Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in April 2011
Page 1 / 4   >   >>
Users, Service Providers At Odds Over Cloud Security, Study Says
Quick Hits  |  4/30/2011  | 
If providers don't get serious about security soon, users will stop buying cloud services, Ponemon/CA survey states
Sony Says PlayStation Credit Card Data Was Encrypted
News  |  4/29/2011  | 
Security Experts Say 'So What?' PlayStation account-holder data likely still at risk.
Expert: Attacks, Not Vulnerabilities, Are Keys To IT Defense
News  |  4/29/2011  | 
Attackers are increasingly cribbing code from existing exploits, rather than creating new ones
Sony Says PlayStation Credit Card Data Was Encrypted -- Security Experts Say, 'So What?'
News  |  4/29/2011  | 
PlayStation account-holder data likely still at risk
Black Hat, DEFCON Founder To Become CSO Of ICANN
Quick Hits  |  4/28/2011  | 
Jeff Moss will continue to work with Black Hat as conference chair
DHS Creates Public-Private Technology Exchange
News  |  4/28/2011  | 
The Department of Homeland Security gives companies the requirements of a technology, product, or service it's seeking and companies spend their own money to build prototypes.
Phishing Attackers Use Subdomain Registration Services
News  |  4/28/2011  | 
Online criminals doubled their use of unregulated subdomain registration services in the second half of 2010, according to a report by the Anti-Phishing Working Group.
Feds Ready To Take Next Step Of Uninstalling Coreflood Malware
News  |  4/28/2011  | 
Justice Department says it has slashed the botnet's C&C traffic by 90 percent
Global Internet Culture Emerges
News  |  4/28/2011  | 
Internet users worldwide want privacy, security, trust, and freedom of expression, says a report from the Oxford Internet Institute, graduate business school Insead, and comScore.
Schwartz On Security: Smile, Your Smartphone Is Watching
Commentary  |  4/28/2011  | 
In the wake of revelations that Apple devices have been insecurely storing and transmitting location data, it's time for enterprise IT managers to begin spying as well.
Report Questions Feds' 'Alarmist Rhetoric' About Cyberthreats
News  |  4/28/2011  | 
A report from the Mercatus Center at George Mason University warns that overinflating the potential fallout of an online attack could lead to unnecessary regulation of the Internet
Secret Storage Hides Encrypted Data In Plain Sight
News  |  4/27/2011  | 
Researchers identify new technique for disguising encrypted data as "noise" that looks like random disk fragmentation.
Enterprises Logging Security Data, But Still Struggle To Use It
Quick Hits  |  4/27/2011  | 
Seventh annual SANS log management survey shows log data still tough to find and correlate
Is Government Inflating Cyber Threats?
News  |  4/27/2011  | 
A report from the Mercatus Center at George Mason University questions "alarmist rhetoric" and asks whether government agencies can meaningfully improve the security of critical infrastructure.
Kind Of A Mess
Commentary  |  4/27/2011  | 
Internet needs an infrastructure that enables back ends and users to communicate with each other using better authentication--and allows any number of authentication technologies to sign into it
Sony Sued Over PlayStation Network Hack
News  |  4/27/2011  | 
A class action lawsuit charges that Sony failing to protect personal information and credit card numbers of up to 77 million users.
Another Researcher Hit With Threat Of German Anti-Hacking Law
News  |  4/27/2011  | 
German software firm warns researcher who disclosed a vulnerability in its software and offered his help
Apple Explains iPhone Tracking, Promises Fix
News  |  4/27/2011  | 
iPhones track Wi-Fi hotspots and cell towers, not users, Apple said in answering critics, while also promising to fixing a bug that kept too much data.
Iran Alleges Espionage Over Internet Worm
News  |  4/27/2011  | 
Senior government official says foreign governments are launching malware dubbed Stars at the country's nuclear facilities.
Hack Of PlayStation Network Threatens Personal Data Of 77 Million Users
News  |  4/27/2011  | 
After a week of downtime, Sony comes clean about hack, promises to restore service
Few Consumers Victimized By Online Fraud Report It
Quick Hits  |  4/26/2011  | 
New Ponemon Institute report shows consumers prefer using machine fingerprinting over personal information to verify their identities online
China Implicated In Hacking Of SMB Online Bank Accounts
News  |  4/26/2011  | 
FBI warns that small- to midsize businesses are being targeted in an attack that so far has bilked companies' accounts of millions of dollars and wired the money to Chinese companies
Napolitano Calls Cybersecurity A Shared Responsibility
News  |  4/26/2011  | 
The Department of Homeland Security secretary stressed the federal government's involvement in securing cyberspace alongside private companies to mitigate threats to critical infrastructure.
China Implicated In Hacking Of SMB Online Bank Accounts
News  |  4/26/2011  | 
FBI warns that small to midsize businesses are being targeted in an attack that so far has bilked companies' accounts of millions of dollars and wired the money to Chinese companies
Two-Factor Authentication Key To Online Healthcare Services
News  |  4/26/2011  | 
The National Strategy for Trusted Identities in Cyberspace also calls for wider adoption of unique security credentials
Federal ID Strategy To Boost Health Data Security
News  |  4/26/2011  | 
Voluntary plan which seeks two-factor authentication and for online identity management should find wide application in healthcare.
