Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Rapid 7 Rolls Out First Commercial Metasploit Product
Metasploit Express combines open source platform with user-friendly interface and new back-end
Health Insurer Notifies More Than 409,000 Of Potential Breach
Sensitive medical records found on previously leased digital copier, company says
More Than One-Third Of Network Devices Show Vulnerabilities, Study Says
Average device shows more than 40 configuration violations, according to research
White House Updates Cybersecurity Orders
The three-pronged approach should help federal agencies do away with wasteful compliance spending and encourage improved security, say White House officials.
Facebook Opens Up Social Tools To Broader Web
At its developer conference, the soc-net powerhouse let loose plug-ins which will extend its platform throughout the Web and potentially strengthen its hand versus Google.
Product Watch: Microsoft Scraps Forefont Protection Manager Product
Software giant says it's aligning security management with systems and application management
CSRF Attacks Get New PoC Creation Tool
Cross site request forgery (CSRF) is a powerful attack that can have devastating consequences. It's not a new attack, but new tools are released every year because Web developers don't always write secure code that can prevent these attacks. Often, CSRF vulnerabilities go undetected because automated scanners have difficulty detecting them.
Justifying An Early Storage Refresh
Our last entry covered ways to increase storage utilization. There are three options; live with under-utilization (easy but costly), refresh your current storage (easy but potentially expensive) or making what you have more efficient (potentially time consuming but potentially inexpensive). Most data centers have a schedule to refresh their current storage systems at some point in the future. In this ent
New Hack Pinpoints Cell Phone User's Location, Personal And Business Relationships
Researchers demonstrate a technique that exploits the cell phone infrastructure to compromise cell user's privacy
Why Employees Break Security Policy (And What You Can Do About It)
Companies that monitor network behavior say many employees still break rules in order to get their jobs done
Report: Targeted Attacks Evolve, New Malware Variants Spike By 100 Percent
New Symantec Global Internet Threat Report shows evolution of targeted attacks, prevalence of Web-borne attacks, increase in malware variants in 2009
Network Solutions Hack Highlights Hosting Risks
Website hosting vendor Network Solutions Inc. (NSI) has been forced to cleanse its customer Websites after a few "thousand" sites where attacked after an unspecified number of NSI's shared servers were infiltrated.
Network Solutions Cleaning Up After Second Round Of Attacks
'A few thousand' websites infected in attacks; meanwhile, NSI suffers email service disruption today as well
PCI: Data Token Alternatives
When a merchant cannot -- or will not -- replace credit card numbers with tokens provided by its payment processor, how does it secure it database to be PCI-compliant?
Google Scolded By Privacy Officials
Buzz, the company's social networking arm for Gmail, continues to elicit criticism
Google Tool Reveals Government Hunger For Data
Official demands sent to Google for data and for its removal are now on display.
Google Scolded By Privacy Officials
Buzz, the company's social networking mechanism for Gmail, continues to elicit criticism.
Google Chrome Attracting Hacker Attention
The good news: at a recent security conference, Google Chrome got kudos as the hardest to browser hack. The bad news: a new hack is targeting possibly overconfident Chrome users and tagging them with malware.
California Senate Moves On New Data Breach Law
With 2003's landmark data breach notification law, SB-1386, California set the tone for the wave of state breach notification laws that would follow. Today, more states have similar laws than don't. Last week, the California Senate approved SB-1166 which aims to add more detail to the existing law.
IT Isn't Keeping Up With End Users, Study Says
Most organizations unable to keep up with users' job responsibilities and access rights, Ponemon study says
Secure P2P Scheme Leverages Social Networks
Anonymous and unobservable IM and VoIP could be possible under a proposed network architecture called Drac.
Log Review Checklist For Responders Under Fire
Checklists are one of the most important things for first responders to have access to when responding to an incident. The reasons are many, and most of them tend to fall back on the human nature of the first responder. Incident response can impose a lot of stress on an individual, whether from management or the sheer criticality of the potentially hacked resource, it can be easy to miss a step or remember a command incorrectly when under fire.
