Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Privacy
Compliance
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management

News & Commentary

Content posted in May 2011
Page 1 / 3   >   >>
Sharing Relational Data In The Cloud
Commentary  |  5/31/2011  | 
Databases are designed to share data, so it's easy to leverage built-in security for cloud services
'APT' Among Top Three Security Worries In 2011
Quick Hits  |  5/31/2011  | 
nCircle survey finds wider understanding of risks, less financial support for security projects
A Tale Of Two Hacks
Commentary  |  5/31/2011  | 
The similarities and differences in the Lockheed and RSA attacks
Targeted Attacks On U.S. Defense Contractors: Fallout From RSA Breach?
News  |  5/31/2011  | 
No one's saying for sure, but the timing of the attack and Lockheed's reported SecurID token updates have sparked plenty of speculation
DOD Says Cyber Attacks May Mean War
News  |  5/31/2011  | 
The Pentagon's forthcoming cyber strategy will formalize the possibility of a physical response to a virtual attack, according to published reports.
PBS Website Hacked With Fake News
News  |  5/31/2011  | 
Attackers exploit zero-day vulnerability in MoveableType in retaliation for a Frontline episode's portrayal of WikiLeaks leaker Bradley Manning.
Tablets Cut Into Hard Disk Drive Revenue
News  |  5/31/2011  | 
Growth is slowing for HDDs due to the increasing use of low-cost, portable devices and cloud storage, reports IHS iSuppli.
Dark Reading Revamps SMB Security Tech Center
Commentary  |  5/31/2011  | 
As cybercriminals take aim at small businesses, Dark Reading offers new coverage
Lockheed Martin Suffers Massive Cyberattack
News  |  5/30/2011  | 
"Significant and tenacious" attack targeted multiple U.S. defense contractors and may have involved hack of RSA SecurID system.
Five Infamous Database Breaches So Far In 2011
News  |  5/27/2011  | 
An alarming trend of security companies getting hacked serves as a wake-up call that no one is immune
Product Watch: New Service Aims To Improved Botnet Detection Among Service Providers
News  |  5/27/2011  | 
Damballa CSP 1.6 automates subscriber notification and remediation of botnet infections
35 Million Google Profiles Captured In Database
News  |  5/27/2011  | 
A security researcher was able to collect information from Google Profiles and save millions of files in a SQL database in about a month.
Survey: Breaches Cost Some Healthcare Organizations $100K Per Day
Quick Hits  |  5/27/2011  | 
Even with due diligence on HIPAA, HITECH requirements, healthcare organizations are still suffering patient-data breaches
More Sony Problems Reported; Company Launches ID Theft Service
News  |  5/26/2011  | 
Debix gets the call to help thousands of PlayStation Network users affected by breach.
DNS Filtering Legislation Would Derail DNSSEC, Experts Contend
News  |  5/26/2011  | 
Senate bill that aims to protect copyright infringement online could backfire security-wise, according to a who's who of Internet infrastructure and security experts
DHS Advances Einstein Cybersecurity Deployment
News  |  5/26/2011  | 
The Department of Homeland Security plans to hire IT experts who can support Einstein and other security technologies.
The Top Three Malware-Based Threats To Small And Midsize Businesses
News  |  5/26/2011  | 
SMBs wrestle to handle Zeus Attacks, website infections, and business-logic vulnerabilities
Five Big Security Problems SMBs Face -- And What To Do About Them
Quick Hits  |  5/26/2011  | 
Digital issue of InformationWeek offers insights on security in small and midsize companies
Cookiejacking Attack Steals Website Access Credentials
News  |  5/26/2011  | 
All Internet Explorer users on all versions of Windows are at risk from zero-day attack that can steal any website cookie, allowing an attacker to impersonate their victim.
Google Fixes Authentication Flaw
News  |  5/26/2011  | 
Vulnerability leaves Android smartphones open to sidejacking
More Sony Problems Reported; Company Launches ID Theft Service
News  |  5/26/2011  | 
Debix gets the call to help thousands of PlayStation Network users affected by breach
Freebie Black Hole Exploit Kit Limited By Encoding
News  |  5/25/2011  | 
Obfuscated and encoded code prevents easy customization and creation of new versions
GlobalSign Markets Encryption Service To Healthcare
News  |  5/25/2011  | 
Healthcare organizations spend too much time on compliance, not enough on data security, according to a GlobalSign survey.
The Inconvenient Truth About Breaches
Quick Hits  |  5/25/2011  | 
Assume you've been attacked and line up the tools and information to predict, detect, and respond to it, new Dark Reading Analytics Alert says
Apple Promises MacDefender Fix
News  |  5/25/2011  | 
The impact of rogue security software attacks like MacDefender has prompted Apple to issue advice about the malware and to commit to issuing a software fix.
3 Banks Service Majority Of Spam-Driven Sales
News  |  5/25/2011  | 
95% of spam-advertised products are monetized using merchant services from just a handful of banks, suggesting payment handling is the weak link in the global spam value chain.
Attackers Step Away From Mainstream, Target Lesser-Known Apps
News  |  5/25/2011  | 
Attackers Step Away From Mainstream, Target Lesser-Known Apps.