PCI Compliance May Mean Fewer Breaches, Study Says
News  |  4/26/2011  | 
But most professionals still don't think PCI has much of an impact on security, Ponemon/Imperva study says
A Not-So Targeted Targeted Attack
Commentary  |  4/25/2011  | 
RSA was likely among several targets associated with a broader campaign that was designed to seek out industrial secrets
Kidnapped Kaspersky Returns Safe; No Ransom Paid
Quick Hits  |  4/25/2011  | 
Son of security company founder is in a "safe location," company says
Users Still Careless With Email
News  |  4/25/2011  | 
Company employees still consistently send confidential and sensitive information via email in violation of rules and regulations, according to a survey by VaporStream.
Verizon Breach Report Shows Database Security Not Just About Credit Cards Anymore
News  |  4/22/2011  | 
The number of breached records is down, but database servers are still the hot target of attackers--and smaller organizations are also in the bull's eye.
What's Good About iPhone's Location Tracking
Commentary  |  4/22/2011  | 
The iPhone tracking disclosure this week showcases an unfortunate tendency for device manufacturers to focus excessively on their needs and forget those of their users
EV SSL Still A Rarity, Survey Shows
Quick Hits  |  4/22/2011  | 
New Netcraft survey shows EV SSL more popular among heavy-traffic, financial sites
So What If iPhones Spy User Locations
Commentary  |  4/22/2011  | 
The iPhone keeps track on its owner's whereabouts, but without that crucial location data, many services that help make the smartphone so popular wouldn't function.
Verizon Breach Report Shows Database Security Not Just About Credit Cards Anymore
News  |  4/22/2011  | 
The number of breached records is down, but database servers are still the hot target of attackers—and smaller organizations are also in the bull's eye
Hacking Becomes Leading Cause Of Data Breaches
News  |  4/22/2011  | 
Businesses are the main target, and lost data is rarely password-protected or encrypted, according to a report from the Identity Theft Resource Center.
iPhone Logging Your Every Move
News  |  4/22/2011  | 
Introduced with iOS 4, the Apple smartphone is reportedly logging user location information on the phone and computers that syncs the phone via iTunes.
Credit Card Hacker Pleads Guilty
News  |  4/22/2011  | 
Rogelio Hackett Jr. faces 12 years in prison and $500,000 in fines for selling 675,000 credit card numbers used to generate more than $36 million in fraudulent transactions.
Malware Bypasses Security On 64-Bit Windows OS
News  |  4/22/2011  | 
The latest TDL rookit family contains malware that evades security mechanisms built into the latest x64 operating systems, including Microsoft's Windows Vista and Windows 7.
Weaponizing GPS Tracking Devices
News  |  4/22/2011  | 
Researcher demonstrates how he was able to easily turn Zoombak personal GPS devices against their owners
iPhone Tracking Only Tip Of Security Iceberg
News  |  4/21/2011  | 
Mobile devices will present ongoing security and privacy challenges, particularly to businesses that permit personal usage of corporate devices.
Microsoft Updates Vulnerability Disclosure Policies
News  |  4/21/2011  | 
The software company clarifies its vulnerability-handling guidelines and begins issuing security bulletins for third-party products.
One-Fourth Of SSL Websites At Risk
News  |  4/21/2011  | 
Many sites haven't applied patches for well-known 'renegotiation' flaw
Forget Tape Vs. Disk, Use Them Together
Commentary  |  4/21/2011  | 
Tape is ideal for third tier backup data and the cost per GB, performance, and reliability make it an ideal compliment to disk backup.
Phishing Attack Hits Oak Ridge National Laboratory
News  |  4/21/2011  | 
The government lab expects to restore Internet access and external email service next week after losing nearly 1 gigabyte of unclassified data.
Son Of Kaspersky Lab Founder Reportedly Gone Missing
Quick Hits  |  4/21/2011  | 
Russian news reports that 20-year-old Ivan Kaspersky was kidnapped and his captors are demanding ransom
Continuous Monitoring Still A Long Way Off For The Feds
News  |  4/20/2011  | 
Deadline for FISMA compliance reporting via automated tool has past, and few agencies are using it
How To Sort Through Enterprise Mobility Challenges
Commentary  |  4/20/2011  | 
Mobility is demanding the attention of IT. Whether it's building a scalable wireless infrastructure, or supporting the newest smartphone or tablet, the choices are daunting. Interop's wireless and mobility conference track can help sort out these challenges.
Microsoft Issues First Security Alerts For Third-Party Apps
Quick Hits  |  4/20/2011  | 
Monthly or quarterly advisories on deck in the near-term, and Microsoft will only disclose an unfixed bug and offer workarounds if attacks hit
iPhone Software Tracks Location Of Users
News  |  4/20/2011  | 
Apple's iOS 4 operating system collects information about where iPhone users travel, two programmers revealed at the Where 2.0 conference.
Page 1 / 4   >   >>

Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.