Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in April 2010
Page 1 / 4   >   >>
Microsoft Issues Workaround For Serious SharePoint Vulnerability
Commentary  |  4/30/2010  | 
While not a complete patch, the software maker has issued guidance detailing how to mitigate a serious vulnerability that places corporate data at-risk to snooping and theft.
Hacker Of Sarah Palin's E-Mail Found Guilty
News  |  4/30/2010  | 
Palin calls violating the law for political gain 'repugnant.'
Sending Email, Web Security To The Cloud
Commentary  |  4/30/2010  | 
E-mail and Web security outsourcing are gaining more momentum as resource-strapped companies look for ways to tighten their IT belts. IT shops are constantly being asked to do more with less, and it's often security that gets more budget cuts since it's an IT area that doesn't contribute directly to a company making money.
IT Pros Doubt Security Of Virtualized Environments, Study Says
Quick Hits  |  4/30/2010  | 
Majority of survey respondents don't think current security tools and practices will cut it in the cloud
Storage Checkers Vs. Chess
Commentary  |  4/30/2010  | 
Checkers is a two dimensional game where all the pieces have the same ability. Its about covering space. Chess is a complex three dimensional game where all the pieces have different capabilities and there is one common target: the enemy's king. In storage some features begin to look like checkers because they have become so commonplace, but when you dig deeper you find that the capabilities of these features between vendors vary greatly.
Healthcare Not Up To Task Of Securing Electronic Medical Records, Experts Say
News  |  4/30/2010  | 
Healthcare organizations with established databases are typically behind other industries in how they secure their data stores
Apple CEO Steve Jobs Lashes Out Against Adobe's Flash
News  |  4/30/2010  | 
Flash had 'one of the worst security records in 2009,' says Jobs in a major offensive against Adobe
Al Qaeda Implicated In Cyberattacks
Commentary  |  4/30/2010  | 
Some papers recently became publicly available in the case of terrorism suspect Mohamedou Ould Slahi, accused of being one of Al-Qaeda's top recruiters. The papers revealed Al-Qaeda hacking activity, which demonstrates what proof of accountability in Internet attacks is, and how many of us jump to conclusions about countries, such as China, without it.
Symantec To Buy PGP, GuardianEdge For $370 Million
News  |  4/30/2010  | 
The data encryption firms offer technology for standards-based encryption of full-disks, removable media, files, folders and smartphones.
Symantec Takes $370 Million Plunge Into Encryption Market
News  |  4/29/2010  | 
Acquisitions of PGP, GuardianEdge will make security giant an immediate player, experts say
Study: Application Security Not An Enterprise Priority
Quick Hits  |  4/29/2010  | 
Seventy percent say their organizations don't consider application security a strategic initiative, Ponemon Institute survey finds
Researchers Lock Down The Hypervisor
News  |  4/29/2010  | 
Prototype prevents 'Blue Pill' and other types of malware-injection attacks against the hypervisor
Product Watch: BreakingPoint To Roll Out 'Cyber Tomography Machine'
News  |  4/29/2010  | 
New testing platform scores the security of an organization's overall infrastructure and its resiliency to attack
Data Breaches More Costly In U.S. Than Elsewhere
Commentary  |  4/29/2010  | 
Data breaches cost U.S. companies twice as much as they do in other countries, according to a new Ponemon Institute study. Which adds up to twice as many reasons not to get breached!
Fixing Storage Utilization Without A Refresh
Commentary  |  4/29/2010  | 
In the final part of our storage utilization series we address how to improve storage utilization without refreshing the storage itself. This is, unfortunately, the most difficult way to improve storage utilization.
Federal Agencies Wrestle With Cybersecurity's Harsh Realities
News  |  4/28/2010  | 
Sophistication of attacks, shortage of resources lead agency IT chiefs to focus less on perfect security -- and more on risk management
When It Comes To Data Breaches, U.S. Most Costly
Commentary  |  4/28/2010  | 
Research published today shows that the average cost of a data breach, globally, is about $3.43 million per incident and $142 per compromised record. But that's not the entire story.
San Francisco Password-Hijacker Found Guilty
Quick Hits  |  4/28/2010  | 
Terry Childs faces five-year prison sentence for locking out city bosses from network
Storm Worm Reappears
News  |  4/28/2010  | 
Slightly revamped version of original malware used by the infamous Storm botnet being actively spammed -- and spreading
Ex-IT Admin Convicted In San Francisco
News  |  4/28/2010  | 
The felony conviction could put former San Francisco network engineer Terry Childs in prison for up to five years for withholding passwords to the city's computer network.
Microsoft SIR, Dissected
Commentary  |  4/28/2010  | 
Microsoft published Version 8 of its Security Intelligence Report (SIR) this week. The report covers the second half of 2009 and is a massive piece of information with almost 250 pages.
Costs Of Data Breaches Much Higher In U.S. Than In Other Countries, Study Says
News  |  4/28/2010  | 
Legal requirements for disclosure, notification add high expense to data compromise, Ponemon research says
Medical Records Keep Getting Dumped
Commentary  |  4/27/2010  | 
Why were possibly thousands of private patient records found dumped outside the closed offices of a physical therapy center?
