Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in May 2011
<<   <   Page 3 / 3
Two Zero-Day Flaws Used To Bypass Google Chrome Security
News  |  5/10/2011  | 
French researchers say they hacked their way out of browser's sandbox, bypassed DES and ASLR
If An ESIM Falls In The Woods, Does Anyone Care?
Commentary  |  5/10/2011  | 
To the operationally minded, the loss of security monitoring capabilities will almost always play second fiddle to availability for Internet and internetworked resources
DDoS Attacks Evolve And Spread
News  |  5/10/2011  | 
Nearly two-thirds of organizations have been DDoS'ed in the past year--even smaller organizations, new VeriSign report finds.
Developers Skip Third Party Code Checks
News  |  5/10/2011  | 
Businesses routinely assess their own software for security and quality, but many fail to test code from external vendors that goes into their products, reports Forrester.
A National Monitoring Infrastructure
Commentary  |  5/10/2011  | 
It's theoretically possible, but who could orchestrate such a huge collaborative endeavor, and would it be possible to bring both private and public data under government oversight?
Network That Supports Anonymous Hacker Group Is Compromised
Quick Hits  |  5/9/2011  | 
Operators advise users to "stay away" from AnonOps.net
Self-Encrypting Hard Drives Face Perception Challenge
News  |  5/9/2011  | 
IT professionals see benefits, but questions linger over the cost, manageability, and speed of self-encrypting hard drives, says a Ponemon Institute survey.
OpenID Warns Of Serious Bug
News  |  5/9/2011  | 
Facebook, Google, and Yahoo are among the millions of websites that use the single sign-on technology.
DDoS Attacks Evolve And Spread
News  |  5/9/2011  | 
Nearly two-thirds of organizations have been DDoS'ed in the past year--even smaller organizations, new VeriSign report finds
Can Companies Share Security Data? New Report Says Yes
News  |  5/7/2011  | 
Emerging standards, industry initiatives could enable enterprises to collaborate on security
Tech Insight: Spear Phishing A Tough Catch
News  |  5/6/2011  | 
But there are technical and training strategies that can help lessen the chances that users will fall for these socially engineered email-based attacks
Cybercrime Losses Among SMBs Reach New Highs In Study
Quick Hits  |  5/6/2011  | 
Javelin Research uncovers SMB victim costs that go beyond previously reported data
We Will Get Fooled Again
Commentary  |  5/6/2011  | 
It's time to start a quiet revolution against security marketing buffoonery
Password Manager Service LastPass Investigating Possible Database Breach
News  |  5/5/2011  | 
Users must change master passwords -- but not all right now.
Cracking Bin Laden's Hard Drives
News  |  5/5/2011  | 
Security experts detail how the government will attempt to unlock the "trove of information" on devices recovered during the raid on Osama bin Laden's residence.
How To Know What To Safely Send To The Cloud
News  |  5/5/2011  | 
Online services have come under increasing attack -- how can enterprises ensure that their cloud service is secure and available?
Disabling Features Make Some Microsoft Bugs Unexploitable
Quick Hits  |  5/5/2011  | 
eEye study finds that disabling two well-known features in Microsoft products would prevent attackers from exploiting 12 percent of vulnerabilities
Password Manager Service LastPass Investigating Possible Database Breach
News  |  5/5/2011  | 
Users must change master passwords -- but not all right now
Sony Brings In Forensic Experts On Data Breaches
News  |  5/5/2011  | 
Data Forte, Guidance Software, and Protiviti will investigate who hacked into Sony's servers and how they cracked the company's defenses.
Cloud Storage Spurned By Fortune 1000
News  |  5/5/2011  | 
Concerns about costs, speed of data retrieval led 87% of enterprises surveyed by TheInfoPro to dismiss the technology for archive and backup.
FTC Settles Complaint Against Companies That Failed To Protect Personal Data
Quick Hits  |  5/5/2011  | 
Sensitive information on 65,000 individuals was compromised, commission says
FTC Settles With Companies Over Exposed Records
News  |  5/4/2011  | 
Ceridian and Lookout Services settle with Federal Trade Commission over "unfair and deceptive" security practices that exposed sensitive information on 65,000 people.
Sony Reels From Massive Customer Data Breach
News  |  5/4/2011  | 
PlayStation account-holder data likely still at risk.
