Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in April 2011
Page 1 / 4   >   >>
Users, Service Providers At Odds Over Cloud Security, Study Says
Quick Hits  |  4/30/2011  | 
If providers don't get serious about security soon, users will stop buying cloud services, Ponemon/CA survey states
Sony Says PlayStation Credit Card Data Was Encrypted
News  |  4/29/2011  | 
Security Experts Say 'So What?' PlayStation account-holder data likely still at risk.
Expert: Attacks, Not Vulnerabilities, Are Keys To IT Defense
News  |  4/29/2011  | 
Attackers are increasingly cribbing code from existing exploits, rather than creating new ones
Sony Says PlayStation Credit Card Data Was Encrypted -- Security Experts Say, 'So What?'
News  |  4/29/2011  | 
PlayStation account-holder data likely still at risk
Black Hat, DEFCON Founder To Become CSO Of ICANN
Quick Hits  |  4/28/2011  | 
Jeff Moss will continue to work with Black Hat as conference chair
DHS Creates Public-Private Technology Exchange
News  |  4/28/2011  | 
The Department of Homeland Security gives companies the requirements of a technology, product, or service it's seeking and companies spend their own money to build prototypes.
Phishing Attackers Use Subdomain Registration Services
News  |  4/28/2011  | 
Online criminals doubled their use of unregulated subdomain registration services in the second half of 2010, according to a report by the Anti-Phishing Working Group.
Feds Ready To Take Next Step Of Uninstalling Coreflood Malware
News  |  4/28/2011  | 
Justice Department says it has slashed the botnet's C&C traffic by 90 percent
Global Internet Culture Emerges
News  |  4/28/2011  | 
Internet users worldwide want privacy, security, trust, and freedom of expression, says a report from the Oxford Internet Institute, graduate business school Insead, and comScore.
Schwartz On Security: Smile, Your Smartphone Is Watching
Commentary  |  4/28/2011  | 
In the wake of revelations that Apple devices have been insecurely storing and transmitting location data, it's time for enterprise IT managers to begin spying as well.
Report Questions Feds' 'Alarmist Rhetoric' About Cyberthreats
News  |  4/28/2011  | 
A report from the Mercatus Center at George Mason University warns that overinflating the potential fallout of an online attack could lead to unnecessary regulation of the Internet
Secret Storage Hides Encrypted Data In Plain Sight
News  |  4/27/2011  | 
Researchers identify new technique for disguising encrypted data as "noise" that looks like random disk fragmentation.
Enterprises Logging Security Data, But Still Struggle To Use It
Quick Hits  |  4/27/2011  | 
Seventh annual SANS log management survey shows log data still tough to find and correlate
Is Government Inflating Cyber Threats?
News  |  4/27/2011  | 
A report from the Mercatus Center at George Mason University questions "alarmist rhetoric" and asks whether government agencies can meaningfully improve the security of critical infrastructure.
Kind Of A Mess
Commentary  |  4/27/2011  | 
Internet needs an infrastructure that enables back ends and users to communicate with each other using better authentication--and allows any number of authentication technologies to sign into it
Sony Sued Over PlayStation Network Hack
News  |  4/27/2011  | 
A class action lawsuit charges that Sony failing to protect personal information and credit card numbers of up to 77 million users.
Another Researcher Hit With Threat Of German Anti-Hacking Law
News  |  4/27/2011  | 
German software firm warns researcher who disclosed a vulnerability in its software and offered his help
Apple Explains iPhone Tracking, Promises Fix
News  |  4/27/2011  | 
iPhones track Wi-Fi hotspots and cell towers, not users, Apple said in answering critics, while also promising to fixing a bug that kept too much data.
Iran Alleges Espionage Over Internet Worm
News  |  4/27/2011  | 
Senior government official says foreign governments are launching malware dubbed Stars at the country's nuclear facilities.
Hack Of PlayStation Network Threatens Personal Data Of 77 Million Users
News  |  4/27/2011  | 
After a week of downtime, Sony comes clean about hack, promises to restore service
Few Consumers Victimized By Online Fraud Report It
Quick Hits  |  4/26/2011  | 
New Ponemon Institute report shows consumers prefer using machine fingerprinting over personal information to verify their identities online
China Implicated In Hacking Of SMB Online Bank Accounts
News  |  4/26/2011  | 
FBI warns that small- to midsize businesses are being targeted in an attack that so far has bilked companies' accounts of millions of dollars and wired the money to Chinese companies
Napolitano Calls Cybersecurity A Shared Responsibility
News  |  4/26/2011  | 
The Department of Homeland Security secretary stressed the federal government's involvement in securing cyberspace alongside private companies to mitigate threats to critical infrastructure.
China Implicated In Hacking Of SMB Online Bank Accounts
News  |  4/26/2011  | 
FBI warns that small to midsize businesses are being targeted in an attack that so far has bilked companies' accounts of millions of dollars and wired the money to Chinese companies
Two-Factor Authentication Key To Online Healthcare Services
News  |  4/26/2011  | 
The National Strategy for Trusted Identities in Cyberspace also calls for wider adoption of unique security credentials
Federal ID Strategy To Boost Health Data Security
News  |  4/26/2011  | 
Voluntary plan which seeks two-factor authentication and for online identity management should find wide application in healthcare.
