Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in April 2010
Page 1 / 4   >   >>
Microsoft Issues Workaround For Serious SharePoint Vulnerability
Commentary  |  4/30/2010  | 
While not a complete patch, the software maker has issued guidance detailing how to mitigate a serious vulnerability that places corporate data at-risk to snooping and theft.
Hacker Of Sarah Palin's E-Mail Found Guilty
News  |  4/30/2010  | 
Palin calls violating the law for political gain 'repugnant.'
Sending Email, Web Security To The Cloud
Commentary  |  4/30/2010  | 
E-mail and Web security outsourcing are gaining more momentum as resource-strapped companies look for ways to tighten their IT belts. IT shops are constantly being asked to do more with less, and it's often security that gets more budget cuts since it's an IT area that doesn't contribute directly to a company making money.
IT Pros Doubt Security Of Virtualized Environments, Study Says
Quick Hits  |  4/30/2010  | 
Majority of survey respondents don't think current security tools and practices will cut it in the cloud
Storage Checkers Vs. Chess
Commentary  |  4/30/2010  | 
Checkers is a two dimensional game where all the pieces have the same ability. Its about covering space. Chess is a complex three dimensional game where all the pieces have different capabilities and there is one common target: the enemy's king. In storage some features begin to look like checkers because they have become so commonplace, but when you dig deeper you find that the capabilities of these features between vendors vary greatly.
Healthcare Not Up To Task Of Securing Electronic Medical Records, Experts Say
News  |  4/30/2010  | 
Healthcare organizations with established databases are typically behind other industries in how they secure their data stores
Apple CEO Steve Jobs Lashes Out Against Adobe's Flash
News  |  4/30/2010  | 
Flash had 'one of the worst security records in 2009,' says Jobs in a major offensive against Adobe
Al Qaeda Implicated In Cyberattacks
Commentary  |  4/30/2010  | 
Some papers recently became publicly available in the case of terrorism suspect Mohamedou Ould Slahi, accused of being one of Al-Qaeda's top recruiters. The papers revealed Al-Qaeda hacking activity, which demonstrates what proof of accountability in Internet attacks is, and how many of us jump to conclusions about countries, such as China, without it.
Symantec To Buy PGP, GuardianEdge For $370 Million
News  |  4/30/2010  | 
The data encryption firms offer technology for standards-based encryption of full-disks, removable media, files, folders and smartphones.
Symantec Takes $370 Million Plunge Into Encryption Market
News  |  4/29/2010  | 
Acquisitions of PGP, GuardianEdge will make security giant an immediate player, experts say
Study: Application Security Not An Enterprise Priority
Quick Hits  |  4/29/2010  | 
Seventy percent say their organizations don't consider application security a strategic initiative, Ponemon Institute survey finds
Researchers Lock Down The Hypervisor
News  |  4/29/2010  | 
Prototype prevents 'Blue Pill' and other types of malware-injection attacks against the hypervisor
Product Watch: BreakingPoint To Roll Out 'Cyber Tomography Machine'
News  |  4/29/2010  | 
New testing platform scores the security of an organization's overall infrastructure and its resiliency to attack
Data Breaches More Costly In U.S. Than Elsewhere
Commentary  |  4/29/2010  | 
Data breaches cost U.S. companies twice as much as they do in other countries, according to a new Ponemon Institute study. Which adds up to twice as many reasons not to get breached!
Fixing Storage Utilization Without A Refresh
Commentary  |  4/29/2010  | 
In the final part of our storage utilization series we address how to improve storage utilization without refreshing the storage itself. This is, unfortunately, the most difficult way to improve storage utilization.
Federal Agencies Wrestle With Cybersecurity's Harsh Realities
News  |  4/28/2010  | 
Sophistication of attacks, shortage of resources lead agency IT chiefs to focus less on perfect security -- and more on risk management
When It Comes To Data Breaches, U.S. Most Costly
Commentary  |  4/28/2010  | 
Research published today shows that the average cost of a data breach, globally, is about $3.43 million per incident and $142 per compromised record. But that's not the entire story.
San Francisco Password-Hijacker Found Guilty
Quick Hits  |  4/28/2010  | 
Terry Childs faces five-year prison sentence for locking out city bosses from network
Storm Worm Reappears
News  |  4/28/2010  | 
Slightly revamped version of original malware used by the infamous Storm botnet being actively spammed -- and spreading
Ex-IT Admin Convicted In San Francisco
News  |  4/28/2010  | 
The felony conviction could put former San Francisco network engineer Terry Childs in prison for up to five years for withholding passwords to the city's computer network.
Microsoft SIR, Dissected
Commentary  |  4/28/2010  | 
Microsoft published Version 8 of its Security Intelligence Report (SIR) this week. The report covers the second half of 2009 and is a massive piece of information with almost 250 pages.
Costs Of Data Breaches Much Higher In U.S. Than In Other Countries, Study Says
News  |  4/28/2010  | 
Legal requirements for disclosure, notification add high expense to data compromise, Ponemon research says
Medical Records Keep Getting Dumped
Commentary  |  4/27/2010  | 
Why were possibly thousands of private patient records found dumped outside the closed offices of a physical therapy center?
Report: Tier 1 Merchants Pay $122,000 More For PCI Assessments
Quick Hits  |  4/27/2010  | 
Ponemon Institute/Thales survey PCI DSS security assessment firms about next version of PCI
Security Services Improve, But Bargains Few
News  |  4/27/2010  | 
Enterprises more focused on quality and functionality of services than on cost, experts say
McAfee Offers Compensation To Enterprise Customers Hit By Faulty AV Update
News  |  4/27/2010  | 
Businesses affected by the errant AV update get free one-year subscription to automated security health-check platform
Senators Seek FTC Rules For Social Networking
News  |  4/27/2010  | 
Facebook's expanded information sharing has prompted a call for regulation.
