Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in June 2011
<<   <   Page 2 / 4   >   >>
DDoS Downs Network Solutions
News  |  6/21/2011  | 
Customers cut off from DNS servers, hosted websites, servers, and email accounts
3 DNS Risk Reduction Strategies
News  |  6/21/2011  | 
Department of Homeland Security cybersecurity guidance identifies the three most common risks associated with the Internet's address infrastructure and provides methods for mitigating them.
Network Solutions Suffers DDoS Attack
News  |  6/21/2011  | 
A distributed denial of service attack took down Network Solutions, severing access to DNS servers, websites, plus hosted servers and email accounts.
Scotland Yard Busts Alleged LulzSec Mastermind
News  |  6/21/2011  | 
British police, in a joint investigation with the FBI, arrest a teenager on charges of computer misuse and fraud.
Product Watch: Damballa Rolls Out Early Detection Service
News  |  6/21/2011  | 
New offering could alert enterprises "weeks or months" before malware appears in the wild
Leaps Of Faith
Commentary  |  6/20/2011  | 
Mobile is more secure than the browser realm because most mobile transactions are conducted through applications, not the browser
Hack Attack Exposes 1.3 Million Sega Accounts
News  |  6/20/2011  | 
LulzSec says to watch your Facebook, Gmail, and Skype passwords, though no one has claimed responsibility for the Sega breach.
Sega Corp. Hacked; More Than A Million Users May Be Affected
Quick Hits  |  6/20/2011  | 
LulzSec says it didn't do this one; offers to go after the bad guys
CA Security Spinoff Vows To Surprise The Marketplace
News  |  6/20/2011  | 
Total Defense has a new name and VC funding, but it faces a tough battle against market-dominating antivirus products, most of which are free.
Anonymous, LulzSec Groups Team Up In 'AntiSec' Hacking Campaign
News  |  6/20/2011  | 
Government agencies, banks, in the bull's eye as hactivists vow to grab classified information, email spools -- meanwhile, an arrest is made by Scotland Yard
Advanced Exploitation Of Flash Vulnerability In The Wild
Commentary  |  6/19/2011  | 
New Flash exploit is extremely effective against the security technologies that many depend on for shelter -- is this a sign of things to come?
Feds, ISPs Team On Cybersecurity For Defense Contractors
News  |  6/17/2011  | 
The Departments of Defense and Homeland Security are providing cyber threat intelligence to 25 defense contractors and their Internet service providers.
New Free Forensics Tool: Dropbox Reader
News  |  6/17/2011  | 
Dropbox Reader aids cyberinvestigators in reading evidence files associated with the Dropbox cloud storage software
Tech Insight: Tips For Implementing Two-Factor Authentication
News  |  6/17/2011  | 
How and where two-factor authentication should -- and should not -- be deployed
Microsoft Warns Of Huge Phone Scam
News  |  6/17/2011  | 
Forget fake antivirus software; PC users are getting calls from fake security experts.
Breach Patrol: When Should Customers Be Told?
News  |  6/17/2011  | 
Speed of notifications seems to be a key question now
The Dark Side Of The Cloud
Quick Hits  |  6/17/2011  | 
Wave of high-profile breaches of cloud-based services during the past few months a reality check for entrusting your data with these providers, according to a new Dark Reading Analytics report
How Fast Should Companies Come Clean On Breaches?
Commentary  |  6/17/2011  | 
Disclosing them too quickly can compromise investigations, security experts warn.
Researchers Discover New 'Mass Meshing Injection' Attack
Quick Hits  |  6/16/2011  | 
Emerging exploit is much more efficient than mass SQL injections, Armorize researchers say
Microsoft, Apple Dis WebGL
News  |  6/16/2011  | 
Microsoft says it's insecure; Apple won't be supporting it in iOS 5, except to accelerate its iAds.
New PCI Compliance Guidelines Set New Standards For Cloud Security
News  |  6/16/2011  | 
As PCI Security Standards Council outlines specifics, cloud security providers and customers could see big changes
SMB Websites Face Mass Meshing Attacks
News  |  6/16/2011  | 
Here's how to protect your SMB website--and what to do if it's been compromised.
Citi: Hackers Got More Records Than We Thought
News  |  6/16/2011  | 
Citigroup on Wednesday said it had underestimated the number of accounts breached in a recent attack by 70%--but such revisions are not unusual, security experts say.
LulzSec Takes Credit For CIA Site Takedown
Quick Hits  |  6/16/2011  | 
After cracking a Senate website and exposing 26,000 porn users, hacker group targets CIA
Why Hackers Found Easy Targets At IMF, Citigroup
News  |  6/15/2011  | 
Security experts say simple tactics succeeded in breaching major organizations in recent weeks because companies failed to conduct their own penetration testing.
Enterprises Still Plagued By SQL Injection Attacks
News  |  6/15/2011  | 
Venerable database attack continues to be effective. What can your organization do to protect itself?
WAFs Have Benefits, But Are Not A Security Cure-all
Commentary  |  6/15/2011  | 
WAFs can provide a good layer of defense against attacks, but they can't solve all Web app-sec problems the way vendors would like you to think
Time To Replace Your Backup Application?
