Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in June 2012
Page 1 / 3   >   >>
The Secret World Of Compliance Auditors
Quick Hits  |  6/30/2012  | 
Working with an auditor can be a harrowing experience -- or a good one. Here are some tips for making things go well
U.S. Critical Infrastructure Cyberattack Reports Jump Dramatically
News  |  6/29/2012  | 
A new report from ICS-CERT shows the number of reported incidents increased from 9 to 198 between 2009 and 2011
In-Q-Tel Partners With Looxcie On Next-Gen Videocam
News  |  6/29/2012  | 
CIA's venture investment firm wants to develop a wearable video camera for use by the DHS.
Banking Trojan Harvests Newspaper Readers' Credentials
News  |  6/29/2012  | 
Financial malware performs brute-force guesses of valid usernames and passwords, possibly for attacks against consumer bank accounts.
GPS Spoofer Hacks Civilian Drone Navigation System
News  |  6/29/2012  | 
University of Texas researchers built a $1,000 system able to forcibly reroute or crash a civilian drone.
Not Much To Learn From The Second Kick Of The Mule
Commentary  |  6/29/2012  | 
Repeating compliance and security failures shows a lack of progress
6 Ways Apple Is Polishing Mac Security
News  |  6/29/2012  | 
Apple no longer markets Macs as malware-free, but rather "built for security," and refines protection in Mountain Lion.
9 Ways CSOs Can Avoid A LinkedIn-Type Breach Debacle
News  |  6/29/2012  | 
Top CSOs provide tips on locking down databases in the organization
The Apps Users Don't Patch
Quick Hits  |  6/28/2012  | 
Secunia data shows Shockwave, QuickTime, and Java JRE get updated the least by PC users
Black Hat: Developer Aims To Make Attack Recovery More Intelligent
News  |  6/28/2012  | 
One company uses threat information, virtualization and analysis to build a better way to disinfect compromised systems
4 Signs That Apple's Sharpening Its Security Game
News  |  6/28/2012  | 
Apple is quietly making some subtle, incremental security moves in the face of new threats to its products
Breach At U.S. Regulatory Agency Puts Employee Data At Risk
Quick Hits  |  6/27/2012  | 
Phishing attack at Commodity Futures Trading Commission fools employee into giving up account data
FTC Takes On Wyndham For Security Lapses
News  |  6/27/2012  | 
Lawsuit alleges deceptive practice in privacy policy following three breaches in two years
Free App Encrypts, Destroys Mobile Messages
News  |  6/27/2012  | 
Startup Wickr launches today with iPhone, iPad, iTouch app that ‘leaves no trace’ of text, video, and picture messages
FTC Sues Wyndham Hotels Over Data Security Failures
News  |  6/27/2012  | 
Hotel chain slammed for poor information security practices, leading to attackers obtaining 600,000 credit card numbers and committing millions of dollars in fraud.
FTC Sets Consumer Data Collection Limits
Commentary  |  6/27/2012  | 
As Spokeo gets fined $800,000, FTC tries to enforce differences between consumer-reporting services and people-search services, which gather and sell large amounts of publicly accessible personal data.
Healthcare Patient Data Laws Outdated: Consumers Union
News  |  6/27/2012  | 
Laws covering privacy and security of health data haven't kept pace with changes in health IT, report from Consumers Union and Center for Democracy and Technology says.
Startup Arms CSOs With Heat Maps
Quick Hits  |  6/26/2012  | 
Technology aims to help CSOs and other security pros translate security issues and risk for upper management
'High Roller' Online Financial Fraud Ring Robs Big Money Bank Accounts
News  |  6/26/2012  | 
Attackers do their dirty work from their own cloud-based server infrastructure rather than on the victim's PC in order to camouflage the crime
RSA SecurID 800 Token Attack Detailed By Researchers
News  |  6/26/2012  | 
Cryptographic attack requires as little as 13 minutes to compromise a token's secret key, and works against at least eight types of cryptographic tokens. RSA dismissed the attack.
New Forensics Method May Nab Insider Thieves
News  |  6/26/2012  | 
Black Hat presentation features a new methodology that has already produced real-world results
LinkedIn Password Breach: 9 Facts Key To Lawsuit
News  |  6/26/2012  | 
LinkedIn's privacy policy promised users "industry standard protocols and technology," but a class action lawsuit claims LinkedIn failed to deliver. Take a closer look at the security issues.
Teen Hackers Plead Guilty To LulzSec Attacks
Quick Hits  |  6/25/2012  | 
Cleary, Davis admit to hacking CIA, Pentagon, and many other sensitive websites as members of hacktivist group
Researchers Beat Up Google's Bouncer
News  |  6/25/2012  | 
The gatekeeper for the Android app store has major growing pains ahead, as security researchers find ways to bypass it
The Enterprise Strikes Back
News  |  6/25/2012  | 
Gathering intel on cyberespionage and cybercrimine attackers and baiting them with fake information are some of the ways victim organizations are going on the offensive
TSA Wants To Monitor Employee Computer Activities
News  |  6/25/2012  | 
Transportation Security Administration seeks software to monitor employee keystrokes, emails, attachments, screen captures, file transfers, chats, network activities, and website visits.