CIA Unveils Five-Year Strategy Plan
News  |  4/27/2010  | 
CIA 2015, released this week, seeks to ensure the agency remains in step with current national security challenges, such as cyber threats
Trusting 'Trusted' Sites Again
Commentary  |  4/27/2010  | 
I've been teaching a user security awareness and training course to faculty and staff at our university. One of the great aspects of the class is the discussions that develop out of the participants' questions, like the security of social networks and how to use wireless securely while on the road. Lately, I've been getting one question more and more often: How do I know if a site is safe?
CIA Boosting Cybersecurity Investment
News  |  4/27/2010  | 
Preventing and fighting cyber threats is one of three priorities in the agency's five-year plan.
Supreme Court To Review Video Game Law
News  |  4/26/2010  | 
At issue is whether video games deserve the free speech protection afforded other forms of expression.
More Than 40 Percent Of U.K. Users Say They Have Been Fraud Victims
Quick Hits  |  4/26/2010  | 
More than one-third of victims say they were never reimbursed by their banks
Microsoft: Enterprises Hit Hardest By Worms; Consumers By Trojans And Adware
News  |  4/26/2010  | 
Rogue AV was the common denominator threat to all users, according to findings in the new Microsoft Security Intelligence Report
Bad Guys Take Aim At iPad Users
News  |  4/26/2010  | 
Scam involves spam e-mail messages addressed to iPad users
FCC Takes Control Of Public Safety Network
News  |  4/26/2010  | 
The Federal Communication Commission intends to save $18 billion on its nationwide broadband public safety network by piggybacking on commercial network build-outs.
Apple iPad Used As Scam Bait
News  |  4/26/2010  | 
Cybercriminals are sending out malicious e-mail that targets iPad users, a sure sign that the device has been selling well.
What To Look For In A Primary Storage Refresh
Commentary  |  4/26/2010  | 
In our last entry we covered how the potential to increase storage utilization may help justify a storage refresh. If you are in a position to refresh your primary storage platform or you think the last entry may help you do that a little sooner than normal, what should you be looking for in your next storage platform?
FBI Names Cyber Division Chief
News  |  4/26/2010  | 
Gordon Snow has experience working on counterterrorism and cybercrimes in Silicon Valley and led the effort to draft a government-wide Cyber Counterintelligence Plan.
McAfee's Mess, SEC's Sex Problem And What SMBs Can Learn From Each
Commentary  |  4/26/2010  | 
Last week's McAfee release of a virus def file that didn't play well (to say the least!) with Windows XP SP3, along with unrelated revelations about the amount of pornsurfing going on at the SEC offers the chance to think a little bit about each problem -- and what your business has done and can do to avoid getting tagged by similar ones.
How Well Do Hospitals Protect Your Data? Abysmally
Commentary  |  4/24/2010  | 
A just released survey of about 200 compliance executives in hospitals from around the country shows that data breaches and medical identity theft continue to soar.
Google Sued Over Search Suggestion
News  |  4/23/2010  | 
A Wisconsin resident blames Google for Web content that links her name to a drug for sexual dysfunction.
Qakbot Worm Steals 2 GB Of Confidential Data Per Week, Researchers Say
Quick Hits  |  4/23/2010  | 
Data-stealing W32.Qakbot worm continues to penetrate enterprises, Symantec says
Blippy Leaks Four Credit Card Numbers
News  |  4/23/2010  | 
Social exhibitionism meets Google Search and learns that one can share too much information.
Tech Insight: When To Pull The Outsourcing Trigger
News  |  4/23/2010  | 
Outsourcing security functions can work -- if the conditions are right
WinMagic eStore Sells SecureDoc FDE For $99
News  |  4/23/2010  | 
eStore protects all data on Windows or Mac desktops, laptops, tablets and removable media
Cybercriminal Advertising: 1.5 Million Stolen Facebook Accounts For Sale
News  |  4/23/2010  | 
Going price starts at $25 for package of 1,000 accounts
Crippling McAfee Virus Update Could Have Long-Term Fallout
News  |  4/22/2010  | 
McAfee says it didn't fully test errant DAT file on XP Service Pack 3; some tens of thousands of PCs reportedly hit
DHS Fills Key Cybersecurity Posts
News  |  4/22/2010  | 
Department of Homeland Security hires fill leadership gaps at US-CERT and the National Cyber Security Division, two of the most important players in the nation's critical security infrastructure.
Pair Of Fines Levied On Breached Companies Show Real Costs Of Database Hacks
News  |  4/22/2010  | 
Fidelity National Information Services subsidiary, Davidson & Company each penalized hundreds of thousands of dollars by regulatory agencies
New Policy Revamps Agencies' Approach To FISMA Compliance
News  |  4/22/2010  | 
Guidance takes a 'three-tiered approach'
Page 1 / 4   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-10-18
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions an attacker with read access to a "SVN core" repository could execute arbitrary SQL queries. The following versions contain the fix: Tuleap Community Edition 11.1...
PUBLISHED: 2021-10-18
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following versions contain the fix...
PUBLISHED: 2021-10-18
OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere on t...
PUBLISHED: 2021-10-18
The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. Thi...
PUBLISHED: 2021-10-18
anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browser_today hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions prior to, it was possible to craft ...