Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in May 2013
<<   <   Page 3 / 3
Google Building Management System Hack Highlights SCADA Security Challenges
News  |  5/9/2013  | 
Security challenges related to SCADA systems don't just affect power plants -- ask Google
I Think We're All Botnets On This Bus
Commentary  |  5/9/2013  | 
How many undercover researchers can fit under one cover?
Education Tech Vendors Launch Apps Contest
News  |  5/9/2013  | 
Learning management systems (LMS) vendors hope awards program will spur educational apps development.
8 New Yorkers Indicted As Part of $45 Million Cyberheist Of Prepaid Debit Cards
News  |  5/9/2013  | 
Orchestrated massive global 'bank heist' by an international cybercrime organization targeted credit card processor for MasterCard prepaid debit cards, waged and coordinated mass ATM withdrawals
Health IT Execs' Top Worries: Security, BYOD, Cloud
News  |  5/9/2013  | 
Personal mobile devices still present huge security challenge, say HIMSS Analytics focus group participants.
Unified Threat Management Vendors Don't Excel
News  |  5/9/2013  | 
Our survey shows users aren’t fond of UTM appliances.
McAfee, AV's King Of Crazy, Resurfaces
News  |  5/9/2013  | 
Antivirus pioneer and former fugitive from justice in Belize John McAfee shares more about his code-slinging and drug-smuggling past.
How Syrian Electronic Army Unpeeled The Onion
News  |  5/9/2013  | 
Satire site The Onion details multi-pronged Twitter account takeover strategies used by hacktivists.
Microsoft Issues Emergency Fix For IE Zero-Day
Quick Hits  |  5/9/2013  | 
'Fix it' now available as a temporary defense until actual patch is ready; only IE 8 is affected by flaw
Five Questions To Ask When Choosing A Threat Intelligence Service
Commentary  |  5/9/2013  | 
Threat intelligence services are becoming an essential weapon in the enterprise security arsenal. Do you know how to choose one?
Advanced Persistent Threats: The New Reality
Quick Hits  |  5/9/2013  | 
Once rare and sophisticated, the APT is now becoming a common attack. Is your organization ready?
Department Of Labor Attack Points To Industry Weaknesses
News  |  5/9/2013  | 
Security pros say latest watering hole attack patterns expose the 'ecosystem of mediocrity' set out by today's baseline of protection
Panic Now
Commentary  |  5/8/2013  | 
There is a big difference between panic and anxiety
Senate Bill Calls For 'Watch List' Of Nations Cyberspying On U.S., Trade Sanctions
News  |  5/8/2013  | 
China faces increasing political pressure from the U.S. to curb its cyberespionage activity, but legislation not certain
CounterTack Announces Scout 4
News  |  5/8/2013  | 
Scout 4 introduces a new kernel-level Stealth Agent
Nginx Patches Critical Web Server Software Vulnerability
News  |  5/8/2013  | 
Meanwhile, hackers behind Cdorked malware that targets Apache servers now have extended it to infect open-source Nginx and Lighttpd server software.
10 Reasons SQL Injection Still Works
News  |  5/8/2013  | 
Developer techniques, business process choices, and attacker preferences all play a part in the continued relevance of SQLi
'OpUSA' Hacktivist Attacks Fall Short
News  |  5/7/2013  | 
Anonymous groups wage ad-hoc defacements, data dumps from a few lesser-known sites -- not the planned attacks on major U.S. government agencies, banks
Barracuda Networks Delivers Network Virtualization Platform For Virtualized Networking Applications
News  |  5/7/2013  | 
Barracuda eon llows for “bare metal” performance of virtualized networking applications that require consolidation and multigigabit performance
Convenience Store Chain Hacked, Customer Payment Data At Risk
Quick Hits  |  5/7/2013  | 
MAPCO Express says the FBI is investigating a breach that exposed customer financial data in its stores
Anonymous OpUSA Hackathon: Mostly Bluster
News  |  5/7/2013  | 
DHS predicts Tuesday's hackathon will involve little more than nuisance exploits. Meanwhile, Syrian Electronic Army hacks Twitter feeds of satire site The Onion.
Revel Systems Tackles Identity Theft With iPad POS Security
News  |  5/7/2013  | 
Photo ID feature prevents credit card identity theft at the point-of-sale
Sweet Password Security Strategy: Honeywords
News  |  5/7/2013  | 
To improve detection of database breaches, businesses should store multiple fake passwords and monitor attempts to use them, according to researchers at security firm RSA.
