Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
You're Infected With Malware. And You Don't Care.
Could it be true? Could there be thousands, if not more, Internet users infected with botnets, who know they're infected, and don't care enough to do anything about it?
Google Warns Users About Phishing
In advising users to be wary of clicking on links in e-mail messages or responding to requests for personal information, Google is trying to protect its own business.
Former UCLA Health Employee Charged With Selling Celeb Records To Media
The U.S. District Court indictment against a former administrative assistant does not appear related to leaks of Britney Spears' health information this year.
XP Service Pack Delay: What Else Is New?
Microsoft's on-again/off-again extension of support for XP may or may not be on-again, but the latest delay of the latest long-awaited XP Service Pack delay may strike some of us as the last straw.
Large Businesses Wrestle With Web 2.0
New capabilities turn security policies and practices on end, panelists say
Software Lets Enterprises Encrypt, Restrict Use of CD/DVD Media
New technology from Lumension encrypts data on CDs, prevents reading and writing without network authorization
When Bots Don't Care - Or Don't Know Enough to
Misguided apathy among consumers could be contributing to botnet proliferation
Will Code Viruses For Beer
A controversial contest at this year's Defcon hacker conference promises to reward the most successful virus writers.
Webroot to Launch Enterprise Web Filtering Service
Content filtering will be marketed alongside email management service
Microsoft Adds Two to Forefront Family
Remote access, edge security products now under Forefront umbrella
'USB Hacksaw' Still Sharp, Expert Says
Exploit allows hackers to dump data from thumb drives and email it to a remote location
Avoiding a Mesh Mess
Factor in security with Microsoft's new Live Mesh
New Scam: Hackers Use Phony Certificate To Seal Victims' ID-Fates
A new approach to password/account info-theft appeals to users' desire for enhanced protection, rather than directly asking for info. The scam asks users to install an important digital security certificate -- which is, of course, anything but secure.
Microsoft Blames Poor Coding Practices For Massive SQL Injection Attack
U.S. CERT recommends disabling JavaScript and ActiveX because of attacks that have compromised legitimate Web sites using Microsoft IIS Web Server and Microsoft SQL Server.
Windows XP Service Pack 3
While there's not a lot of big news or fanfare surrounding the imminent release of Windows XP Service Pack 3, there are a number of interesting security enhancements.
Those Social Networking Apps? Not as Safe as Your Employees Think
There's lots of talk about the time-wasting element inherent in social networking sites like MySpace and Facebook. Along comes yet another reason for a smaller business to block these sites: Security, or lack thereof.
Wireless Vulnerabilities Present Enterprise-Wide Threats, Expert Says
Wireless is the greatest threat to corporate networks since the emergence of the Internet, AirPatrol CEO says
'Long-Term' Phishing Attack Underway
New phishing exploit doesn't bother asking for passwords, and its stealthy malware hides out on victim's machine
Societe Generale Goat Gets IT Consulting Job
Man who singlehandedly cost financial services firm more than $7B is now giving advice
Interop Founder Dan Lynch Invests in Hot Security Startups
He was hacked by Kevin Mitnick in the '80s and recently had his identity stolen - but Lynch still has hope for making security strong and usable
Zero-Day Vulnerability Reported in Apple's QuickTime for Windows XP and Vista
Security consultancy GNUCitizen says an attacker could exploit the vulnerability by constructing a specially crafted QuickTime supported media file that allows remote code execution.
Astaro Survey Sez Your Security Spending Seems Recession-Proof. Really?
The results of a recent survey of small and midsize business IT security spending plans are being interpreted/marekted as signs that your security spending is "recession proof." A closer look suggests something quite different.
Exostar Set to Launch Federated Identity Service for Aerospace
Service vets and authenticates customers and trading partners for its members
Tech Insight: DIY Penetration Testing
When to conduct your own penetration test or to farm it out to a third party
Men More Likely Than Women to Fall for Internet Fraud
Guys lose $1.67 to every $1 lost by gals, ICCC says
Quick! Unplug Your Internet Connection!
According to the security vendor Sophos, one Web page is infected with malicious software every five seconds. Yeah, but it's probably mom-and-pop and porn Web sites with all of the infections, you say. Think again.
