Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in July 2011
Page 1 / 3   >   >>
Legacy Support Leaves Chip-And-PIN Vulnerable, Researcher Says
News  |  7/31/2011  | 
Black Hat talk will show that security and backwards compatibility are at odds in popular authentication technology
Study: Users Would Give Up Free Coffee To Get Better Mobile Device Access At Work
Quick Hits  |  7/30/2011  | 
Some users would even trade a vacation day -- but is consumerization safe for enterprises?
Shortened Breach Disclosure Periods Could Hurt Consumers
News  |  7/29/2011  | 
Breach notification window in proposed law will make disclosure less beneficial to victims.
Mac OS X Lion Password Vulnerability: Sleep Mode
News  |  7/29/2011  | 
Forensic software can exploit a seven-year-old FireWire design error to snoop system memory for passwords, even for devices that are locked or in sleep mode.
Facebook Dinner Date Turns Supermarket Robbery
News  |  7/29/2011  | 
Robbers in Belgium used a fake Facebook profile to kidnap a supermarket manager, steal his keys, and empty the store's safe.
'Smart' Batteries May Leave Laptop Users Vulnerable, Researcher Says
News  |  7/28/2011  | 
In Black Hat talk, security expert will show a hack on an unexpected component: the laptop battery
Navy CIO Details IT Cost Cuts
News  |  7/28/2011  | 
The Navy will consolidate applications and data centers, mandate enterprise licensing, improve IT governance, pursue cloud computing, and take other steps to cut IT costs 25% over five years.
Putting Data In The Cloud? Retain Control
News  |  7/28/2011  | 
Security researcher warns many companies are trading catastrophic problems for gains in efficiency
Apple iOS Bug Worse Than Advertised
News  |  7/28/2011  | 
Off-the-shelf sniffing tools can exploit the threat, but users of older iPhones and iPod Touches won't see a fix
NSA Wrestles With Phone Location Data Tracking
News  |  7/28/2011  | 
National Security Agency says it may have the authority to track U.S. citizens using mobile-device location data under "certain circumstances."
Security Best Practices A Big FAIL In Most Organizations
Quick Hits  |  7/28/2011  | 
Enterprises, government agencies mostly missing the boat in proper security practices
RSA SecurID Breach Cost $66 Million
News  |  7/28/2011  | 
EMC details second quarter 2011 cost to replace tokens, monitor customers, and handle fallout from RSA's SecurID breach.
Alleged LulzSec Spokesman Arrested In Scotland
News  |  7/28/2011  | 
British police arrest 18-year-old on hacking charges as part of ongoing investigation into Anonymous and LulzSec.
Police Arrest Alleged LulzSec Leader -- But Do They Have The Right Man?
Quick Hits  |  7/28/2011  | 
London police say they nabbed 'Topiary,' but others say they were duped
Social Media Vs. Organized Crime
News  |  7/27/2011  | 
White House launches plan to leverage social networks and new intelligence and information sharing technologies to fight crime on a global scale.
A Stuxnet Comeback?
News  |  7/27/2011  | 
DHS officials warn of potential for son-of-Stuxnet aimed at U.S. critical infrastructure, but security experts say it won't be quite the same
Black Hat Pwnies Nominate LulzSec, Anonymous
News  |  7/27/2011  | 
Hacker groups among nominees for "Epic 0wnage" award, while Sony is sole nominee for "Epic Fail" distinction.
Anonymous Boycotts PayPal, Arrest Fallout Continues
News  |  7/27/2011  | 
Alleged hacker arrested in FBI sting on PayPal attacks faces Internet ban, while hacktivist group calls for PayPal boycott.
Metasploit Pro Gets SIEM, Cloud Integration
Quick Hits  |  7/26/2011  | 
Rapid7's new Metasploit Pro release, 4.0, automates more workflow tasks
Peer Pressure Drives Many To Acquire Security Certifications
News  |  7/26/2011  | 
New survey reveals how security pros really feel about the value -- or lack thereof -- of certs
Personal Mobile Devices Still Vex IT
Commentary  |  7/26/2011  | 
Two thirds of large enterprises surveyed by Courion say that employees are causing security breaches by connecting personal mobile devices to the corporate network.
FBI Data Exchange System Now Fully Operational
News  |  7/26/2011  | 
The National Data Exchange system lets the agency share information with 18,000 local and regional criminal justice organizations.
