Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in April 2008
<<   <   Page 2 / 4   >   >>
Server Theft Exposes Data on 700,000 Consumers
Quick Hits  |  4/21/2008  | 
Break-in at debt collection company puts Indiana citizens' personal information at risk
'Provider-in-the-Middle Attacks' Put Major Websites, Users at Risk
News  |  4/21/2008  | 
Researchers discover that ad servers from over 70 ISPs, such as Earthlink and Comcast, put trademarked sites - and users who visit them - at risk of cross-site scripting, other attacks
Functional Encryption: Making It Hard for Intruders, Easy for Programmers
Commentary  |  4/20/2008  | 
What's the biggest problem in data security these days? Would you believe it's the widespread use of "trusted servers" to store and secure data, at least according to Amit Sahai, Brent Waters, and Jonathan Katz.

Dedupe's Big Week
Commentary  |  4/18/2008  | 
Data Domain and Quantum get smacked around pretty good over how "in-line" their products really are. IBM bought Diligent. And deduplication-come-latelies ExaGrid and FalconStor add new gear to the mix. Geez, maybe there really is a market here.
JFK And LAX Get Scanners That See Through Clothes
News  |  4/18/2008  | 
Despite privacy concerns, TSA says 90% of passengers who are subject to secondary screening opt for a millimeter wave scan over a pat down.
IBM Acquires Storage De-Duplication Company Diligent
News  |  4/18/2008  | 
Diligent, whose technology provides single-instance storage, is the third storage-related acquisition for IBM since January.
E-mail Security System Keeps An Eye Out For You -- But Not On You
Commentary  |  4/18/2008  | 
A new free (for now) mail encryption service uses shared-key question and answer encryption to make sure you and your recipient are the only ones who know what you're corresponding about.
2008 Could Be Record Year for Breaches
Quick Hits  |  4/18/2008  | 
More than 8 million Americans' data has been exposed so far this year, first-quarter study says
Universities Rocked by Data Thefts
News  |  4/18/2008  | 
The Universities of Miami and Virginia acknowledge lost data on stolen tapes and laptops
An Rx for Doctors Suffering From Spam Attacks
News  |  4/18/2008  | 
Health Care Notification Network (HCNN) for physicians aims to streamline alerts, as well as protect doctors from spam and other attacks
Enterprises Slow Fight Against Malicious Code
News  |  4/18/2008  | 
Most organizations believe they are more secure than a year ago, BT study finds
Ever Lose A Smartphone?
Commentary  |  4/17/2008  | 
I've lost a number of them, and each time I've left behind a smartphone or PDA, I've worried not so much about the device -- but the personal data it holds. Kaspersky Lab is offering what could be a viable solution.
Sweets For The Cheats: Like Passwords For Chocolate
Commentary  |  4/17/2008  | 
It's silly -- and sexist -- season again, as a European security conference lets us know, as it does every year, just how easy it is to acquire passwords from workers. Namely, how many passwords can you get in exchange for a bit of chocolate?
Hifn Hitches Storage to Security
News  |  4/17/2008  | 
Vendor boils encryption and iSCSI SANs into a hardware/software combo
XKL Finds A Niche
News  |  4/17/2008  | 
Its DWDM appliance gives companies a new option for adding services or increasing bandwidth.
24 Digital Spy Tools To Capture, Protect, And Secure Data
News  |  4/17/2008  | 
To catch a data thief, you'll need discreet audio and video recorders, tiny cameras, keystroke loggers, and a trove of other 007-worthy digital security, monitoring, and surveillance devices.
What Are Your Employees Doing on the Road?
Commentary  |  4/17/2008  | 
Trust can be a trait that takes long time to develop but can be quickly broken. If your company trusts its employees to use the Internet judiciously on the road, then it may be time to rethink that position.
Customers Ticked Off Over Breach Notification
Quick Hits  |  4/17/2008  | 
Majority of customers have had their data exposed more than once, study says
When You Spring A Wikileak
Commentary  |  4/17/2008  | 
When thinkers of big thoughts talk about the democratizing effect of technology, they needn't look a whole lot further than Wikileaks or LiveLeak. Incendiary anti-Muslim video, copies of documents from Guantanamo -- this stuff leaves the Huffington Post and other Web 2.0 "news" sites in the dust.
Security, IT Operations, Compliance & Privacy Converge in Data Center
News  |  4/17/2008  | 
Formerly disconnected disciplines find themselves working together
Good News: After Breach, Consumers Vote With Their Feet
Commentary  |  4/16/2008  | 
Survey results show that nearly one-third of consumers terminate their relationship with an organization following a security breach.
Women More Likely Than Men To Surrender Security For Chocolate
News  |  4/16/2008  | 
The overall percentage of London office workers willing to trade their computer passwords for a few moments of chocolaty goodness was down two-thirds compared to 2007.
CEO Spam Scam: Phishing For Big Fish
Commentary  |  4/16/2008  | 
A new targeted spam campaign uses fake federal subpoenas to trick CEOs into clicking on a malware link. One source indicates that 15-20,000 spams went out. And amazingly, about 10 percent of the recipients responded!
Women Are Four Times More Likely to Give Up Passwords for Chocolate
Quick Hits  |  4/16/2008  | 
But overall willingness to give up passwords has dropped sharply since 2007, study finds
Wireless Security Gets Boost From New Round of Products
News  |  4/16/2008  | 
Wireless isn't the problem child it used to be, but authentication and management still challenge enterprises
Data in Motion, And At Rest
Commentary  |  4/15/2008  | 
As an IT professional, which one worries you more? And what do you do about a technology like RFID that splits the difference between those two conditions -- stationary, yet traveling across the airwaves, and god knows where else?