PCI Compliance May Mean Fewer Breaches, Study Says
News  |  4/26/2011  | 
But most professionals still don't think PCI has much of an impact on security, Ponemon/Imperva study says
A Not-So Targeted Targeted Attack
Commentary  |  4/25/2011  | 
RSA was likely among several targets associated with a broader campaign that was designed to seek out industrial secrets
Kidnapped Kaspersky Returns Safe; No Ransom Paid
Quick Hits  |  4/25/2011  | 
Son of security company founder is in a "safe location," company says
Users Still Careless With Email
News  |  4/25/2011  | 
Company employees still consistently send confidential and sensitive information via email in violation of rules and regulations, according to a survey by VaporStream.
Verizon Breach Report Shows Database Security Not Just About Credit Cards Anymore
News  |  4/22/2011  | 
The number of breached records is down, but database servers are still the hot target of attackers--and smaller organizations are also in the bull's eye.
What's Good About iPhone's Location Tracking
Commentary  |  4/22/2011  | 
The iPhone tracking disclosure this week showcases an unfortunate tendency for device manufacturers to focus excessively on their needs and forget those of their users
EV SSL Still A Rarity, Survey Shows
Quick Hits  |  4/22/2011  | 
New Netcraft survey shows EV SSL more popular among heavy-traffic, financial sites
So What If iPhones Spy User Locations
Commentary  |  4/22/2011  | 
The iPhone keeps track on its owner's whereabouts, but without that crucial location data, many services that help make the smartphone so popular wouldn't function.
Verizon Breach Report Shows Database Security Not Just About Credit Cards Anymore
News  |  4/22/2011  | 
The number of breached records is down, but database servers are still the hot target of attackers—and smaller organizations are also in the bull's eye
Hacking Becomes Leading Cause Of Data Breaches
News  |  4/22/2011  | 
Businesses are the main target, and lost data is rarely password-protected or encrypted, according to a report from the Identity Theft Resource Center.
iPhone Logging Your Every Move
News  |  4/22/2011  | 
Introduced with iOS 4, the Apple smartphone is reportedly logging user location information on the phone and computers that syncs the phone via iTunes.
Credit Card Hacker Pleads Guilty
News  |  4/22/2011  | 
Rogelio Hackett Jr. faces 12 years in prison and $500,000 in fines for selling 675,000 credit card numbers used to generate more than $36 million in fraudulent transactions.
Malware Bypasses Security On 64-Bit Windows OS
News  |  4/22/2011  | 
The latest TDL rookit family contains malware that evades security mechanisms built into the latest x64 operating systems, including Microsoft's Windows Vista and Windows 7.
Weaponizing GPS Tracking Devices
News  |  4/22/2011  | 
Researcher demonstrates how he was able to easily turn Zoombak personal GPS devices against their owners
iPhone Tracking Only Tip Of Security Iceberg
News  |  4/21/2011  | 
Mobile devices will present ongoing security and privacy challenges, particularly to businesses that permit personal usage of corporate devices.
Microsoft Updates Vulnerability Disclosure Policies
News  |  4/21/2011  | 
The software company clarifies its vulnerability-handling guidelines and begins issuing security bulletins for third-party products.
One-Fourth Of SSL Websites At Risk
News  |  4/21/2011  | 
Many sites haven't applied patches for well-known 'renegotiation' flaw
Forget Tape Vs. Disk, Use Them Together
Commentary  |  4/21/2011  | 
Tape is ideal for third tier backup data and the cost per GB, performance, and reliability make it an ideal compliment to disk backup.
Phishing Attack Hits Oak Ridge National Laboratory
News  |  4/21/2011  | 
The government lab expects to restore Internet access and external email service next week after losing nearly 1 gigabyte of unclassified data.
Son Of Kaspersky Lab Founder Reportedly Gone Missing
Quick Hits  |  4/21/2011  | 
Russian news reports that 20-year-old Ivan Kaspersky was kidnapped and his captors are demanding ransom
Continuous Monitoring Still A Long Way Off For The Feds
News  |  4/20/2011  | 
Deadline for FISMA compliance reporting via automated tool has past, and few agencies are using it
How To Sort Through Enterprise Mobility Challenges
Commentary  |  4/20/2011  | 
Mobility is demanding the attention of IT. Whether it's building a scalable wireless infrastructure, or supporting the newest smartphone or tablet, the choices are daunting. Interop's wireless and mobility conference track can help sort out these challenges.
Microsoft Issues First Security Alerts For Third-Party Apps
Quick Hits  |  4/20/2011  | 
Monthly or quarterly advisories on deck in the near-term, and Microsoft will only disclose an unfixed bug and offer workarounds if attacks hit
iPhone Software Tracks Location Of Users
News  |  4/20/2011  | 
Apple's iOS 4 operating system collects information about where iPhone users travel, two programmers revealed at the Where 2.0 conference.
Page 1 / 4   >   >>


US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
NetCAT Vulnerability Is Out of the Bag
Dark Reading Staff 9/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16395
PUBLISHED: 2019-09-17
GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code.
CVE-2019-16396
PUBLISHED: 2019-09-17
GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code.
CVE-2019-16199
PUBLISHED: 2019-09-17
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process.
CVE-2019-16391
PUBLISHED: 2019-09-17
SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiser_action.php.
CVE-2019-16392
PUBLISHED: 2019-09-17
SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages.