Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in June 2013
<<   <   Page 3 / 3
Study: Rogue Employees Are Top Concern For Security Pros
Quick Hits  |  6/10/2013  | 
Insider threat tops list of worries for security pros; malware, unauthorized software also cause concern
Obama Defends NSA Prism, Google Denies Back Door
News  |  6/7/2013  | 
You can't have 100% security, 100% privacy and 0% inconvenience, insists President Obama.
Putting Vulnerabilities And Threats Into Context
Commentary  |  6/7/2013  | 
Advanced security research should play a role in your security program and be ready when science projects become weaponized attacks
Glasgow City Council Fined For Security Lapses
News  |  6/7/2013  | 
Stolen laptops and repeated cases of unencrypted data top the list of the City of Glasgow's security failings.
NSA PRISM Creates Stir, But Appears Legal
News  |  6/7/2013  | 
Massive information-sharing program involves Google, Facebook and other technology heavyweights, top secret document details. But NSA looks to have acted inside the law.
Google Ups Bug Bounty Awards
Quick Hits  |  6/7/2013  | 
Researchers now can get up to $7,500 per vulnerability they discover in Google applications
Microsoft, FBI Slam Door On Thousands Of Citadel Botnets
News  |  6/6/2013  | 
The feds say Citadel is responsible for more than $500 million in losses worldwide
China To America: You Hack Us, Too
News  |  6/6/2013  | 
Difference is China doesn't point fingers, says head of China's computer emergency response team, even though it has "mountains" of evidence that U.S. snoops.
Police Bust $200 Million Data Theft Ring
News  |  6/6/2013  | 
U.S., British and Vietnamese authorities accuse men of selling 1.1 million stolen credit cards via Gmail and Facebook accounts.
Microsoft, FBI Trumpet Citadel Botnet Takedowns
News  |  6/6/2013  | 
Joint operation is first in which law enforcement and private sector use civil seizure warrant to disrupt massive malware attack.
Building And Enforcing An Endpoint Security Strategy
Quick Hits  |  6/6/2013  | 
Endpoint technologies, defenses, and threats are changing rapidly. Here are some tips for keeping up
What To Ask Your Penetration Tester
Commentary  |  6/5/2013  | 
The importance of manual pen testing
Negligence, Glitches Push Up Cost Of Breaches Worldwide
News  |  6/5/2013  | 
But U.S. breach costs on downward trajectory, reports eighth annual Ponemon study
Zeus Bank Malware Surges On Facebook
News  |  6/5/2013  | 
Old threat makes a comeback, targeting Facebook users' bank credentials and more.
ZeuS Malware Returns, Targets SMBs
News  |  6/5/2013  | 
ZeuS banking Trojan again puts small and midsize businesses at high risk. Here's what you need to know.
Mistakes Approach Malice As Data Breach Cause
News  |  6/5/2013  | 
Malicious attacks are the leading cause of data breaches, but employee and contractor errors are a growing reason, study finds.
Is Security Professional Development Too Expensive?
News  |  6/5/2013  | 
Paid trainings and certificates serve vital role, but open-source-style security education offerings could make the entire security education field more complete and affordable
No Java Patch For You: 93 Percent Of Users Run Older Versions Of The App
Quick Hits  |  6/4/2013  | 
Many end users stuck with older Java to run certain apps, Websense finds
'NetTraveler' Cyberespionage Campaign Uncovered
News  |  6/4/2013  | 
Nearly decade-old attack also has links to other APT groups, infrastructure
Anonymous Targets Turkish Government Websites
News  |  6/4/2013  | 
Hacktivists launch #OpTurkey DDoS campaign to support protests against government of Turkish prime minister Tayyip Erdogan.
DoS-in Your Database
Commentary  |  6/4/2013  | 
The re-emergence of database denial-of-service attacks
LinkedIn, Evernote Add Two-Factor Authentication
News  |  6/4/2013  | 
Will LinkedIn and Evernote improve upon Apple and Twitter two-factor security systems, which have been widely criticized?
Moving Safely From Detection To Automated Action
News  |  6/4/2013  | 
Companies that fail to make the most use of automation put themselves at risk, yet doing it wrong can lead to business disruptions
Are Businesses Knowingly Infecting Their Web Visitors?
News  |  6/3/2013  | 
Even after being informed of infrastructure serving up malware, some organizations still don't act to clean up their online messes
Building An Effective Security Architecture: No Piece Of Cake
Commentary  |  6/3/2013  | 
Enterprises need to put more thought, fewer products into their cyberdefense strategies
Can't Fix What You Hide
Commentary  |  6/3/2013  | 
Willful ignorance may be bliss, but rarely is it compliant
Oracle Promises Enterprise Java Security Tweaks
News  |  6/3/2013  | 
Critics say Oracle hasn't done enough to address ongoing security and code quality problems in the Java browser plug-in.
When Colleges Use Twitter As Help Desk
Commentary  |  6/3/2013  | 
Education IT leaders, your users are turning to Twitter to complain about the campus network and IT services. Are you responding effectively?
Strengthening Enterprise Defenses With Threat Intelligence
Quick Hits  |  6/3/2013  | 
By integrating security monitoring with threat intelligence, organizations can build a smarter defense
Fidelis Expands Into Malware Detection And Analysis
Quick Hits  |  6/1/2013  | 
New appliance for the Fortune 1000, SMB space
<<   <   Page 3 / 3

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-09-20
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. In affected versions users who use Apprise granting them access to the IFTTT plugin (which just comes out of the box) are subject to a denial of service attack...
PUBLISHED: 2021-09-20
Dada Mail is a web-based e-mail list management system. In affected versions a bad actor could give someone a carefully crafted web page via email, SMS, etc, that - when visited, allows them control of the list control panel as if the bad actor was logged in themselves. This includes changing any ma...
PUBLISHED: 2021-09-20
The eID Easy WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the error parameter found in the ~/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.6.
PUBLISHED: 2021-09-20
Discourse is a platform for community discussion. In affected versions any private message that includes a group had its title and participating user exposed to users that do not have access to the private messages. However, access control for the private messages was not compromised as users were n...
PUBLISHED: 2021-09-20
TI&acirc;&euro;&trade;s BLE stack caches and reuses the LTK&acirc;&euro;&trade;s property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that...