Is It Time For Security To Go On The Offense?
Commentary  |  4/15/2008  | 
Security researcher Joel Eriksson recently demonstrated how security vulnerabilities within hacker attack tools can be used to turn the tide on online criminals.
L.A. Port To Use Unisys' Biometric Access Control
News  |  4/15/2008  | 
Unisys has integrated several other large-scale identity programs, including Australia's passport system with biometric passports.
Spear-Phishing Attack Uses Fake Subpoenas To Steal From CEOs
News  |  4/15/2008  | 
iDefense estimates that the attack went out to about 15,000 to 20,000 executives, resulting in about 1,800 confirmed malware victims.
PayPal Outlines Strategy to Slow Phishing
News  |  4/15/2008  | 
Web's biggest phishing target published multi-layered plan to reduce delivery of fake emails and warn users of phishing sites
Startup Launches Tool That Analyzes & Maps Network Architecture for Risk
Quick Hits  |  4/15/2008  | 
Athena Security goes public and shows off its new tool for determining the risks posed by network configurations
CISO: More Strategic Thought Needed
Commentary  |  4/14/2008  | 
The time has come for chief information security officers to become less tactical, more strategic.
E-Ignorance Can Be Bliss
Commentary  |  4/14/2008  | 
I missed something that was staring me in the face. It wasn't something huge or important, like, "Oh, look, Hillary Clinton's really trying to be nice this week." No, what I happily missed were online ads served up by Evite alongside the "Come to dinner" verbiage. This offense apparently is enough for the New York Times to proclaim the site as the ruination of parties in our modern e-times. But what if we forget
Oracle Plans 41 Patches For Tuesday
News  |  4/14/2008  | 
The number of published proof-of-concept exploits for Oracle products last year supports research noting an increase in attacks on applications.
Thumbs Down: Flash Drives Are Bigger Threat Than Many Of You Know
Commentary  |  4/14/2008  | 
The sheer convenience and affordability of flash drives is matched -- and more than matched -- by the threat potential they possess. And that's according to one of the drives' leading manufacturers.
CA Exec: Security Pros Need to Be Unburied From the Org Chart
News  |  4/14/2008  | 
To succeed, IT security must raise its profile in the business, says former CIO
RSA: Hashing Out Encryption
News  |  4/14/2008  | 
Vendors at RSA 2008 rolled out tools that make encryption easier to use and manage
New York Hospital Worker Arrested for Stealing 50,000 Patient Records
Quick Hits  |  4/14/2008  | 
Theft was discovered by police, not hospital IT staff
Spoofing WiFi Positioning (and the Boss)
Commentary  |  4/14/2008  | 
The boss wants it both ways. On one hand, she doesn't like me hanging around the office, disrupting a normal, pleasant working environment. On the other hand, she wants to know where I am at all times -- right, like I'm going to tell.

The Temperature Of Storage
Commentary  |  4/12/2008  | 
Why can't I look away from the morning weather report, or just turn the page when I come across the odds-makers' lines on the sports section? Maybe it's the control freak in me. Or that I want to believe some mere mortal really knows how this will all turn out. Maybe I just want information, even if it's deemed reliable but not guaranteed. I try to remember all this as I read the temperature taking going on in the storage industry, against a backdrop of bankruptcies, foreclosures, and r
Study Finds 'Alarming' Ignorance About Cybercrime
News  |  4/11/2008  | 
"Consumers' unsecured computers play a major role in helping cybercriminals conduct cybercrimes," the National Cyber Security Alliance warns.
Microsoft Calls On Net Advertisers To Adopt Privacy Standards
News  |  4/11/2008  | 
The company told the FTC that Internet advertising companies should adopt a five-tiered system of standards to protect consumer privacy.
Panel: DLP Outlook Hopeful, But No Silver Bullet
News  |  4/11/2008  | 
Data loss protection technology is getting real, experts say, but it won't stop determined insiders by itself
Tech Insight: Virtualization Gets Personal
News  |  4/11/2008  | 
As tools open up avenues for desktop virtualization, enterprises must choose the right security path
Al Gore Bans Press at RSA
Quick Hits  |  4/11/2008  | 
Keynote on green technologies makes reporters see red
Mirrored Excitement
Commentary  |  4/11/2008  | 
I haven't seen the storage blogosphere this atwitter since Dan Warmenhoven's testy exchange with some analysts or EMC blindsided the industry with its support for solid-state drives. But Atrato and Xiotech have generated real buzz this week ove
Security Is No Longer About The Operating System
Commentary  |  4/10/2008  | 
Now that Adobe has updated its graphics and video software, a near ubiquitous security vulnerability has been fixed.
Sensitive Military Gear Hawked On eBay, Craigslist
News  |  4/10/2008  | 
GAO investigators were able to buy two F-14 components from separate sellers, special night-vision goggles, body armor vests, and body armor protective plates.
Down To Business: It's Past Time To Elevate The Infosec Conversation
Commentary  |  4/10/2008  | 
At the RSA conference, the security discussion was about helping customers innovate and deliver business value.
<<   <   Page 2 / 4   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-32411
PUBLISHED: 2022-07-01
An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.
CVE-2022-32412
PUBLISHED: 2022-07-01
An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.
CVE-2022-34903
PUBLISHED: 2022-07-01
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
CVE-2022-32324
PUBLISHED: 2022-07-01
PDFAlto v0.4 was discovered to contain a heap buffer overflow via the component /pdfalto/src/pdfalto.cc.
CVE-2022-32325
PUBLISHED: 2022-07-01
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.