Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in May 2010
<<   <   Page 4 / 4
The Idiot Threat
Commentary  |  5/6/2010  | 
It's been interesting to see how the failed bombing in New York's Times Square has been sifted for "lessons."
Federal CSOs Split On Their Views Of Agency Security Posture
News  |  5/6/2010  | 
In survey, only half of CSOs think they have the ability to impact the security posture of their agency; more than one-quarter say their posture has slipped
Breaches Rise In U.K. Firms Along With Wireless, VoIP, Social Networking
News  |  5/6/2010  | 
Pricewaterhouse Coopers survey finds large organizations hit with an average of 45 data breaches a year
Federal Security Chiefs Take On Enhanced Strategic Role
News  |  5/6/2010  | 
A new survey of chief information security officers in government shows the job is becoming more policy oriented, with funding and shared services among their priorities.
Internet Explorer 6: Hard To Kill
News  |  5/6/2010  | 
Panels at the Web 2.0 Expo agree that ongoing use of IE6 is holding back Web
2010 Strategic Security Survey
News  |  5/6/2010  | 
We've weathered years of stagnant budgets. Could proof of a sophisticated network of attackers formidable enough to drive Google out of China finally open management's eyes to what it takes to protect data?
2010 Strategic Security Survey
News  |  5/6/2010  | 
We've weathered years of stagnant budgets. Could proof of a sophisticated network of attackers formidable enough to drive Google out of China finally open management's eyes to what it takes to protect data?
7 Steps To Better Identity Management
News  |  5/6/2010  | 
Here's what you need to know about managing employee identities in this age of outsourcing and SaaS.
ID Management Where It Matters
News  |  5/6/2010  | 
Memorial Sloan-Kettering Cancer Center, the world's oldest and largest private cancer center, spent 18 months in the RFP process before it settled on Courion's Identity and Access Management offering as part of its governance, risk, and compliance strategy.
7 Steps To Better Identity Management
News  |  5/6/2010  | 
Here's what you need to know about managing employee identities in this age of outsourcing and SaaS.
Security Tradeoffs In Web App Development Platforms
Quick Hits  |  5/6/2010  | 
Web programming languages each have their own security strengths and weaknesses -- website security tied more to the app itself, according to a new report
Express Airport Security Set To Resume
News  |  5/6/2010  | 
Alclear purchases assets of popular -- but defunct -- airport express security provider, Clear, and prepares to restart the service this autumn.
Cloud's Role In Backup, Part III
Commentary  |  5/6/2010  | 
In this final entry on cloud based backup we will examine how enterprise backup systems can leverage the cloud. This involves the developer of the backup application to add cloud support directly to their application and providing an option to replicate or move backup jobs to an internet based storage repository. Essentially cloud storage becomes another target option to the application, similar to the
VaporStream Takes E-mail "Off The Record"
Commentary  |  5/6/2010  | 
Not every e-mail needs to be part of the permanent record -- which is the point VaporStream is making with 256-bit encrypted "vanishing" e-mail service. Could be just what the doctor ordered for dealing with e-mail overload -- although more than a few divorce lawyers and tabloid headline writers might disagree.
Alert: Disposable Facebook Apps Installing Adware
Commentary  |  5/6/2010  | 
Just like throwaway domains on the wider Internet, it seems like criminals now use throwaway applications on Facebook. They bring one app online to lure users and potentially infect them, and by the time one is taken down by Facebook, they create yet another.
'Twitterview' With Microsoft
Commentary  |  5/5/2010  | 
I sometimes get a little long-winded when I pose a question to a source during an interview. But I undoubtedly will be pithy tomorrow when I conduct Dark Reading's first-ever "twitterview," or interview via Twitter, where I'll be strictly limited to 140 characters or less for a question.
New Microsoft Forefront Software Runs Five Antivirus Vendors' Engines
News  |  5/5/2010  | 
Forefront Protection 2010 for SharePoint supports AV from Authentium, Kaspersky Lab, Norman, and VirusBuster as well as Microsoft
Product Watch: FireEye Unveils Signature-Less Anti-Malware Appliances
News  |  5/5/2010  | 
"Modern malware" detection and prevention behind the firewall
Open-Source DLP Package Launched
Quick Hits  |  5/5/2010  | 
OpenDLP offers free alternative to high-priced data leak prevention products
DLP Gets An Open-Source Boost
Commentary  |  5/5/2010  | 
Data loss, or leakage, prevention (a.k.a. DLP) is a product class that includes data discovery, classification, and monitoring to prevent your sensitive data from falling into the wrong hands. Some implementations are configured to alert instead of block, but the basics are the same. You have sensitive data, you don't always know where it is, so you use DLP tools to find it and keep it safe.
CenturyTel Profits Triple, Qwest's Plunge
News  |  5/5/2010  | 
The first quarter earnings reports were released as CenturyTel is in the process of acquiring Qwest.
Exclusive: Gmail Ditched By Major University
News  |  5/5/2010  | 
IT executives at the school say Google's commitment to privacy and security doesn't meet their standards.
