Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in May 2012
Page 1 / 3   >   >>
Companies See Business In 'Doxing' The Adversary
News  |  5/31/2012  | 
It's not a malware problem -- it's an adversary problem: More security firms are focusing on the people behind the keyboards in order to stymie attacks
Is Lax SMB Security A Myth?
News  |  5/31/2012  | 
Small and mid-size businesses defy perception by spending more than ever on security, according to a new IDC report. Now growing twice as fast as overall IT budgets, SMB security spending will total $5.6 billion in 2015.
State-Sponsored Backdoor Or Programming Faux Pas?
Commentary  |  5/31/2012  | 
Backdoor in Android-based handsets sponsor, bad programming, or a #win for Apple's stringent application QA process?
Former Federal Reserve Bank Contractor Pleads Guilty In Code Theft
Quick Hits  |  5/31/2012  | 
Deal in case of theft of accounting software worth $9.5 million could cut programmer's prison sentence from 10 years to less than two
How Flame Hid In Plain Sight For Years
News  |  5/31/2012  | 
Easy-to-crack encryption likely helped keep Flame alive, as well as its resemblance to conventional software
Flame Malware's Ties To Stuxnet, Duqu: Details Emerge
News  |  5/31/2012  | 
All three pieces of malware seemingly commissioned by the same entity and developed on the same platform, but by different groups of developers, security researchers say.
New Advanced Persistent Threat, IXESHE, On The Rise
Quick Hits  |  5/31/2012  | 
Malware makes use of targeted email with malicious attachments
U of Nebraska Breach Highlights Education In Crosshairs
News  |  5/30/2012  | 
Database containing 654,000 exposed through 'targeted' attack
Iranian CERT Takes Center Stage With Flame
News  |  5/30/2012  | 
Yes, Iran has a Computer Emergency Response Team (CERT), too -- and it has made its debut in the global security arena with Flame research, removal tool
Obama Administration Partners With Industry To Fight Botnets
News  |  5/30/2012  | 
At a White House event Wednesday, officials unveiled a series of initiatives meant to fight botnet infections
Kim Dotcom Gets Access To FBI's Megaupload Documents
News  |  5/30/2012  | 
Dotcom's defense campaign won a boost when a New Zealand judge refused to rubber-stamp U.S. prosecutors' request for extradition.
Flame FAQ: 11 Facts About Complex Malware
News  |  5/30/2012  | 
Size of Flame dwarfs existing spyware, keyloggers, and other malware. Drill down for a closer look at the crucial technology and military issues.
Flame's Big Question: What Else Is Lurking?
News  |  5/30/2012  | 
Stealth and scope of Flame intrigues researchers looking for other nation-state sponsored spyware and attacks.
Database Monitoring, SIEM Top IT's List
Quick Hits  |  5/29/2012  | 
IT organizations want better visibility into their network in order to react more quickly to advanced threats, McAfee report finds
Top 5 Myths About Insider Threats
News  |  5/29/2012  | 
Myths about who insiders are and how they're putting data at risk keep mitigation efforts at bay
Are Your Secrets Safe In The Cloud?
News  |  5/29/2012  | 
With so much data being hosted in the cloud, companies need to look at side-channel attacks to make sure they know who has access to their data and how to keep it secret
'Flame' Fans Notion Of More Weapons Yet To Be Found
News  |  5/29/2012  | 
Targeted attack looks a lot like conventional spyware, but with some major twists -- and questions about links to Stuxnet, Duqu
Data Breach Costs Massachusetts Hospital $750K
News  |  5/29/2012  | 
South Shore Hospital pays a hefty $750,000 to settle a lawsuit alleging that it failed to protect personal and confidential patient information.
SSD Tiering: Why Caching Won't Die
Commentary  |  5/29/2012  | 
Solid state storage is fast, but speed alone doesn't solve data management challenges.
FBI Busts Mayor For Hacking Recall Website
News  |  5/29/2012  | 
New Jersey mayor and son arrested and accused of targeting website and email account associated with a campaign to recall the mayor.
Newly Discovered 'Flame' Cyberespionage Tool Infects Iran, Middle East
News  |  5/29/2012  | 
Malware, described as the most complex ever discovered, has the markings of Western intelligence agencies and has been around since at least 2010
Flame Espionage Malware Seeks Middle East Data
News  |  5/29/2012  | 
Flame malware, described as the most complex ever discovered, has the markings of Western intelligence agencies. Security researchers believe it's been gathering information from Iran, Lebanon, Syria, and other countries since at least 2010.
Social Engineers Steal 500,000 Customers' Data From WHMCS
Quick Hits  |  5/29/2012  | 
Client management billing platform provider says its hosting provider was breached
Cutting The Lag Between Detection And Action
News  |  5/25/2012  | 
Detecting a threat does little good if the targeted company is not ready to respond. Security experts weigh in on ways to speed a business' response to threats
Reopen Google Wi-Fi Investigation, Say Lawmakers
News  |  5/25/2012  | 
Two Congressmen call on the Department of Justice to investigate whether Google's wardriving practices violate wiretapping laws.