Anonymous, LulzSec, OpUSA Plan Broad Attacks On Government Agencies, Banks On Tuesday
Quick Hits  |  5/7/2013  | 
Hacktivist groups plan denial-of-service attacks on banks, government sites
5 Ways For SMBs To Boost Security But Not Costs
News  |  5/6/2013  | 
Straight-shooting advice--and some out-of-the-box thinking--on how smaller companies can save money on security while doing it better
Metasploit Module Released For IE Zero-Day Flaw Used In Labor Attack
News  |  5/6/2013  | 
Other U.S. energy agencies, organizations targeted in apparent nuclear technology cyberspying campaign that employed a zero-day bug in Internet Explorer 8
Active Data Vs. Active Archive
Commentary  |  5/6/2013  | 
We need better metrics to help us decide what data should be on primary storage and what should be on archive storage.
Security Minor Leagues
Commentary  |  5/6/2013  | 
The security skills gap continues to expand as more companies realize what they need and, more importantly what they don't have. We need a security minor league system to meet the demand
Got Malware? Three Signs Revealed In DNS Traffic
News  |  5/3/2013  | 
Monitoring your network's requests for domain lookups can reveal network problems and potential malware infections
La Vie En ROSI
Commentary  |  5/3/2013  | 
Return on security investment may be slightly less mythical than you think
Threat Nuevo: Latin America, Caribbean Cybercrime On The Rise
Quick Hits  |  5/3/2013  | 
Cybercriminals in the region have built their own tools and learned from their predecessors in other regions, says Trend Micro report in cooperation with Organization of American States (OAS)
Giving FIDO A Longer Leash To Eliminate Web Passwords
News  |  5/3/2013  | 
New alliance gaining momentum in push to develop open architecture for authentication interoperability
Reputation.com Suffers Breach, Changes Customer Passwords
Quick Hits  |  5/2/2013  | 
Some customer information exposed, including salted and hashed passwords from 'a minority' of customers
Facebook Turns Friends Into IT Support
News  |  5/2/2013  | 
Facebook's new Trusted Contacts option lets friends assist with account recovery, so Facebook personnel don't have to.
China Tied To 3-Year Hack Of Defense Contractor
News  |  5/2/2013  | 
U.S. defense contractor QinetiQ ignored persistent attack warning signs, lost terabytes of secret information, say investigators.
Websites Harbor Fewer Flaws, But Most Have At Least One Serious Vulnerability
News  |  5/2/2013  | 
SQL injection drops out of WhiteHat Security's top 10 website vulnerability list
Twitter To News Outlets: More Takeovers Ahead
News  |  5/2/2013  | 
Twitter memo warns of ongoing account takeover attempts, urges media businesses to prepare. Should Twitter be doing more?
Consumer Reports: 58 Million U.S. PCs Infected With Malware
Quick Hits  |  5/2/2013  | 
Malware cost consumers nearly $4 billion in repairs in 2012, Consumer Reports says
Five Habits Of Highly Successful Malware
News  |  5/2/2013  | 
It's no secret that malware is dodging defenses; security experts pinpoint successful strategies, including the use of real-time communications, frequent disguises, and laying low
Learning From Auditor War Stories
News  |  5/1/2013  | 
Stories of IT missteps and unforeseen disasters while auditors are on-site can point to important lessons for preparing for compliance and security
New Mobile Vulnerability Scan App Verifies Mobile Device Security In Seconds
News  |  5/1/2013  | 
SecurityMetrics MobileScan searches for weaknesses that render devices vulnerable to cybercriminals
Fake Firefox Spyware Riles Mozilla
News  |  5/1/2013  | 
Surveillance software pretends to be Firefox to escape detection, report claims. Mozilla lawyers take action.
Dark Reading's Seven-Year Itch
Commentary  |  5/1/2013  | 
After seven years of covering the security industry, Dark Reading is just getting started
FBI Seeks Real-Time Facebook, Google Wiretaps
News  |  5/1/2013  | 
Government proposal would expand wiretap laws to cover not just service providers, but also the likes of Facebook and Google, backed by escalating fines for noncompliance.
U.S. Labor Dept. Website Hacked, Serves Malware
News  |  5/1/2013  | 
Attack bears strong similarities to previous campaigns executed by Chinese APT attack group "DeepPanda," reports security expert.
U.S. Department Of Labor Website Discovered Hacked, Spreading PoisonIvy
News  |  5/1/2013  | 
Waterhole attack possibly tied to Chinese cyberespionage actors, researchers say
<<   <   Page 3 / 3

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-10-27
Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service.
PUBLISHED: 2021-10-27
In mymbCONNECT24, mbCONNECT24 &lt;= 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind of response the server sends for crafted invalid login attempts.
PUBLISHED: 2021-10-27
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere.
PUBLISHED: 2021-10-27
PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart, this uses timing information based on the processor's high resolution timer (the RDTSC instruction). This instruction can be virtualized, and some virtual machine hosts have chosen to disable this instru...
PUBLISHED: 2021-10-27
An improper input validation vulnerability in Helpu solution could allow a local attacker to arbitrary file creation and execution without click file transfer menu. It is possible to file in arbitrary directory for user because the viewer program receive the file from agent with privilege of adminis...