Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in April 2011
<<   <   Page 2 / 4   >   >>
Facebook Beefs Up Security Features, Adds Two-Factor Authentication
News  |  4/20/2011  | 
To address ongoing concerns about safe social networking, Facebook is rolling out additional security tools and resources, including two-factor authentication
Seagate To Acquire Samsung's HDD Business
News  |  4/19/2011  | 
The $1.375 billion purchase would make Seagate the second largest maker of HDDs and expand its SSD business.
Cyberattacks On Critical Infrastructure Are Increasing, Study Says
Quick Hits  |  4/19/2011  | 
Eighty percent of critical infrastructure operators say they have experienced a large-scale attack
Facebook Strengthens Security, Safety Tools
News  |  4/19/2011  | 
To address ongoing concerns about safe social networking, Facebook is rolling out additional security tools and resources.
Verizon Data Breach Report: Bad Guys Target Low-Hanging Fruit
News  |  4/19/2011  | 
Cybercriminals steering away from big caches of data, using simpler tactics to crack smaller enterprises
Iranian Official Claims Siemens Partially Responsible For Stuxnet
News  |  4/19/2011  | 
The Iranian military has accused German electronics and industrial engineering firm Siemens of taking part in the development of the Stuxnet worm.
Leaked Cables Indicate Chinese Military Hackers Attacked U.S.
News  |  4/19/2011  | 
U.S. authorities have reportedly traced the "Byzantine Hades" spear-phishing attacks to specific Chinese military groups.
Federal Biometric ID Cards Get Iris Scan Option
News  |  4/19/2011  | 
National Institute for Standards and Technology has revised specifications for the proposed federal employee and contractor authentication system, including a new option to fingerprinting.
Cyber Threats To Critical Infrastructure Spike
News  |  4/19/2011  | 
While the number and severity of attacks increases, cooperative partnerships between the public and private sector in the U.S. lag behind the rest of the world.
66% Of Security Software Submitted With Flaws
News  |  4/19/2011  | 
App testing firm Veracode reports that developers need significantly more training on secure-coding skills.
Architect Your Databases Against Data Breaches
Commentary  |  4/19/2011  | 
If you haven't considered data architecture to help protect your data, now is as good a time as any. Your business and even your job may depend on it.
Data Loss Plummets, Verizon Report Finds
News  |  4/18/2011  | 
It's getting harder to get away with hacking big companies and data thieves are looking for easier prey.
Midmarket Security: 5 Risks, 5 Practical Responses
News  |  4/18/2011  | 
Smaller companies deal with enterprise-grade threats and compliance challenges, and partners are imposing requirements for sophisticated controls and audits that may be overwhelming. Here's how to cope.
New HBGary Statement Seeks To Clarify Company's Actions
Quick Hits  |  4/18/2011  | 
Online statement separates HBGary from HBGary Federal, says some email content was taken out of context
Man Pleads Guilty To Hacking Servers At Federal Reserve Bank
News  |  4/18/2011  | 
Accused of multiple hacks, Lin Mun Poo admits to possession of stolen credit card information
Midmarket Security: 5 Risks, 5 Practical Responses
News  |  4/18/2011  | 
Smaller companies deal with enterprise-grade threats and compliance challenges, and partners are imposing requirements for sophisticated controls and audits that may be overwhelming. Here's how to cope.
Online Advertisers Pitch Self-Regulation Framework
News  |  4/18/2011  | 
Microsoft, Google, and other companies are backing a European proposal governing how advertisers can track people's behavior online.
Oracle To Patch 73 Critical Vulnerabilities
News  |  4/18/2011  | 
Microsoft, Apple, and Adobe have all issued bug fixes recently, and now Oracle is patching Oracle Fusion Middleware, the Sun Products Suite, the Open Office Suite, and other products.
Dark Reading Launches Cloud Security Tech Center
Commentary  |  4/18/2011  | 
New subsite will focus on news and analysis of security issues in public and private cloud environments
Social Security Administration Exposed Data Of 36,000 Over Three Years
Quick Hits  |  4/17/2011  | 
Inspector General's office finds that thousands of people on the Death Master List are still alive
Security Software, Services Score Poorly In Security
News  |  4/17/2011  | 
Latest state of software security report from Veracode also finds application developers' security grades low
Product Watch: Sourcefire Expands IPS Line
News  |  4/17/2011  | 
Snort creator adds low-end device, new modular hardware platform, and upgrade to its next-generation IPS software
Android Unsafe At Any Price
Commentary  |  4/15/2011  | 
Google's approach of offering little support to vendors that deploy the OS is worrisome, among other things
Feds Look To Private Industry To Build National ID Infrastructure
News  |  4/15/2011  | 
White House officially releases its National Strategy for Trusted Identities In Cyberspace (NSTIC) plan
White Houses Issues Online Trusted Identities Plan
News  |  4/15/2011  | 
The private sector is expected to take the lead in developing a stronger process for more secure online identities, according to the final version of the National Strategy for Trusted Identities in Cyberspace.
Federal Reserve Bank Hacker Pleads Guilty
News  |  4/15/2011  | 
Malysian citizen Lin Mun Poo admits to installing malware on a Federal Reserve Bank server.