Small And Midsize Businesses' IT Security Budgets 'Recession-Proof'
Despite overall economic difficulties, survey respondents say they still plan to invest in technology this year.
McAfee And PlumChoice DoubleTeam For Remote Business Tech Services
The latest alliance targeting small and midsize business tech-needs is McAfee's just-announced linkup with PlumChoice to provide on-demand tech services to, well, to you.
Securing the Internet's DNS
Internet's .arpa, .org, and .uk domains soon to adopt DNSSEC
Tape Loss Stuns UK Retail Giant
It's a tale of the (stolen) tapes over at major British pharmacist Boots
Dish Says Hacker Hired to Break Into Its Network
Satellite TV drama unfolds in lawsuit over piracy
Focus On Managing Risk, Not Gruntwork
With large enterprises sporting hundreds of applications, firewalls, routers, and other networking devices -- and more than 139 newly announced vulnerabilities each week -- how do they know what vulnerabilities actually matter?
Are EMC And IBM Reliable Storage Bellwethers?
Their success is no guarantee of success for other vendors, but dismal results from these two companies would augur poorly for the rest of the storage industry, to say the least. And quite apart from my glass half-empty outlook, I'm not sure how much weight to give the recent positive financial performance from EMC and IBM.
Hard Drive Encryption Becomes Loaded-Laptop Hard Drive Feature
With nearly three-quarters of a million laptop and notebook computers lost or stolen each year, there's a better than good argument for equipping yourself and your remote staff with encrypted disks on their portable gear.
Border Agents Can Search Laptops Without Cause, Court Rules
The 3-0 decision is likely to extend to cell phones and other personal electronic devices.
Companies May Be Held Liable for Deals With Terrorists, ID Thieves
New and little-known regulations could mean fines, or even jail time, for companies that do business with bad guys
Researchers Infiltrate and 'Pollute' Storm Botnet
European botnet experts devise a method that disrupts stubborn peer-to-peer botnets like Storm
JavaScript Injection Attack Infects 'Hundreds of Thousands' of Websites
United Nations, UK government sites are among the victims
Market's Message to Security Pros: Adapt or Die
Shifts in economy, business are forcing re-prioritization in the IT security department, studies say
Physical Security Breaches Trump Vulnerabilities
When it comes to publicly disclosed breaches, chances are the root cause was a stolen system, not a hack.
Security Vulnerabilities Reported At Obama, Clinton Web Sites
Researchers said cross-site scripting problems found on the sites could result in anything from a harmless pop-up window to exposure to malicious software.
Infected Web Pages Nearly Triple
Sophos says that it discovered a new infected Web page every 5 seconds. In 2007, the company says, it saw new infected Web pages every 14 seconds.
New Malware Page Every Five Seconds: Sophos
Sophos released its Q1 2008 threat report today, and the news ain't good. In fact, it's three times as bad as last year -- that's how fast the threats are increasing. And increasing every five seconds.
Microsoft Report: Physical Data Theft, Trojans Up; Bug Disclosure Down
Trojan attacks jump by 300 percent, but publicly disclosed vulnerabilities reach three-year ebb
eBay Turns Up the Heat on Fraudsters
Special cookies will help online marketplace separate legitimate sellers from identity thieves
Crank Up The Volume
If storage were an audio receiver, we'd be flirting with that "9" or "10" mark on that big black dial. But we're talking capacity here (and maybe speed), as vendors appear to bend the rules of physics by cramming more bytes than any space or drive should be able to accommodate.
Microsoft's Security Development Life Cycle (SDL) Metrics: Microsoft Can Do Better
Microsoft can, and should, provide more insight into how well its security development life cycle is working.
Ooops -- Microsoft Nags More Office Users Than It Meant To
Microsoft's latest attempt to track down illegitimate copies of its programs -- in this case Office -- went a bit (and way more than a bit) farther than the company intended last week when it released an Office piracy detector worldwide, instead of to the four countries the program targeted.
New Tool Lets Enterprises Manage Security on Multiple Linux Servers
Trusted Computer Solutions readies software that can 'lock down' servers running Red Hat, CentOS, or Oracle Enterprise Linux
|
Improving Enterprise Cybersecurity With XDREnterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