Increasing Storage Utilization Rates
In a recent entry by John Foley he discusses some of the pros and cons for leveraging cloud computing to increase IT efficiency in the Federal Government. One of the more startling statements is how low utilization of storage is. Of course low utilization is not the sole problem of Federal IT, the private sector has its challenges with storage utilization as well. What can be done to inc
Fort Hood Shootings Spark IT Upgrades
Defense Secretary Robert Gates has ordered the deployment of two information sharing systems in order to help curb internal security threats.
Politically Motivated Attacks Could Force Enterprises To Reshape Defenses
Targeted attacks could happen to any organization for myriad reasons, report says
Researcher Demonstrates How To Counterattack Against A Targeted Attack
Proof-of-concept turns the tables on attackers who wage targeted attacks on enterprises
OWASP Issues Top 10 Web Application Security Risks List
Final version of Top 10, published today, focuses on actual risks versus vulnerabilities
Apple Sued Over iPhone Liquid Sensors
Customers' inability to verify liquid sensor data, the lawsuit claims, make Apple's warranty coverage an illusion.
Researcher To Demonstrate Uncrackable Encryption Key
Scientist at Tel Aviv University builds key transmission system based on lasers, fiber optics
Apple Market Strongest In California
Despite its relatively small share of the PC market, Apple's overall market penetration makes it a major player in many parts of the country.
Taking Penetration Testing In-House
Weighing the risks and benefits of do-it-yourself pen testing
Google Unveils Cloud Print
The upcoming Chrome OS will push printing beyond the desktop.
Product Watch: Free Tool Detects PCI Violations
Software detects improperly stored credit card data, other PCI violations
NSA Director Tells Senate He Won't Overstep In Role As U.S. Cyber Command Director
'This is not about efforts to militarize cyberspace,' says Lt. Gen. Keith Alexander during his confirmation hearing
New Full Disclosure, Website Vulnerabilities Database
The biggest news in security circles in the past day or so is the new full disclosure site, Vulnerable Sites DB database.
Attacking Electronic Door Access Control Systems
A friend recently pointed me to some research he has been doing with embedded door access control systems, as well as some of the vulnerabilities he has uncovered. Some of his findings were recently disclosed at Carolinacon, with more to come during his presentation at Hack in the Box.
Bridging The Gap Between Training And Operations
The EDUCAUSE Security Professionals Conference is a great conference for IT staff from higher education to meet and learn about deploying and managing security tools like OSSEC and Bro IDS, hear how others are dealing with compliance issues, and network with other professionals interested in security.
Google Revenues Beat Estimates
Despite strong first quarter results, the company's stock slipped on worries about costs.
Google: Virus-Packing Spam Rose Despite Botnet Takedowns
Postini email security team logged massive surge in viruses in Q4 2009
IE 8 Security Features Could Be Turned Against Users, Researchers Say
At Black Hat Europe, presenters show how filters designed to prevent cross-site scripting can be used to launch those very attacks
SAP, Other ERP Applications At Risk Of Targeted Attacks
Black Hat Europe researcher demonstrates techniques for inserting 'backdoors' into popular enterprise resource planning apps that aren't properly secured
States' Rights Come to Security Forefront
Massachusetts' new data protection law reaches beyond its borders. Are you ready?
Databases At Risk Of Man-In-The-Middle Attacks
Without encryption of database traffic, Oracle and other databases face man-in-the-middle attack threats
Former NSA Official Leaked Secrets Via Hushmail
The indictment returned in Maryland on Thursday suggests how easy it is to copy and paste secrets.
States' Rights Come to Security Forefront
Massachusetts' new data protection law reaches beyond its borders. Are you ready?
Senators Question Cyber Command Nominee
Gen. Keith Alexander told legislators he'll work closely with the president and Homeland Security to protect U.S. military networks against cyber attacks.
FCoE Poised For Adoption
FCoE adoption is getting ready to pick up steam. That's my take from Storage Networking World (SNW). The FCoE sessions and labs seemed well attended. This means that users are getting ready to deploy the technology, and of course, some already have.
Enterprises See Risks In Cloud
Cloud infrastructures aren't yet reliable or secure enough for mission critical apps, say users.
Websites Vulnerable To New Clickjacking Techniques
At Black Hat Europe, UK-based security researcher Paul Stone has demonstrated new and seemingly powerful attacks that dupe users into activating malicious links on Web sites without their even knowing it.
|
2021 Top Enterprise IT TrendsWe've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Tweet This
0 Comments
