Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in April 2013
Page 1 / 3   >   >>
Open Source Software Libraries Get Renewed Scrutiny
News  |  4/30/2013  | 
The Open Web Application Security Project adds common software components to its list of threats to spur developers to look more deeply at software libraries
Password Reuse Rampant, But Users Value Security, Survey Says
Quick Hits  |  4/30/2013  | 
More people adopt some online—and mobile—security, but still fail in proper follow-through, according to a new study by Varonis
Chinese Cyberespionage: Brazen, Prolific, And Persistent
News  |  4/30/2013  | 
New research from multiple sources illustrates dominant role of China in cyberespionage
Darkleech Apache Attacks Intensify
News  |  4/30/2013  | 
Security researchers discover hard-to-detect, memory-resident Linux malware compromising Apache servers and redirecting browsers to other infected sites.
10 Top Password Managers
Slideshows  |  4/30/2013  | 
Tired of being stuck in password hell? Consider these password managers that balance security with convenience.
Can You Hack This Smartphone App For £10,000?
News  |  4/30/2013  | 
Redact says its peer-to-peer iPhone messaging app is invulnerable to third-party eavesdropping, and invites you to prove it wrong.
D-Link Camera Security Flaw: Upgrade Now
News  |  4/30/2013  | 
16 vulnerable D-Link IP camera models have password issue that provides a back door, so attackers could intercept live video feed. Get the firmware update.
Building A Detente Between Developers And Security
News  |  4/30/2013  | 
Don't give a long list of software defects to the developers if you value a good working relationship
Recent Breaches More Likely To Result In Fraud
News  |  4/29/2013  | 
A victim whose data is stolen in the past year will have a 1-in-4 chance of becoming a fraud victim as well, says Javelin's latest breach analysis
Big Data Makes A Big Target
Commentary  |  4/29/2013  | 
LivingSocial.com is another in a long line of "big scores" for data attackers
Mobile AV Apps Fail To Detect Disguised Malware
News  |  4/29/2013  | 
Researchers test popular mobile antivirus apps on ability to detect repackaged, transformed versions of known Android malware
LivingSocial Says Cyberattack Puts Data Of 50 Million Customers At Risk
Quick Hits  |  4/29/2013  | 
Shopping and deals site LivingSocial says all customers should change passwords; source of hack undisclosed
Syrian Electronic Army Strikes Again, Hacks Guardian Twitter Accounts
News  |  4/29/2013  | 
Eleven Twitter accounts associated with the newspaper were hijacked
Spamhaus DDoS Suspect Arrested
News  |  4/29/2013  | 
Cyberbunker leader traveled Spain in a van, accessed Wi-Fi hotspots to launch DDoS attacks against anti-spam opponents, Dutch authorities allege.
Syrian Hacktivists Hit Guardian Twitter Feeds
News  |  4/29/2013  | 
Pro-Assad hacktivist group takes over 11 Twitter feeds belonging to British news group, decries "lies and slander about Syria."
Managing Mobile Security In Small And Midsize Businesses
Quick Hits  |  4/29/2013  | 
Wireless devices are a boon to SMB productivity -- and a nightmare for security. Here are some tips for securing them
Tech Insight: Time To Set Up That Honeypot
News  |  4/26/2013  | 
A combination of traditional network security monitoring and recent advancements in honeypot and active defense tools is key to detecting today's threats
U.K. 'Big Brother' Bill Blocked -- For Now
News  |  4/26/2013  | 
Deputy Prime Minister Clegg kills so-called "snooper's charter" bill, which would allow broad government monitoring of private communications. But is the bill really dead?
Email Without A Warrant? Senators Not Sold
News  |  4/26/2013  | 
Update to 1986 Electronic Communications Privacy Act would require police to demonstrate probable cause before accessing someone's email or stored cloud data.
Anonymous Australia Disavows Self-Proclaimed LulzSec Leader
News  |  4/26/2013  | 
Australian police trumpet hacktivist mastermind takedown, but Anonymous dismisses him as a wannabe.
DARPA: New Threats Demand New Technologies
News  |  4/26/2013  | 
Agency shifts focus to layered capabilities and cyber as a tactical weapon, as budget constraints and new threats affect plans.
Cloud Security Starts With Development, Better Tools
News  |  4/26/2013  | 
Companies must train their developers in secure coding and rely on others' expertise for complex components of cloud services and Web applications
Possible Exploit Avenue Discovered For DarkLeech Web Server Attacks
News  |  4/25/2013  | 
A researcher at Cisco has uncovered a possible link between a malicious script and an attack that has compromised thousands of Web servers around the globe
Phishers Hack Hosting Providers To Launch Mass Attacks
Quick Hits  |  4/25/2013  | 
Nearly half of all phishing attacks in the second half of last year came via hacked hosting providers, according to new data from the Anti-Phishing Working Group (APWG)
How Lockheed Martin Phishes Its Own
News  |  4/25/2013  | 
Defense contractor built an internal spearphishing simulation program amid concerns of increasing targeted attacks
Websense Reports First Quarter 2013 Results
News  |  4/25/2013  | 
Reports revenues of $87.5 million, compared with $89.5 million in the first quarter of 2012
California Proposes 'Do Not Track' Honesty Checker
News  |  4/25/2013  | 
After DNT standards development stalls, legislators and advertisers seek new path forward on browser privacy.
