Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in April 2008
<<   <   Page 4 / 4
Apple Issues QuickTime Security Fix
News  |  4/4/2008  | 
Apple patched 11 vulnerabilities, nine of which might have allowed an attacker to execute malicious code on a victim's machine.
U.S. Health Agency Forbids Sensitive Data On Apple MacBooks
News  |  4/4/2008  | 
Employees who store medical records on laptops must use systems that run either on Microsoft's Windows operating system or Linux.
FBI Cybercrime Figures: Losses Up, Crimes Down
Commentary  |  4/4/2008  | 
The new FBI cybercrime figures offer plenty of statistics to scare us, even more to keep us on our toes, and a smidgen of hope among the bad news.
States Get Extensions On Real ID Act
News  |  4/4/2008  | 
The U.S. Department of Homeland Security has granted extensions to every state as well as the District of Columbia and all five U.S. territories.
Inconvenient Lack of Truth
News  |  4/4/2008  | 
We'll never be able to fix our security problems until we start truthfully sharing breach information
'Transient' Hacks Become Attackers' New Favorites
News  |  4/4/2008  | 
Some attackers now prefer making quick, precision strikes on a Website to evade detection -- and then moving on to another one
KeyCorp Unlocks Method for Extending Single Sign-on
News  |  4/4/2008  | 
Financial services firm looks to stretch SSO to business partners
Study: Cell Phone Talkers Need to Shut Up
Quick Hits  |  4/4/2008  | 
Vodafone research shows all that yammering in public places may lead to loss of business and personal data
Microsoft Ready To Patch Eight Security Flaws Next Week
Commentary  |  4/3/2008  | 
The software maker's monthly batch even includes important fixes for Microsoft Vista Service Patch (I mean Pack) 1.
A Federal Indictment, That's What
Commentary  |  4/3/2008  | 
Stop me if you've heard this one: What do you get if you try to board a flight to China while carrying confidential documents, a thumb drive, four external hard drives, 29 recordable CDs, a videotape, and $30,000 in cash?
Random Search Stops $600 Million In Trade Secrets Bound For China
News  |  4/3/2008  | 
The feds have indicated a software engineer who was flying to China with confidential technical documents, a thumb drive, four external hard drives, 29 recordable compact discs, and a videotape.
Microsoft Plans Five 'Critical' Security Updates For Windows, Explorer
News  |  4/3/2008  | 
The fixes apply to Windows Vista, Windows XP, Windows 2000, Windows Server 2003, and Windows Server 2008.
Next-Gen Crypto Method Will Help Secure Mobile Apps
News  |  4/3/2008  | 
Certicom will demo new Elliptic Curve Cryptography (ECC)-based mobile ticketing, RFID tag technologies at the RSA conference
Security Market Gets Physical
Commentary  |  4/3/2008  | 
Historically, enterprise security consisted of putting a deadbolt lock on the front door. Hackers hijinks shifted companies attention to computer system breaches, but recently a sense of dj vu has arisen as corporations are again focusing on physical security.
Confident or Clueless? Majority of Americans Feel Safe Online
Quick Hits  |  4/3/2008  | 
Even as malware rises to epidemic proportions, users say 'no worries,' according to StopBadware.org poll
Enterprise Networks Rife With Unauthorized Apps, Study Says
News  |  4/3/2008  | 
Employees use variety of tactics to circumvent IT policies and misuse the corporate network
A Paradigm Spins Down
Commentary  |  4/2/2008  | 
Which is better (and less cliché) than a paradigm that shifts, in my opinion. But based on public and private comments from readers, it's well past time to do away with these fault-prone spinning platters called storage arrays. Here's why.
Only 2% Of Internet Traffic is 'Raw Sewage'
Commentary  |  4/2/2008  | 
This figure, recently touted by Arbor Networks, strikes me as very low.
Halvar Flake: Reverse-Engineered
News  |  4/2/2008  | 
Security expert Thomas Dullien chats about Vikings, VCs, guinea pigs, and his flap with US Customs
Grocery Data Breach Offers Important Endpoint Lessons
Commentary  |  4/2/2008  | 
The data breach that struck 300 or so of grocery retailer Hannaford Bros.' stores and snatched over 4 million credit and debit card numbers carries some important lessons in how not to secure your network -- and your customers' private information.
Davidson Cos. Sued for Negligence in Data Breach
Quick Hits  |  4/2/2008  | 
Lawsuit confirms that companies can be held liable for failing to provide adequate security
RSA Takes Suite Approach to Data Leak Prevention
News  |  4/2/2008  | 
Next-gen technology can inspect data, classify it, and apply policies on how to secure it
Mission Creep And Storage
Commentary  |  4/1/2008  | 
Anyone who has ever worked in an organization of, say, more than 50 people is aware of the phenomenon of mission-creep. It's always clear that it has occurred when the person whose initial job was ordering Post-its finds himself handling quality control, handling "external relations" (whatever that is), and traveling two-thirds of the time to make sure branch offices are using the right copying paper. Does any of this ring a bell for today's storage professionals?
Universal Malware Defense Found -- By Accident!
Commentary  |  4/1/2008  | 
What we've all been waiting for seems to have arrived -- a universal and perpetual, unbreachable defense against malware in its many forms. And like most great breakthroughs, this one came about unexpectedly.
A Peek at ISP DDOS, Spam Traffic Trends
News  |  4/1/2008  | 
An average of 1,300 distributed denial-of-service attacks hit each day, according to data from Arbor Networks's ISP customers
New Reality TV Show Pits Hackers Vs. Nature
Quick Hits  |  4/1/2008  | 
Britney to host series that challenges hackers to create exploits -- without tools
'Fight Club' Aims to Test Pornography Filters
News  |  4/1/2008  | 
Last year, it proved that antivirus products don't stop all viruses. Now Untangle prepares to show how much porn can escape 'safe' content filters
A Little Small-Mindedness
Commentary  |  4/1/2008  | 
Who says old molecules can't be taught new tricks? Japanese researchers have concocted a new molecule that reverses cirrhosis damage -- at least in lab rats. So as you contemplate the wisdom of that next beer, let us marvel at other small-scale breakthroughs in storage.
<<   <   Page 4 / 4


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-32411
PUBLISHED: 2022-07-01
An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.
CVE-2022-32412
PUBLISHED: 2022-07-01
An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.
CVE-2022-34903
PUBLISHED: 2022-07-01
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
CVE-2022-32324
PUBLISHED: 2022-07-01
PDFAlto v0.4 was discovered to contain a heap buffer overflow via the component /pdfalto/src/pdfalto.cc.
CVE-2022-32325
PUBLISHED: 2022-07-01
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.