Report: Tier 1 Merchants Pay $122,000 More For PCI Assessments
Quick Hits  |  4/27/2010  | 
Ponemon Institute/Thales survey PCI DSS security assessment firms about next version of PCI
Security Services Improve, But Bargains Few
News  |  4/27/2010  | 
Enterprises more focused on quality and functionality of services than on cost, experts say
McAfee Offers Compensation To Enterprise Customers Hit By Faulty AV Update
News  |  4/27/2010  | 
Businesses affected by the errant AV update get free one-year subscription to automated security health-check platform
Senators Seek FTC Rules For Social Networking
News  |  4/27/2010  | 
Facebook's expanded information sharing has prompted a call for regulation.
CIA Unveils Five-Year Strategy Plan
News  |  4/27/2010  | 
CIA 2015, released this week, seeks to ensure the agency remains in step with current national security challenges, such as cyber threats
Trusting 'Trusted' Sites Again
Commentary  |  4/27/2010  | 
I've been teaching a user security awareness and training course to faculty and staff at our university. One of the great aspects of the class is the discussions that develop out of the participants' questions, like the security of social networks and how to use wireless securely while on the road. Lately, I've been getting one question more and more often: How do I know if a site is safe?
CIA Boosting Cybersecurity Investment
News  |  4/27/2010  | 
Preventing and fighting cyber threats is one of three priorities in the agency's five-year plan.
Supreme Court To Review Video Game Law
News  |  4/26/2010  | 
At issue is whether video games deserve the free speech protection afforded other forms of expression.
More Than 40 Percent Of U.K. Users Say They Have Been Fraud Victims
Quick Hits  |  4/26/2010  | 
More than one-third of victims say they were never reimbursed by their banks
Microsoft: Enterprises Hit Hardest By Worms; Consumers By Trojans And Adware
News  |  4/26/2010  | 
Rogue AV was the common denominator threat to all users, according to findings in the new Microsoft Security Intelligence Report
Bad Guys Take Aim At iPad Users
News  |  4/26/2010  | 
Scam involves spam e-mail messages addressed to iPad users
FCC Takes Control Of Public Safety Network
News  |  4/26/2010  | 
The Federal Communication Commission intends to save $18 billion on its nationwide broadband public safety network by piggybacking on commercial network build-outs.
Apple iPad Used As Scam Bait
News  |  4/26/2010  | 
Cybercriminals are sending out malicious e-mail that targets iPad users, a sure sign that the device has been selling well.
What To Look For In A Primary Storage Refresh
Commentary  |  4/26/2010  | 
In our last entry we covered how the potential to increase storage utilization may help justify a storage refresh. If you are in a position to refresh your primary storage platform or you think the last entry may help you do that a little sooner than normal, what should you be looking for in your next storage platform?
FBI Names Cyber Division Chief
News  |  4/26/2010  | 
Gordon Snow has experience working on counterterrorism and cybercrimes in Silicon Valley and led the effort to draft a government-wide Cyber Counterintelligence Plan.
McAfee's Mess, SEC's Sex Problem And What SMBs Can Learn From Each
Commentary  |  4/26/2010  | 
Last week's McAfee release of a virus def file that didn't play well (to say the least!) with Windows XP SP3, along with unrelated revelations about the amount of pornsurfing going on at the SEC offers the chance to think a little bit about each problem -- and what your business has done and can do to avoid getting tagged by similar ones.
How Well Do Hospitals Protect Your Data? Abysmally
Commentary  |  4/24/2010  | 
A just released survey of about 200 compliance executives in hospitals from around the country shows that data breaches and medical identity theft continue to soar.
Google Sued Over Search Suggestion
News  |  4/23/2010  | 
A Wisconsin resident blames Google for Web content that links her name to a drug for sexual dysfunction.
Qakbot Worm Steals 2 GB Of Confidential Data Per Week, Researchers Say
Quick Hits  |  4/23/2010  | 
Data-stealing W32.Qakbot worm continues to penetrate enterprises, Symantec says
Blippy Leaks Four Credit Card Numbers
News  |  4/23/2010  | 
Social exhibitionism meets Google Search and learns that one can share too much information.
Tech Insight: When To Pull The Outsourcing Trigger
News  |  4/23/2010  | 
Outsourcing security functions can work -- if the conditions are right
WinMagic eStore Sells SecureDoc FDE For $99
News  |  4/23/2010  | 
eStore protects all data on Windows or Mac desktops, laptops, tablets and removable media
Cybercriminal Advertising: 1.5 Million Stolen Facebook Accounts For Sale
News  |  4/23/2010  | 
Going price starts at $25 for package of 1,000 accounts
Crippling McAfee Virus Update Could Have Long-Term Fallout
News  |  4/22/2010  | 
McAfee says it didn't fully test errant DAT file on XP Service Pack 3; some tens of thousands of PCs reportedly hit
DHS Fills Key Cybersecurity Posts
News  |  4/22/2010  | 
Department of Homeland Security hires fill leadership gaps at US-CERT and the National Cyber Security Division, two of the most important players in the nation's critical security infrastructure.
Pair Of Fines Levied On Breached Companies Show Real Costs Of Database Hacks
News  |  4/22/2010  | 
Fidelity National Information Services subsidiary, Davidson & Company each penalized hundreds of thousands of dollars by regulatory agencies
New Policy Revamps Agencies' Approach To FISMA Compliance
News  |  4/22/2010  | 
Guidance takes a 'three-tiered approach'
Page 1 / 4   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-01-23
xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based buffer overflow via a crafted EPUB document.
PUBLISHED: 2022-01-23
Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 1.0.34.
PUBLISHED: 2022-01-22
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.
PUBLISHED: 2022-01-22
An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances.
PUBLISHED: 2022-01-22
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.