Sony Still Digging Its Way Out of Breach Investigation, Fallout
News  |  5/4/2011  | 
Sony knew of the vulnerabilities that led to the breach, a noted security expert tells Congress
Best Buy Suffers Second Email Breach
News  |  5/4/2011  | 
Epsilon hack victim's customer emails exposed yet again -- via a different vendor
Bin Laden Death Triggers Cyber Scams
News  |  5/4/2011  | 
Homeland Security warns about rogueware and phishing attacks masquerading as news about the Al Qaeda leader.
How To Respond To The Sony Attacks
Commentary  |  5/4/2011  | 
How to protect yourself from similar database attacks
Apache Web Server Under Stealth Attack
News  |  5/4/2011  | 
Malicious code uses Apache's own filter capabilities to transform the server module into a malware platform.
Network And Systems Administrators Getting Less Sleep Than Ever
Quick Hits  |  5/4/2011  | 
Forty percent say security breaches keep them up at night
Five Stories Over Five Years That Shaped Security
News  |  5/3/2011  | 
Dark Reading commemorates its fifth anniversary with retrospectives on organized crime, USB sticks, the "soupnazi," and APTs
Recent Database Breaches Teach Security Lessons -- The Hard Way
News  |  5/3/2011  | 
Gawker, Epsilon, TSS of San Juan offer window into database hacks -- and how to defend against them
Log Management Spurs Data Collection Debate
News  |  5/3/2011  | 
First you have to know what to collect before you can analyze all of the data you gather
Dark Reading's First Five Years: A Look Back -- And Ahead
Commentary  |  5/3/2011  | 
Taking a moment to celebrate DR's fifth anniversary of publication
Apple Macs Targetted By Crimeware Toolkit
News  |  5/3/2011  | 
The OSX operating system now faces botnet software as well as a fake antivirus campaign launched via Google image searches on Osama Bin Laden.
Symantec Refreshes Backup Exec For SMBs
News  |  5/3/2011  | 
Appliance and cloud versions of the backup and recovery platform, which had previously been delivered solely as client-side software, will be introduced later this year.
U.S. Intelligence Connects The Dots On Bin Laden
Commentary  |  5/3/2011  | 
Intelligence agencies are leveraging new surveillance technologies and IT architectures to facilitate information sharing in their anti-terrorism and other national security efforts.
Police Car DVR P0wnage
Commentary  |  5/3/2011  | 
Another security failure in an embedded technology leads to unanticipated risks for police forces and a vendor denial
Sony Reports 24.5 Million More Accounts Hacked
News  |  5/3/2011  | 
After a second breach, the company suspends all Sony Online Entertainment multiplayer games as the number of compromised user accounts exceeds 100 million.
FBI Defends Cyber Investigation Capabilities
News  |  5/3/2011  | 
Exclusive: An FBI official argues that an audit finding insufficient national cybersecurity investigation skills doesn't reflect current expertise and results.
Recent Breaches Spur New Thinking On Cloud Security
News  |  5/2/2011  | 
Cloud providers might be attractive targets for attackers, but liability can't be outsourced, experts say.
ERP Apps Often Left Exposed
News  |  5/2/2011  | 
Vulnerabilities in Oracle JD Edwards ERP applications all exploitable by unauthenticated attacker.
Cloud Vendors Punt Security To Users
News  |  5/2/2011  | 
Nearly 80% of cloud computing providers say customers don't evaluate data security before selecting a vendor, according to a recent Ponemon survey.
ERP Apps Often Left Exposed
News  |  5/2/2011  | 
Vulnerabilities in Oracle JD Edwards ERP applications all exploitable by unauthenticated attacker
Researchers Catch Targeted Attack On Popular Soccer Website
Quick Hits  |  5/2/2011  | 
Goal.com hit with previously unknown malware kit, according to Armorize
Recent Breaches Spur New Thinking On Cloud Security
News  |  5/2/2011  | 
Cloud providers might be attractive targets for attackers, but liability can't be outsourced, experts say
<<   <   Page 3 / 3


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24028
PUBLISHED: 2021-04-14
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.
CVE-2021-29370
PUBLISHED: 2021-04-13
A UXSS was discovered in the Thanos-Soft Cheetah Browser in Android 1.2.0 due to the inadequate filter of the intent scheme. This resulted in Cross-site scripting on the cheetah browser in any website.
CVE-2021-3460
PUBLISHED: 2021-04-13
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker.
CVE-2021-3462
PUBLISHED: 2021-04-13
A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device object.
CVE-2021-3463
PUBLISHED: 2021-04-13
A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error.