Commentary  |  6/15/2011  | 
More than half of large organizations say they'll consider a new backup system during the next three years. Here's how to get the timing right.
U.S. Grills China About Cyber Attacks
News  |  6/15/2011  | 
Chinese IP addresses have been implicated in numerous, recent distributed denial of service attacks, which top State Department officials see as a human rights issue.
How LulzSec Hackers Outsmart Security Gurus
News  |  6/15/2011  | 
While the world argues whether the hacktivist group is more Robin Hood or terrorist, the big question is: how have the hacks been so successful? Security experts share some answers.
Enterprises Seek Best Practices For Storing -- And Finding -- Security Event Logs
News  |  6/15/2011  | 
Those logs can be the solution to a security threat or audit. But how should you store them? Here are some answers
Hacker Group LulzSec Takes Out Popular Gaming Sites Minecraft, EVE
Quick Hits  |  6/14/2011  | 
Cybergroup tweets that hacks might only be part of its "Titanic Takeover Tuesday"
Latest Android Malware Takes Flight With Angry Birds
News  |  6/14/2011  | 
Malware was embedded in applications that promised to help users cheat their way through Rovio's popular Angry Birds game
LulzSec, Recent Hacks Show Government Agencies Unprepared
News  |  6/14/2011  | 
The U.S. Senate became the latest victim in a string of hacks into government and high-profile groups like the IMF and Lockheed Martin. Here's what security experts say the Feds must do better.
Why Small Businesses Are Vulnerable To Cybercrime -- And What They Can Do About It
News  |  6/14/2011  | 
SMBs have more valuable data than consumers and fewer defenses than large enterprises. Have they become the sweet spot for the bad guys?
New Nationwide Breach Law Could Force Data-Centric Security Push
News  |  6/13/2011  | 
While Congress wrangles over the law's content, database and IT administrators gear up for change
What Do IMF, Citigroup, And Sony Hacks Share?
News  |  6/13/2011  | 
Many organizations have been focusing on complying with regulations, rather than taking a top-down look at what most needs to be secured, security experts say.
IMF Breached; Foreign Government May Be Involved
Quick Hits  |  6/13/2011  | 
Details scarce so far; emails, other sensitive data may have been compromised
Future Of HDD Market Lies In Hybrid Drives
News  |  6/10/2011  | 
Hybrid drives that combine legacy hard disk drives with NAND flash technology represent an opportunity for further growth, according to IDC.
Apple And Building For Security
Commentary  |  6/10/2011  | 
Apple is planning on building what might not only be one of the most beautiful buildings, but one of the most secure as well
Big Data A Big Backup Challenge
Commentary  |  6/10/2011  | 
Backing up Big Data requires a system that is fast, cost effective, and reliable. These are conflicting terms in the world of storage.
Army's $57 Million Training System Uses Gaming Tech
News  |  6/10/2011  | 
Computer-simulated platform for preparing soldiers for combat uses a gaming engine. Goals include better preparation and lower training costs.
Microsoft Patch Tuesday To Address 34 Security Risks
News  |  6/10/2011  | 
The next Patch Tuesday will include a whopping 34 fixes, including critical vulnerabilities in all versions of Microsoft Windows, Internet Explorer, and Excel.
Security Careers: 10 Reasons Why Security Professionals Get Hired
News  |  6/10/2011  | 
Top security executive outlines what he looks for in new hires. How do you measure up?
Russian Company Tests ATM That Can Detect Faces, Lies
Quick Hits  |  6/10/2011  | 
Souped-up authentication includes voice recognition, facial recognition -- and a lie detector
Meet Samsung's Monster 1 TB Laptop Hard Drive
News  |  6/10/2011  | 
The trend toward higher capacity hard disk drives continues in laptops, as evidenced by Samsung's SpinPoint M8.
LulzSec Hackers Using Digital Currency: DEA Crackdown Soon?
News  |  6/10/2011  | 
The LulzSec hacker group has said it's receiving monetary support via a P2P digital currency, Bitcoins. Now Senators are urging DEA action on an illegal online drug sales site with a Bitcoins connection.
Security That Never Sleeps
News  |  6/9/2011  | 
Federal agencies have to shift from annual IT security assessments to continuous monitoring of their risks. Here's a framework for getting there.
Just Getting Started
News  |  6/9/2011  | 
Security That Never Sleeps
News  |  6/9/2011  | 
Federal agencies have to shift from annual IT security assessments to continuous monitoring of their risks. Here's a framework for getting there.
<<   <   Page 2 / 4   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-32284
PUBLISHED: 2022-07-04
Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of YOKOGAWA Wide Area Communication Router (WAC Router) AW810D, which may allow a remote attacker to cause denial-of-service (DoS) condition by sending a specially crafted packet.
CVE-2022-33208
PUBLISHED: 2022-07-04
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sy...
CVE-2022-33948
PUBLISHED: 2022-07-04
HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacent attacker may execute an arbitrary OS command on the product if a malicious DHCP server is placed on the WAN side of the product.
CVE-2022-33971
PUBLISHED: 2022-07-04
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow an ...
CVE-2022-34151
PUBLISHED: 2022-07-04
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studi...