Ping Rolls Out Cloud Identity Connectors For LinkedIn, Twitter And Microsoft Live
News  |  5/25/2011  | 
Ping Identity can now connect cloud businesses with six of the largest cloud service and social network sites
Scareware Is Evolving
Commentary  |  5/24/2011  | 
That's right -- scareware is still proving an effective way for threat actors to make quick cash on the Internet
Half Of Lost Or Stolen Mobile Devices Store Sensitive Company Data
Quick Hits  |  5/24/2011  | 
Carnegie Mellon, McAfee report finds that one-third of lost mobile device cases resulted in financial loss to the organization
Attackers Step Away From Mainstream, Target Lesser-Known Apps
News  |  5/24/2011  | 
After beating up Microsoft, Oracle, and Adobe, hackers draw a bead on smaller software vendors
Siemens To Issue Patches For SCADA Products 'In Next Few Weeks'
News  |  5/24/2011  | 
Says attacks would only affect plants without IT security systems
Researcher Challenges Siemens' Public Reaction To New SCADA Flaws
News  |  5/24/2011  | 
Initial solution suggested by Siemens to remedy the critical vulnerabilities failed.
Audio Captchas Easy To Defeat
News  |  5/24/2011  | 
Security researchers have designed automated software that regularly defeats most audio challenge-and-response systems on websites.
LinkedIn Faces Cookie Vulnerabilities
News  |  5/24/2011  | 
The social networking site is set to reduce the length of time before cookies expire and add HTTPS across its site.
Oracle 11G Available On AWS
Commentary  |  5/24/2011  | 
When testing Oracle on Amazon AWS, consider how you will secure your data
Qakbot Malware Infections Spike
News  |  5/23/2011  | 
Worm that targets financial information infected 1,500 Massachusetts state PCs, potentially exposing 250,000 residents' personal details.
From Device to Device, From Site To Site
Commentary  |  5/23/2011  | 
Obama administration's digital identities initiative relies on private industry to come together and make it work
Researcher Challenges Siemens' Public Reaction To New SCADA Flaws
News  |  5/23/2011  | 
Initial solution suggested by Siemens to remedy the critical vulnerabilities failed
Security Pros Keys To The Kingdom Leave Encrypted Data At Risk
Quick Hits  |  5/23/2011  | 
Survey finds that, if abused, IT pros' access to encryption keys could do some serious damage to their organizations
Sony Data Breach Cleanup To Cost $171 Million
News  |  5/23/2011  | 
If identify theft or credit card fraud takes place, the company said its actual costs could rise substantially.
British Trade Union Overwhelmed By DDoS Attack
Quick Hits  |  5/21/2011  | 
Poised for a strike vote, Public and Commercial Services Union site is virtually shut down
Sony A Poster Child For Self-Destructive Security
Commentary  |  5/20/2011  | 
Sony has repeatedly made poor decisions in security and control -- costing the company billions of dollars and giving critical markets it once controlled to Apple, Microsoft, and Nintendo
Hacker Exposes NASA Security Hole
News  |  5/20/2011  | 
A Goddard Space Flight Center FTP server was breached by a Romanian whitehat hacker known as TinKode, who cracked a European Space Agency network a month ago.
Tech Insight: Finding And Securing Your Enterprise's Most Sensitive Data
News  |  5/20/2011  | 
The headlines are full of companies facing serious breaches. Here are some basic steps to protect your enterprise's critical data -- and stay out of the news
Most Common Cause Of Net Downtime Is Human Error, Study Says
Quick Hits  |  5/20/2011  | 
Two-thirds of IT pros say misconfiguration of network devices is source of most security issues
Researchers Decide Not To Give SCADA Vulnerability Talk
News  |  5/19/2011  | 
Last-minute change in plans spurred by Siemens, government officials
Move To Cloud Means Closer Look At Encryption, Experts Say
News  |  5/19/2011  | 
Recent compromises in cloud environments spur new cryptography strategies
SanDisk To Acquire Enterprise SSD Maker
News  |  5/19/2011  | 
The $327 million offer for Pliant signifies an expansion from SanDisk's traditional retail flash memory base into solid state drives for industry.
Survey: Database Administrators, IT Security Still Not On The Same Page
News  |  5/18/2011  | 
DBAs lack understanding of change control, patch management, ISUG study says
Page 1 / 3   >   >>


97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
How a Manufacturing Firm Recovered from a Devastating Ransomware Attack
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Ben saw that management takes locked-down situations very seriously.  
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11873
PUBLISHED: 2019-05-23
wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length fields of the packet: record length, client hello length, to...
CVE-2019-12295
PUBLISHED: 2019-05-23
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion.
CVE-2019-12293
PUBLISHED: 2019-05-23
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
CVE-2018-7201
PUBLISHED: 2019-05-22
CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel.
CVE-2018-7803
PUBLISHED: 2019-05-22
A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted packet. The emulator is used infrequently for application logic testing. It is susceptible to an attack...