AP Twitter Hack: Lessons Learned
News  |  4/25/2013  | 
The bad news: beefing up password info won't save businesses from Twitter account takeover attacks.
How Cybercriminals Attack The Cloud
Quick Hits  |  4/25/2013  | 
What attacks are most likely against cloud computing environments? Here's a look -- and some advice
How To Stop Making Excuses For Poor Application Security Testing
News  |  4/25/2013  | 
Policies, prioritization, and planning can keep obstacles from standing in the way of solid preproduction security testing practices
Security Vendors In The Aftermath Of Targeted Attacks
News  |  4/24/2013  | 
RSA, Microsoft, and Bit9 executives share insights on how the high-profile targeted breaches they suffered have shaped things
VSS Monitoring Offers New Network Packet Broker Platforms
News  |  4/24/2013  | 
vBroker NPB system provides advanced traffic filtering, packet optimization, and offloading of unnecessary processing
Hacking Higher Education
News  |  4/24/2013  | 
The cybersecurity challenge on college campuses lies as much with the students as with malicious outsiders.
When Education Gets Too Virtual
News  |  4/24/2013  | 
Students can use technology to undermine the integrity of education.
(ISC)2 And The Cloud Security Alliance Collaborate To Create New Professional Certification For Cloud Security
News  |  4/24/2013  | 
New credential will build on existing certifications offered by both organizations
Java Flaw Targeted By Crimeware Toolkit: Patch Now
News  |  4/24/2013  | 
Don't wait on this update, Java 7 users. Exploit uses bug, patched by Oracle last week, to execute arbitrary code.
Twitter Preps Two Factor Authentication After AP Hoax
News  |  4/24/2013  | 
Security move follows a rash of high-profile account takeovers, including a hoax tweet from the Associated Press' account about White House explosions.
Many Hacked Businesses Remain Unprepared For The Next Breach
Quick Hits  |  4/24/2013  | 
New Ponemon report finds three-fourths of hacked organizations either have had or expect to have a breach that loses them customers and business partners
Prioritizing Your Database Security Patches
News  |  4/23/2013  | 
Patching databases can be painful, but the presence of critical vulnerabilities can make closing security holes quickly necessary
The Many Faces Of The Verizon Data Breach Investigation Report
Commentary  |  4/23/2013  | 
Verizon's annual data breach report offers volumes of data -- and even more interpretations
Java's Security Renaissance Begins
News  |  4/23/2013  | 
Oracle's decision to delay Java 8 to ensure security is done right is a significant step -- but challenges remain for the troubled platform
Cyber Strikes Like Nuclear Bombs, Says Chinese General
News  |  4/23/2013  | 
Chinese official calls for better Internet security, denies reports that China-affiliated attackers are targeting Western competitors.
Twitter Battles Syrian Hackers
News  |  4/23/2013  | 
Hacking group Syrian Electronic Army seizes CBS Twitter accounts and publishes links to websites that infect visitors with malware.
Should Insiders Really Be Your Biggest Concern?
News  |  4/23/2013  | 
Verizon's Data Breach Investigations Report shows that by volume of breach occurrences, external attackers cause problems the majority of the time
Did The Dog Bark In the Night?
Commentary  |  4/23/2013  | 
What we still don't know, despite the data
Lawsuits Bring Clarity To SMBs In Corporate Account Takeovers
News  |  4/22/2013  | 
Small businesses have had millions of dollars stolen from their accounts by online thieves; court cases have started creating a clear picture of responsibilities
Report: DDoS Attacks Getting Bigger, Faster Than Ever
Quick Hits  |  4/22/2013  | 
DDoS attacks of more than 10 Gbps now happen several times a day across the globe, study says
No 'One Size Fits All' In Data Breaches, New Verizon Report Finds
News  |  4/22/2013  | 
Verizon Data Breach Investigations Report 2013 says financial cybercrime accounting for three-fourths of real-world breaches, followed by cyberespionage in one-fifth of breaches
Chinese Hackers Seek Drone Secrets
News  |  4/22/2013  | 
"Comment Crew" gang that fanned fears of Chinese hacking launches malware that combs for drone technology information.
Scan My Eyeball, Already
Commentary  |  4/22/2013  | 
Could consumers be the catalyst for the password's ultimate demise?
Page 1 / 3   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Incorporating a Prevention Mindset into Threat Detection and Response
Threat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time. The report covers areas enterprises should focus on: What positive response looks like. Improving security hygiene. Combining preventive actions with red team efforts.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-05-24
SiteServer CMS < V5.1 is affected by an unrestricted upload of a file with dangerous type (getshell), which could be used to execute arbitrary code.
PUBLISHED: 2022-05-24
SiteServer CMS V6.15.51 is affected by a SQL injection vulnerability.
PUBLISHED: 2022-05-24
SiteServer CMS V6.15.51 is affected by a Cross Site Scripting (XSS) vulnerability.
PUBLISHED: 2022-05-24
Business Logic Errors in GitHub repository erudika/para prior to 1.45.11.
PUBLISHED: 2022-05-24
Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product.