Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
The Secret World Of Compliance Auditors
Working with an auditor can be a harrowing experience -- or a good one. Here are some tips for making things go well
U.S. Critical Infrastructure Cyberattack Reports Jump Dramatically
A new report from ICS-CERT shows the number of reported incidents increased from 9 to 198 between 2009 and 2011
In-Q-Tel Partners With Looxcie On Next-Gen Videocam
CIA's venture investment firm wants to develop a wearable video camera for use by the DHS.
Banking Trojan Harvests Newspaper Readers' Credentials
Financial malware performs brute-force guesses of valid usernames and passwords, possibly for attacks against consumer bank accounts.
GPS Spoofer Hacks Civilian Drone Navigation System
University of Texas researchers built a $1,000 system able to forcibly reroute or crash a civilian drone.
Not Much To Learn From The Second Kick Of The Mule
Repeating compliance and security failures shows a lack of progress
6 Ways Apple Is Polishing Mac Security
Apple no longer markets Macs as malware-free, but rather "built for security," and refines protection in Mountain Lion.
9 Ways CSOs Can Avoid A LinkedIn-Type Breach Debacle
Top CSOs provide tips on locking down databases in the organization
The Apps Users Don't Patch
Secunia data shows Shockwave, QuickTime, and Java JRE get updated the least by PC users
Black Hat: Developer Aims To Make Attack Recovery More Intelligent
One company uses threat information, virtualization and analysis to build a better way to disinfect compromised systems
4 Signs That Apple's Sharpening Its Security Game
Apple is quietly making some subtle, incremental security moves in the face of new threats to its products
Breach At U.S. Regulatory Agency Puts Employee Data At Risk
Phishing attack at Commodity Futures Trading Commission fools employee into giving up account data
FTC Takes On Wyndham For Security Lapses
Lawsuit alleges deceptive practice in privacy policy following three breaches in two years
Free App Encrypts, Destroys Mobile Messages
Startup Wickr launches today with iPhone, iPad, iTouch app that ‘leaves no trace’ of text, video, and picture messages
FTC Sues Wyndham Hotels Over Data Security Failures
Hotel chain slammed for poor information security practices, leading to attackers obtaining 600,000 credit card numbers and committing millions of dollars in fraud.
FTC Sets Consumer Data Collection Limits
As Spokeo gets fined $800,000, FTC tries to enforce differences between consumer-reporting services and people-search services, which gather and sell large amounts of publicly accessible personal data.
Healthcare Patient Data Laws Outdated: Consumers Union
Laws covering privacy and security of health data haven't kept pace with changes in health IT, report from Consumers Union and Center for Democracy and Technology says.
Startup Arms CSOs With Heat Maps
Technology aims to help CSOs and other security pros translate security issues and risk for upper management
'High Roller' Online Financial Fraud Ring Robs Big Money Bank Accounts
Attackers do their dirty work from their own cloud-based server infrastructure rather than on the victim's PC in order to camouflage the crime
RSA SecurID 800 Token Attack Detailed By Researchers
Cryptographic attack requires as little as 13 minutes to compromise a token's secret key, and works against at least eight types of cryptographic tokens. RSA dismissed the attack.
New Forensics Method May Nab Insider Thieves
Black Hat presentation features a new methodology that has already produced real-world results
LinkedIn Password Breach: 9 Facts Key To Lawsuit
LinkedIn's privacy policy promised users "industry standard protocols and technology," but a class action lawsuit claims LinkedIn failed to deliver. Take a closer look at the security issues.
Teen Hackers Plead Guilty To LulzSec Attacks
Cleary, Davis admit to hacking CIA, Pentagon, and many other sensitive websites as members of hacktivist group
Researchers Beat Up Google's Bouncer
The gatekeeper for the Android app store has major growing pains ahead, as security researchers find ways to bypass it
The Enterprise Strikes Back
Gathering intel on cyberespionage and cybercrimine attackers and baiting them with fake information are some of the ways victim organizations are going on the offensive
TSA Wants To Monitor Employee Computer Activities
Transportation Security Administration seeks software to monitor employee keystrokes, emails, attachments, screen captures, file transfers, chats, network activities, and website visits.