Cloud's Role In Backup, Part II
Commentary  |  5/5/2010  | 
In our last entry we discussed how the backup process is a natural fit for the use of cloud storage and how the first model of cloud backup is being used. In this entry we will discuss the second of the other two cloud backup implementation methods, hybrid cloud storage and then tomorrow we will cover cloud enabled enterprise backup.
Security Flaws Found In Coast Guard IT System
News  |  5/5/2010  | 
IT configuration and security errors weakened the Department of Homeland Security financial system, audit report says
A Decade Ago, ILoveYou Worm Changed Security
Commentary  |  5/5/2010  | 
It's been a decade to the week since the infamous "Love Bug "or ILoveYou virus hammered in-boxes around the world. While mass-mailer viruses of this type don't make headlines anymore, the ILoveYou virus forever changed the face of IT security.
Most Social Network Users Post Private Data
News  |  5/5/2010  | 
More than half of social network users post private information online, exposing themselves to malware and identity theft, study finds.
Department of Treasury Web Site Hacked
News  |  5/5/2010  | 
Hackers redirected visitors to a malicious site until the agency took the infected site down.
Adobe's New Privacy Feature For Flash Clashes With Online Fraud Detection
News  |  5/4/2010  | 
Financial institutions, ecommerce sites will no longer be able to rely on Flash objects, cookies to help ID legitimate users, experts say
Product Watch: Sophos Sells Majority Interest To Private Equity Firm
News  |  5/4/2010  | 
Deal with Apax Partners values company at $830 million; founders retain minority shares
75% Of SMBs Never Store Data Offsite: KineticD
Commentary  |  5/4/2010  | 
The migration of storage to the cloud may be the first time many small and midsized business have adequately backed up data offsite, according to a new survey from cloud storage company KineticD.
Google's Browser Trumps Microsoft's
News  |  5/4/2010  | 
Chrome's increase in market share was nearly equal to security-prone Internet Explorer's drop in usage share, according to NetApplications
Cybersecurity Summit Targets Public, Private Cooperation
News  |  5/4/2010  | 
A gathering of tech industry leaders, policymakers, and national security officials aims to address the risks of cyberattacks on infrastructure.
Report: U.S. Internet Registrars Continue To Host Phony Online Pharmacy
Quick Hits  |  5/4/2010  | 
How a major fake online pharmacy out of Russia is able to continue selling drugs despite evidence of criminal operations
XSS Vulnerabilities Happen To Everybody
Quick Hits  |  5/3/2010  | 
Cross-site scripting flaw found in UK's Cybersecurity Challenge site
New IM Worm Spreading Fast
News  |  5/3/2010  | 
Aggressive new variant of an older worm circulating around Yahoo Messenger lets attacker take over a victim's machine
Product Watch: Imation Rolls Out Secure Data Storage Portfolio
News  |  5/3/2010  | 
New data-at-rest line features encryption, authentication, and FIPS compliance
NIST Tackles Cybersecurity Education
News  |  5/3/2010  | 
The National Institute of Standards and Technology will spearhead the national cybersecurity workforce development and awareness campaign.
China Missing From Top Spammers List
News  |  5/3/2010  | 
The majority of spam produced globally comes from the United States, followed by India and Brazil. China isn't in the top 15, says a Sophos report.
Cloud Storage's Role In Backup, Part I
Commentary  |  5/3/2010  | 
One of the areas where most consumers, small businesses and even enterprises will first experience cloud storage is as part of the backup process. There are basically three options for cloud based backup and choosing the right one depends on the size and needs of your organization. Over the next two entries we will detail each of the methods.
Simple USB Flash-Drive Protection
Commentary  |  5/3/2010  | 
Sneakernet-borne viruses seemed like a thing of the past until we started having Conficker outbreaks. There has been other malware that targeted USB storage devices before Conficker, but for some reason none had been as effective at spreading...something that's likely attributable to the multipronged attack capability.
Fake Anti-Virus Boom May Prompt Bigger Fake Anti-Virus Boom: Google
Commentary  |  5/3/2010  | 
With 15% of all malware now identified as fake anti-virus scan scams and growing, it's more clear than ever that the crooks have found market niche that's not only filled with targets, but also may be self-reinforcing.
Mobile Spy Tracks Android Email, Texts, Photos
News  |  5/3/2010  | 
Hidden software enables employers -- or parents -- to view all messaging activity, and its contents, sent or received from any Android smartphone.
<<   <   Page 4 / 4


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27706
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/&quot;IPMacBindIndex &quot;request. This occurs because the &quot;formIPMacBindDel&quot; function directly passes the parameter &quot;IPMacBind...
CVE-2021-27707
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/&quot;portMappingIndex &quot;request. This occurs because the &quot;formDelPortMapping&quot; function directly passes the parameter &quot;portMappingIn...
CVE-2021-28098
PUBLISHED: 2021-04-14
An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for...
CVE-2021-30493
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wor...
CVE-2021-30494
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wo...