Blocking Windows Admin Rights Can Stop Exploits
News  |  4/15/2011  | 
The majority of Microsoft Windows attacks seen in 2010 would have been blocked if PCs were not running with admin-level access rights, according to security vendor BeyondTrust.
Private Sector Seeks Better Cybersecurity Collaboration
News  |  4/15/2011  | 
Banking, telecom, and utility execs told Congress Friday that better processes need to be put in place to share information on cyber attacks more quickly, more simply, and more thoroughly.
Tech Insight: Updating Your Security Toolbox
News  |  4/15/2011  | 
As threats change, so do the tools for diagnosing and analyzing new threats. Here's a look at some open-source applications that every security department should have
Can Archive Replace Backup?
Commentary  |  4/15/2011  | 
Everyone should know the difference between backup and archive yet many data centers still use their backup application as their archive product.
TriGeo Customer Boosts Security With Appliance
News  |  4/14/2011  | 
Midmarket financial institution LegacyTexas Bank automates processes and reduces labor hours by deploying an SIEM appliance.
White House To Release Final Trusted Identity Plan
News  |  4/14/2011  | 
The public-private effort to strengthen online identity management and authentication will face challenges when it comes to execution, privacy, and security.
IT Temptation To Snoop Too Great
Quick Hits  |  4/14/2011  | 
Separate reports from Cyber-Ark, BeyondTrust show the pitfalls of privileged user access
Coreflood Botnet An Attractive Target For Takedown For Many Reasons
News  |  4/14/2011  | 
Old-school botnet provided an opportunity for a successful takeover in unprecedented operation by the DOJ, FBI
Schwartz On Security: Piracy Equals Market Failure
Commentary  |  4/14/2011  | 
Legal actions to prevent or punish movie, music, and software piracy may be harmful to innovation as well as ineffective.
FBI Busts Coreflood Botnet
News  |  4/14/2011  | 
Authorities get court authority to replace the botnet's command and control servers with their own and remotely disable the botnet on infected PCs.
IT Security Salaries Stay Flat Despite Wave Of Attacks
News  |  4/14/2011  | 
InformationWeek salary survey finds median base salary during the past 12 months mostly stayed the same or dipped slightly for security pros -- but they still make more than their IT counterparts
WordPress Servers Hacked At Root Level
News  |  4/14/2011  | 
Source code exposed, putting passwords for WordPress.com-hosted blogs at risk of being cracked.
WordPress Reports Multiserver Breach
Quick Hits  |  4/13/2011  | 
'We presume our source code was exposed and copied,' popular blog host says
Malware Writers Making Code Tougher To Decode, Harder To Find
News  |  4/13/2011  | 
Malicious code is more frequently scrambled, encrypted to foil would-be reverse engineers
Big Texas Breach A Hard Lesson In Database Discovery
News  |  4/13/2011  | 
Many organizations have policies that prohibit dissemination of unprotected databases and files, but no way to enforce them
Industry Watch: DOJ Takes Down Financial Information-Stealing 'Coreflood' Botnet
News  |  4/13/2011  | 
More than 2 million computers infected with keylogging software as part of massive fraud scheme
Senators Propose Data Privacy Law
News  |  4/13/2011  | 
Intel, Microsoft, and eBay support the legislation sponsored by Sens. Kerry and McCain that sets rules for the collection and storage of personal information and the right of consumers to correct mistakes and opt-out.
Microsoft Readies Streetside In Europe
News  |  4/13/2011  | 
Having learned from Google's mistakes with Street View, Microsoft is laying the groundwork for mobile and location-based services.
Windows IPv4 Networks Vulnerable To IPv6 Attack
News  |  4/13/2011  | 
A man-in-the-middle attack can use the IPv6 protocol to eavesdrop on IPv4 networks, though an attacker would have to physically place a router in the targeted environment for it to work.
Lockheed Enhances FBI Fingerprinting System
News  |  4/13/2011  | 
The agency's Next Generation Identification System is getting palm-print matching and more accurate fingerprint matching.
Texas Data Breach Exposed 3.5 Million Records
News  |  4/13/2011  | 
Names, addresses, and social security numbers of state retirees and unemployment beneficiaries were posted, unencrypted, on a public server.
Lenovo Adds Secure Cloud Access To PCs
News  |  4/12/2011  | 
ThinkPad laptops and ThinkCentre desktops get a Lenovo software client that improves security when connecting to cloud applications.
Start-Up Offers Shoulder-Hacking Shield Of Software
Quick Hits  |  4/12/2011  | 
New Windows desktop software employs facial recognition and detection to capture 'peeping Tom' hackers
Microsoft Pushes Giant Security Patch
News  |  4/12/2011  | 
The record number of security fixes is the result of a single security bulletin that addresses 30 Windows kernel flaws.
<<   <   Page 2 / 4   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-16060
PUBLISHED: 2021-10-15
Mitsubishi Electric SmartRTU devices allow remote attackers to obtain sensitive information (directory listing and source code) via a direct request to the /web URI.
CVE-2018-16061
PUBLISHED: 2021-10-15
Mitsubishi Electric SmartRTU devices allow XSS via the username parameter or PATH_INFO to login.php.
CVE-2021-27561
PUBLISHED: 2021-10-15
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.
CVE-2020-4951
PUBLISHED: 2021-10-15
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.
CVE-2021-28021
PUBLISHED: 2021-10-15
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.