Avoid Net Shutdown Related To DNSChanger: SMB Tips
FBI will shut down servers associated with the DNSChanger malware on July 9, knocking 300,000-plus computers still affected offline. Here's what SMBs need to know.
Senators Float National Data Breach Law, Take Four
Data Security Bill is fourth attempt to craft a national law to supersede legislation now on the books in more than 40 states. But it's weaker than some state laws.
Patching Goes Up In Flames
The Flame malware throws the integrity of patching into question, which creates quite a quandary for those trained to patch early and often. This represents a significant inflection point for security -- or does it?
Flame: Reading Between The Ones And Zeros
As more information about Flame is revealed, let's consider what we might infer from Flame's composition
Radiant Logic Releases Federated Identity Service
RadiantOne VDS 6 enables authentication and authorization across multiple identity sources and authentication protocols
Broader Digital Landscape Means More Places To Hide
With IPv6, a deluge of new top-level domains, and DNSSEC all coming, the Internet will become a much bigger place. Defenses that worked in the past won't work in the future
FTC Charges Two Companies With Exposing Data Via P2P Downloads
Firms did not use reasonable security methods to prevent installation of vulnerable software, FTC alleges
Firefox Promises Privacy Patch Against Tab Spying
Shared PC warning: Firefox 13 browser records and stores a user's most-visited pages, including sensitive content otherwise protected by HTTPS.
Hackers Cite 'Idiot Tax,' Release Loan Records
Rex Mundi hacker group publishes thousands of records containing personal loan application data after payday lender AmeriCash Advance refuses $20,000 hush money request.
Twitter Crash: Hack Or Hardware Fail?
Twitter blames a cascading bug, but hacking group UGNazi claims responsibility.
The Intersection Between Cyberespionage And Cybercrime
Chinese cyberspies and traditional cybercriminals are relying on some of the same malware tools -- and some cyberspies even appear to be moonlighting
AutoCAD Worm Targets Design Documents In Possible Espionage Campaign
A worm is stealing AutoCAD documents and sending them to email accounts opened at two Chinese Internet providers
GlobalSign, DigiCert, Comodo, And NGINX, Inc. Improve Online Trust Through Enhanced Certificate Revocation Checking
New version of NGINX Web server to support OCSP-stapling
Feds Bust Hacker For Selling Government Supercomputer Access
Pennsylvania man allegedly offered to sell login access to two Department of Energy supercomputers, as well as remote administration capabilities, for $50,000.
Facebook Settles Lawsuit Over Sponsored Stories
Proposes paying $10 million to settle class action lawsuit over using Facebook users' names and images in advertising without their permission.
6 Biggest Breaches Of 2012
Take stock and learn from the security mistakes of others.
Microsoft Names Finalists In Contest For New Security Defenses
Three BlueHat Prize contestants invented ways to mitigate attacks exploiting memory-safety vulnerabilities
Google Adds New Security Features
Two-step verification, integration with Active Directory will help protect Google Apps, search engine giant says
Startup Wraps User Tasks In Virtual Containers
Bromium announces micro-VM technology that protects the OS, network, from users' security missteps
Hackers Offer Free Porn To Beat Security Checks
Spammers are enticing consumers with free porn or games in exchange for help cracking CAPTCHAs on targeted websites, security researchers say.
Secret Spy Satellite Takes Off: Stunning Images
The National Reconnaissance Office provides satellite imagery for intelligence operations and national defense. Here's a look at the agency's most recent rocket launches.
Apple Gets Patent For Polluting Electronic Profiles
Apple patent describes how privacy can be protected by disseminating fake data.
6 Biggest Breaches Of 2012 So Far
Take stock and learn from the mistakes of others
LinkedIn Security Breach Triggers $5 Million Lawsuit
Class action lawsuit alleges that social network failed to protect users' data and didn't use industry standard protocols and technology.
|
Latest Comment: 'Look, our very own Don Quixote! If only his chivalrous attempt could twart the ransom, we'd be spared the media coverage.'
Navigating the Deluge of Security DataIn this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industry’s conventional wisdom. Here’s a look at what they’re thinking about.
Tweet This
1 Comments