Fatalism, Realism -- Or The New Normal
Commentary  |  5/25/2012  | 
The 'new' reality that you can't stop a determined attacker and you've likely already been hacked has become an accepted mantra
IBM Bans Dropbox: Should SMBs Follow Suit?
News  |  5/24/2012  | 
IBM's about-face on bring-your-own policy might be too draconian for small companies, but it serves as a reminder that some popular cloud services come with inherent risks.
Stolen Laptop Exposes Boston Hospital Patient Data
News  |  5/24/2012  | 
An email attachment containing patient data was unencrypted and accessible
Malware Mania: Badware And Botnets Explode
Quick Hits  |  5/24/2012  | 
McAfee's new threat report for Q1 shows bots and PC and mobile malware on the rise
Security Expert Fools, Records Fake Antivirus Scammers
News  |  5/24/2012  | 
Phony AV scammers posing as Microsoft dialed the wrong number when they inadvertently phoned a security researcher at home -- who exposed their obvious lack of technical know-how
Android Malware Surges, Botnet Business Booms
News  |  5/24/2012  | 
McAfee reports thousands of new malware apps targeting Android appeared early this year, along with a steady stream of botnet updates.
London 2012 Olympics Scammers Seek Malicious Gold
News  |  5/24/2012  | 
Expect escalating levels of malware, fake mobile apps, and online scams in the lead-up to this summer's Olympics, warns the Department of Homeland Security.
Don't Be The Nerdiest Person In The Room
Commentary  |  5/24/2012  | 
Technical language has its place, but overuse hampers compliance
How To Detect And Root Out Sophisticated Malware
Quick Hits  |  5/24/2012  | 
New report offers insights on excising that hard-to-detect malware
Project Finds, Purges Vulnerable Code Snippets From The Net
News  |  5/23/2012  | 
Community effort hopes to clean up insecure code found in the public domain
Poorly Managed Firewall Rule Sets Will Flag An Audit
News  |  5/23/2012  | 
Auditors and compliance managers alike are depending on firewall management principles and tools to cut through the complexity
Google Spreads Word On DNSChanger Malware
News  |  5/23/2012  | 
After taking down the botnet, the FBI is still trying to alert 500,000 people that their PCs are infected with the malware. Some Google search users are now getting direct warnings.
7 Lessons From MilitarySingles.com Hack
News  |  5/23/2012  | 
LulzSec Reborn hacktivist group exploited the site's poor security checks on user-uploaded content, made away with easily cracked passwords.
Microsoft Bloatware Cleaning Offer Treats You Like Dirt
Commentary  |  5/23/2012  | 
For just $99, Microsoft will eliminate the junk added to its Windows 7 PCs by OEM manufacturers. Steve Jobs would have enjoyed this development.
Malware 'Licensing' Could Stymie Automated Analysis
News  |  5/22/2012  | 
The use of encryption and digital-rights management techniques by the authors of malicious code could make automated analysis of malware take longer and require human intervention more often
Are You A Human Confirms Man Or Machine With Games
Quick Hits  |  5/22/2012  | 
Start-up offers new type of CAPTCHA that doesn't rely on discerning and typing letters and numbers from distorted text prompts
Researchers 'Map' Android Malware Genome
News  |  5/22/2012  | 
New initiative promotes sharing of Android malware research worldwide, beefing up mobile anti-malware tools
Anonymous Hacks, Leaks U.S. Bureau of Justice Database
News  |  5/22/2012  | 
'Monday Mail Mayhem' campaign by hactivist group posts 1.7-GB archive of emails and other data online
Anonymous Leaks 1.7 GB Justice Department Database
News  |  5/22/2012  | 
Attackers were assisted by Anonymous affiliate AntiS3curityOPS, which launched its own anti-NATO attack against the Chicago Police Department website.
State Of Utah Fires Tech Director Over Breach
Quick Hits  |  5/22/2012  | 
Utah IT director 'lacked oversight and leadership' in incident that exposed personal details of 780,000, governor says
Revamp Mobile Policy To Secure The Cloud
News  |  5/21/2012  | 
A majority of employees bring their own devices into work and connect out to the cloud -- now it's time to gain greater control over the security of these devices
Iranian Hackers Claim They Compromised NASA SSL Digital Certificate
News  |  5/21/2012  | 
'Cyber Warriors Team' says it stole information on thousands of NASA researchers via a man-in-the middle attack
9 Lessons From Utah Data Breach
News  |  5/21/2012  | 
Breach of unencrypted data affected 28% of the state's residents; one in 10 had Social Security numbers stolen. How can you avoid such an epic fail?
Overlook The Obvious And Risk Everything
Commentary  |  5/21/2012  | 
Failure to follow fundamental common-sense security policies can produce disastrous results, as the state of Utah discovered
Security Leaders Urged To Take Action, Responsibility
Quick Hits  |  5/20/2012  | 
Talk is no longer enough for IT security pros, keynote speakers say at ISSA-LA conference
Page 1 / 3   >   >>

Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.