Avoid Net Shutdown Related To DNSChanger: SMB Tips
News  |  6/25/2012  | 
FBI will shut down servers associated with the DNSChanger malware on July 9, knocking 300,000-plus computers still affected offline. Here's what SMBs need to know.
Senators Float National Data Breach Law, Take Four
News  |  6/25/2012  | 
Data Security Bill is fourth attempt to craft a national law to supersede legislation now on the books in more than 40 states. But it's weaker than some state laws.
Patching Goes Up In Flames
Commentary  |  6/24/2012  | 
The Flame malware throws the integrity of patching into question, which creates quite a quandary for those trained to patch early and often. This represents a significant inflection point for security -- or does it?
Flame: Reading Between The Ones And Zeros
Commentary  |  6/23/2012  | 
As more information about Flame is revealed, let's consider what we might infer from Flame's composition
Radiant Logic Releases Federated Identity Service
News  |  6/22/2012  | 
RadiantOne VDS 6 enables authentication and authorization across multiple identity sources and authentication protocols
Broader Digital Landscape Means More Places To Hide
News  |  6/22/2012  | 
With IPv6, a deluge of new top-level domains, and DNSSEC all coming, the Internet will become a much bigger place. Defenses that worked in the past won't work in the future
FTC Charges Two Companies With Exposing Data Via P2P Downloads
Quick Hits  |  6/22/2012  | 
Firms did not use reasonable security methods to prevent installation of vulnerable software, FTC alleges
Firefox Promises Privacy Patch Against Tab Spying
News  |  6/22/2012  | 
Shared PC warning: Firefox 13 browser records and stores a user's most-visited pages, including sensitive content otherwise protected by HTTPS.
Hackers Cite 'Idiot Tax,' Release Loan Records
News  |  6/22/2012  | 
Rex Mundi hacker group publishes thousands of records containing personal loan application data after payday lender AmeriCash Advance refuses $20,000 hush money request.
Twitter Crash: Hack Or Hardware Fail?
News  |  6/21/2012  | 
Twitter blames a cascading bug, but hacking group UGNazi claims responsibility.
The Intersection Between Cyberespionage And Cybercrime
News  |  6/21/2012  | 
Chinese cyberspies and traditional cybercriminals are relying on some of the same malware tools -- and some cyberspies even appear to be moonlighting
AutoCAD Worm Targets Design Documents In Possible Espionage Campaign
News  |  6/21/2012  | 
A worm is stealing AutoCAD documents and sending them to email accounts opened at two Chinese Internet providers
Feds Bust Hacker For Selling Government Supercomputer Access
News  |  6/21/2012  | 
Pennsylvania man allegedly offered to sell login access to two Department of Energy supercomputers, as well as remote administration capabilities, for $50,000.
Facebook Settles Lawsuit Over Sponsored Stories
News  |  6/21/2012  | 
Proposes paying $10 million to settle class action lawsuit over using Facebook users' names and images in advertising without their permission.
6 Biggest Breaches Of 2012
News  |  6/21/2012  | 
Take stock and learn from the security mistakes of others.
Microsoft Names Finalists In Contest For New Security Defenses
Quick Hits  |  6/21/2012  | 
Three BlueHat Prize contestants invented ways to mitigate attacks exploiting memory-safety vulnerabilities
Google Adds New Security Features
Quick Hits  |  6/21/2012  | 
Two-step verification, integration with Active Directory will help protect Google Apps, search engine giant says
Startup Wraps User Tasks In Virtual Containers
News  |  6/20/2012  | 
Bromium announces micro-VM technology that protects the OS, network, from users' security missteps
Hackers Offer Free Porn To Beat Security Checks
News  |  6/20/2012  | 
Spammers are enticing consumers with free porn or games in exchange for help cracking CAPTCHAs on targeted websites, security researchers say.
Secret Spy Satellite Takes Off: Stunning Images
Slideshows  |  6/20/2012  | 
The National Reconnaissance Office provides satellite imagery for intelligence operations and national defense. Here's a look at the agency's most recent rocket launches.
Apple Gets Patent For Polluting Electronic Profiles
News  |  6/20/2012  | 
Apple patent describes how privacy can be protected by disseminating fake data.
6 Biggest Breaches Of 2012 So Far
News  |  6/20/2012  | 
Take stock and learn from the mistakes of others
LinkedIn Security Breach Triggers $5 Million Lawsuit
News  |  6/20/2012  | 
Class action lawsuit alleges that social network failed to protect users' data and didn't use industry standard protocols and technology.
Page 1 / 3   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-01-23
xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based buffer overflow via a crafted EPUB document.
PUBLISHED: 2022-01-23
Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 1.0.34.
PUBLISHED: 2022-01-22
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.
PUBLISHED: 2022-01-22
An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances.
PUBLISHED: 2022-01-22
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.