, Researchers Find
News  |  3/19/2012  | 
Another clue about Duqu solved that further confirms a highly sophisticated and well-backed operation, but the attackers are still not unmasked
Anonymous Linux OS Authors Still A Mystery
News  |  3/19/2012  | 
SourceForge pulled the Linux OS last week after security experts outlined risks, and regular Anonymous channels denounced it as a Trojan-laden fake. So who's behind it?
Who Leaked PoC Windows Exploit Code?
News  |  3/19/2012  | 
Accusations are flying
Microsoft Slams Windows Exploit Code Disclosure
News  |  3/19/2012  | 
Leaked proof-of-concept exploit code would give attackers remote-control access to an unpatched Windows PC.
Tech Insight: Getting A Handle On BYOD -- And Jailbroken Phones
News  |  3/16/2012  | 
Rolling out a mobile device management (MDM) solution is one option, but just how much control should you impose?
Context Serves Up CANAPE Security Assessment Tool At Black Hat Europe
News  |  3/16/2012  | 
CANAPE extends functionality of existing Web application testing tools
What's Next For Certificate Technology?
Quick Hits  |  3/16/2012  | 
The recent rash of breaches among certificate authorities has left a bad taste in enterprises' mouths. What's wrong with the technology, and how is it changing?
Nobody Cares About HIPAA
News  |  3/16/2012  | 
Compliance is seen mainly as a costly inconvenience in many organizations.
Security Fail: Apple iOS Password Managers
News  |  3/16/2012  | 
Claims of military-grade encryption on smartphones are vastly overstated by almost every maker of Apple iOS password safes, say researchers at Black Hat Europe.
How To Detect And Defend Against Advanced Persistent Threats
Quick Hits  |  3/16/2012  | 
There are no silver bullets for APTs, but there are steps your organization can take. Here's a look at what you can do
The End Of Vulnerabilities?
News  |  3/15/2012  | 
On a global scale, bugs are never going away, but in specific products, early evidence reveals that companies are having success in weeding out flaws
Federal Agencies Still Lag On FISMA Compliance
News  |  3/15/2012  | 
Half the 24 agencies reviewed by their own inspector generals last year slipped in compliance with the Federal Information Security Management Act. Only 7 achieved more than 90% compliance in areas such as security training and contingency planning.
Security's New Reality: Assume The Worst
News  |  3/15/2012  | 
A more fatalistic view that attackers have already infiltrated the organization presents a different way of looking at -- and marketing -- security
'The Internet Needs Crime,' Says Cryptography Pro
News  |  3/15/2012  | 
Speaking at Black Hat Europe, ICANN's Whitfield Diffie has obvious upsides for information security practitioners
Nobody Cares About HIPAA
Commentary  |  3/15/2012  | 
Compliance in many organizations is seen as only a costly inconvenience
How To Manage Identity In The Public Cloud
Quick Hits  |  3/15/2012  | 
One of the toughest parts of using cloud services is learning how to provision (and deprovision) user access. Here are some tips to help get you started
Rogue Domain Registrars Pose Challenges
News  |  3/14/2012  | 
Security experts are calling for more to be done to police rogue registrars
Slide Show: The (Not-So) Elite Eight In Higher Ed Breach Madness
Slideshows  |  3/14/2012  | 
Basketball has March Madness, but higher ed IT should be competing to stay out of the brackets for last year's worst breaches
Microsoft Flaw Demonstrates Dangers Of Remote Desktop Access
News  |  3/14/2012  | 
Fear is that attackers will soon come up with exploits for targeted attacks, worms
Data Theft Costs Tennessee Blue Cross Big Bucks
News  |  3/14/2012  | 
Blue Cross Blue Shield of Tennessee agrees to pay $1.5 million to settle case involving theft of 57 unencrypted hard drives that contained protected health information.
Typemock Introduces Isolator V7
News  |  3/14/2012  | 
New software cuts bug fix time by pinpointing the bug in the actual code
Using FISMA To Build Your Security Initiative
Quick Hits  |  3/14/2012  | 
Government compliance standards can help drive improvements in enterprise security
Malicious Proxies May Become Standard Fare
News  |  3/13/2012  | 
DNSChanger shows that funneling infected network traffic to central servers can enable massive fraud, but the technique has significant weaknesses, as well
APT-Type Attack A Moving Target
News  |  3/13/2012  | 
Malware just a small piece of the puzzle in advanced attacks, and traditional cybercriminals are also getting more 'persistent'
DOD Proposes Disposable Satellites To Aid Soldiers
News  |  3/13/2012  | 
DARPA's SeeMe program aims to use small disposable satellites to provide soldiers in remote locations with images of their surrounding terrain.
Dell Acquires Security Specialist SonicWall
News  |  3/13/2012  | 
SonicWall's Unified Threat Management systems will let Dell compete more effectively with the likes of Juniper and Check Point.
Use Google To Spot Network Security Holes
News  |  3/13/2012  | 
The bad guys use search engines to seek out weak spots. Here's how to beat them to the punch.
How Much Risk Does Stuxnet Pose To U.S.?
News  |  3/13/2012  | 
The debate persists: Should the feds supply security oversight for utilities to stop the next Stuxnet? Or can they really go it alone?
Hard Drive Shortages Spur Storage Efficiencies
News  |  3/13/2012  | 
User demand for more storage, rising hard disk drive prices lead IT to look for new ways to maximize resources.
How To Use Google To Find Vulnerabilities In Your IT Environment
Quick Hits  |  3/13/2012  | 
The bad guys use search engines to seek out weak spots. Here's how to beat them to the punch
Ron Was Wrong, Whit Is Right, And What You Need To Know
Commentary  |  3/13/2012  | 
Clarifying the technical findings on a weakness in RSA crypto keys and some recommendations on how to prepare and protect your assets from the next inevitable crypto weakness discovery
Keeping Compliance Costs Down With Data Classification
News  |  3/12/2012  | 
Know what data is where to reduce compliance burden
4 More Application Security Strategies For SMBs
News  |  3/12/2012  | 
Don't have the time, staff, or budget to go all-in on application security? Read this expert's take on how and what to prioritize.
10 Best Ways To Stop Insider Attacks
News  |  3/12/2012  | 
Consider the smartest ways that companies can detect, block, and investigate insiders with malicious motives. The advice comes from CERT and the Secret Service, after a review of hundreds of attacks.
Facebook Social Engineering Attack Strikes NATO
News  |  3/12/2012  | 
Top military commander in NATO targeted by attackers wielding fake Facebook pages. Some security watchers ask if Chinese culprits were involved.
Cloud Brokers Seek To Simplify, Secure Services
News  |  3/12/2012  | 
An original aim of the cloud was to simplify corporate infrastructure, but having a multitude of services has made networks complex and hard to manage. Can adding a third party make the cloud more secure?
Doman Generation Algorithms Quietly On The Rise, Researcher Says
Quick Hits  |  3/12/2012  | 
Thought to be dead, DGAs are increasingly being used for botnet command and control, Damballa says
<<   <   Page 2 / 4   >   >>


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.