Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in April 2012
<<   <   Page 3 / 3
Massive Mac Trojan Attack Still Under Way
News  |  4/10/2012  | 
New, free Flashback Trojan detection and removal tool available from Kaspersky Lab; snapshot of bot counts dropping
How Malware Gets Backed Up Along With Data
News  |  4/10/2012  | 
Malware is widely bypassing AV and other controls, getting backed up like any legitimate data, and re-infecting enterprise systems during restore.
Zeus Trojan Targets Online Payroll Services Providers
Quick Hits  |  4/10/2012  | 
New attack could be used for paying money mules from victimized corporate accounts
How To Become A Seasoned Security Specialist
News  |  4/10/2012  | 
Just ask Brian Duckering, once "a go-to guy for general IT" and now senior manager of Symantec's security endpoint management and mobility group
Utah Health Data Breach Affects Nearly 800,000
Quick Hits  |  4/10/2012  | 
Theft of Medicaid data in Utah may have been joint effort between hackers, insiders
Are Today's Risk Management Frameworks Antiquated?
News  |  4/10/2012  | 
Five ways ISACA is updating its compliance framework, COBIT, to keep up with business and risk demands
Europe's Data Security Laws Clear Some Clouds, Muddle Others
News  |  4/9/2012  | 
Regulations being mulled over by the European Union will clarify security requirements for many cloud providers -- but could hurt U.S. providers
Malware Getting Backed Up Along With Data
News  |  4/9/2012  | 
Sourcefire data shows how often restoring from malware-contaminated backups reinfects organizations
Data Security: Who's Winning The Cyberwar?
News  |  4/9/2012  | 
The growing sophistication of cyber-attacks and the proliferation of vulnerabilities resulting from the rise of mobile computing are forcing financial institutions to rethink data security and embrace new fraud-fighting techniques and technologies, including real-time monitoring.
How To Prevent Enterprise Data Leaks
News  |  4/9/2012  | 
Data can find its way out through accidents or malice. Here are some tips to keep your essential information secure.
9 Most Costly Financial Services Data Breaches
News  |  4/9/2012  | 
Global Payments breach, which affected MasterCard and Visa customers, is only the latest in string of hacks and data thefts that have cost financial institutions millions of dollars.
Anonymous Continues Barrage Of Government Hacks
News  |  4/9/2012  | 
Hacktivist group Anonymous continues string of cyber attacks on governments worldwide, with attacks on China, Tunisia, Uganda, and the United Kingdom in the last few weeks.
How Much Money Do You Need To Lose Before You Start Monitoring?
Commentary  |  4/9/2012  | 
At what point does turning a blind eye to the loss of revenue spark the inevitable conversation: 'Maybe we should be monitoring this infrastructure more closely?'
Big Mac Botnet Mostly Made Up Of U.S. Machines
Quick Hits  |  4/6/2012  | 
Major 'wake-up call' for Mac users as Apple OS X Java flaw exploit spreads
Tech Insight: Getting Ready For Data Loss Prevention (DLP)
News  |  4/6/2012  | 
DLP is a business issue requiring the co-existence of people and process with technology
Inside IT Security's New Reality: Damage Containment
News  |  4/6/2012  | 
More security experts and vendors are espousing the view that bad guys will eventually sneak into your corporate network, even your big data. Can your IT team contain the damage once the hackers arrive?
Estimating The Economics Behind BYOD Security
News  |  4/5/2012  | 
Find the hidden costs of BYOD to make appropriate financial and risk decisions
Quick-Start Guide: Compiling Mac-Robber For iOS Vuln Research
Commentary  |  4/5/2012  | 
How to compile, copy, and run mac-robber on jailbroken iOS devices
Phishers Use Web Analytics To Gauge Success
Quick Hits  |  4/5/2012  | 
Attacker targeting South American bank gathered statistics on what worked and what didn't in major phishing campaign, RSA says
Damage Mitigation As The New Defense
News  |  4/5/2012  | 
Containing the attacker in today's persistent threat environment
2 Healthcare Data Breaches Show Importance Of Encryption
News  |  4/5/2012  | 
Patient data from Howard University Hospital and California Department of Child Support Services wasn't fully encrypted, and one security expert wants to know why.
Mac Botnet Now 600,000 Infected Machines Strong
News  |  4/5/2012  | 
Apple has issued a patch for its version of Java, but critics say it should have acted sooner to contain a trojan variant called Flashback, which has infected an estimated 1% of all Macs.
New York Moves To Protect Health Data Privacy
News  |  4/5/2012  | 
Should a simple trip to the podiatrist unlock your lifelong medical history? As electronic medical records are shared, complex privacy questions arise, prompting a new state committee to tackle patient privacy and HIE data access questions.
State Department CIO: What's Changed Since WikiLeaks
News  |  4/5/2012  | 
State Department IT chief talks strategy and cybersecurity upgrades, 18 months after the leak of 260,000 sensitive diplomatic cables.
How To Prevent Data Leaks From Happening To Your Organization
News  |  4/5/2012  | 
Data can find its way out through accidents or malice. Here are some tips for keeping your essential information from walking out the door.
SQL Injection Still Slams SMBs
News  |  4/4/2012  | 
SQL injection attacks may have declined compared to other methods, but they are still a big concern among businesses large and small
SANS Survey: BYOD Widespread But Lacking Sufficient Oversight
Quick Hits  |  4/4/2012  | 
BlackBerry is still the No. 1 supported mobile device in organizations
First Google Android Bootkit Found
News  |  4/4/2012  | 
Security researchers at NQ Mobile say they have found the first piece of Android bootkit malware
Database Security On The Cheap
Commentary  |  4/4/2012  | 
A look at some free tools to help tackle database security
Anonymous Vs. DNS System: Lessons For Enterprise IT
Commentary  |  4/4/2012  | 
A rumored attack on the world's DNS servers by Anonymous failed to materialize. But the many enterprises still ignoring persistent weaknesses could learn from the defensive strategy.
9 Recent Data Breaches That Have Cost Financial Services Firms Big-Time
News  |  4/4/2012  | 
The details of these breaches are downright scary, or ingenious, depending on your point of view
Tracking And Measuring Cloud Providers' Security Performance
Quick Hits  |  4/4/2012  | 
Is your cloud provider meeting its promises for security? Here are some tips for finding out
Monitoring, Policies Needed To Catch Rogue IPv6 Traffic
News  |  4/3/2012  | 
With a growing number of devices supporting the next-generation network protocol, companies need to research and implement IPv6 security
Girls Around Me App: Not Today's Creepiest Stalker
Commentary  |  4/3/2012  | 
Was the Girls Around Me app tasteless and juvenile? Of course. But we should be far more concerned about being stalked by law enforcement agencies and our cell phone companies.
Global Payments Breach: Big Authentication Lessons
News  |  4/3/2012  | 
Weaknesses in knowledge-based authentication and mag-stripe are highlighted in security experts' examination of the breach that affected credit card customers.
Most Popular Internet Sites Consistently Serving Up Malware
Quick Hits  |  4/3/2012  | 
Study of Alexa's top 25,000 sites finds 58 serving drive-by downloads of malicious code
Will We Learn Authentication Lessons From Global Payments Breach?
News  |  4/3/2012  | 
Weaknesses in knowledge-based authentication and mag stripe highlighted in security experts speculation about the breach
Quick-Start Guide: Compiling Mac-Robber For Android Vuln Research
Commentary  |  4/2/2012  | 
How to compile, copy, and run mac-robber on rooted Android devices
<<   <   Page 3 / 3


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30485
PUBLISHED: 2021-04-11
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.