Apple OS X Targeted By Remote Backdoor Malware
News  |  7/26/2011  | 
Researchers say a remote-controlled Trojan application, known as the Olyx backdoor, is going after OS X devices.
Aruba Brings NSA-Grade Crypto To Wireless Networks
News  |  7/26/2011  | 
With new Suite B cryptography support, Aruba says it aims to make wireless networks as secure as wired.
Product Watch: Norman Introduces 'Hybrid Sandboxing' Malware Analysis
News  |  7/26/2011  | 
Malware Analyzer G2 combines emulation, virtualization in one environment
'War Texting' Attack Hacks Car Alarm System
News  |  7/25/2011  | 
Researcher will demonstrate at Black Hat USA next week how 'horrifyingly' easy it is to disarm a car alarm system and control other GSM and cell-connected devices
DOD Website Sells Public On Cybersecurity Strategy
News  |  7/25/2011  | 
Department of Defense creates new site that rounds up content related to cybersecurity strategy launched less than two weeks ago.
Blended Web Attacks Hitting More Websites
News  |  7/25/2011  | 
Hackers increasingly use four top techniques, such as cross site scripting and SQL injection, in combination, researchers say.
US-CERT Director Resigns
News  |  7/25/2011  | 
Randy Vickers' departure comes at a critical time for the organization
Websites Are Attacked Once Every Two Minutes
Quick Hits  |  7/25/2011  | 
New study show directory traversal, XSS most common attacks, not SQL injection
Apple Laptop Batteries Hacked By Researcher
News  |  7/25/2011  | 
Attackers could use a password weakness to render your laptop's battery useless--or overcharge it to start a fire, researcher warns.
Sony Insurer Disputes Breach Insurance Claims
News  |  7/25/2011  | 
A cautionary tale for enterprises that think they have data breach insurance.
Future Clouds: Centralized Or Decentralized?
Commentary  |  7/25/2011  | 
The trend might be moving toward putting more eggs in fewer, more secure baskets
Sony Insurer Disputes Breach Insurance Claims
News  |  7/22/2011  | 
A cautionary tale for enterprises that think they have data breach insurance
New Targeted Attack Campaign Against Defense Contractors Under Way
Quick Hits  |  7/22/2011  | 
Researchers at Invincea, ThreatGrid discover stealthy attack that lets attackers quietly steal information from victims
Not Your Average Linux Distribution: DOD's Flavor
News  |  7/22/2011  | 
The Department of Defense has released a unique Linux distribution with special security considerations for telecommuters.
How To Respond To A Denial Of Service Attack
News  |  7/22/2011  | 
You can't prevent an overwhelming DDoS attack, but you can minimize its impact. Here's how.
Tech Insight: How To Respond To A Denial-Of-Service Attack
News  |  7/21/2011  | 
You can't prevent an overwhelming DDoS attack, but you can minimize its impact. Here's how
Embedded Web Servers Exposing Organizations To Attack
News  |  7/21/2011  | 
Black Hat USA speaker's experimental Internet scan turns up multitude of unsecured copiers, scanners, VoIP systems, storage devices
Lieberman Software, Hewlett-Packard Integration Controls Privileged Access To Lights-Out Management Devices
News  |  7/21/2011  | 
Solution makes it easier for organizations to comply with government and industry regulations
NATO Servers Latest Anonymous Hack?
News  |  7/21/2011  | 
Group claims to 'have lots of restricted material'
Anonymous Claims Hack On NATO Servers
News  |  7/21/2011  | 
The hacktivist group said it's holding 1 gigabyte of information from the international alliance, as it would be "irresponsible" to release most of it.
How to Choose A Cloud Storage Provider: Security
Commentary  |  7/21/2011  | 
In the first of a three-part series, we outline security considerations in selecting a place to store your data in the cloud.
Most IT Security Pros Disabling Security Functions In Favor Of Network Speed
Quick Hits  |  7/21/2011  | 
New survey shows dilemma faced by organizations over performance trade-offs with network security products
Google Hacking Tools Prepped For Black Hat
News  |  7/21/2011  | 
'Diggity' family of search tools will help security teams and pen testers find searchable flaws before bad guys, Stach & Liu researchers say.
Attack On PNNL Started At Public Web Servers
News  |  7/21/2011  | 
Zero-day Flash payload infected visitors to Department of Energy contractor Pacific Northwest National Lab's public-facing Web servers.
Researchers Prepare Google Hacking Tools For Black Hat -- Hot Diggity!
News  |  7/20/2011  | 
Family of search tools will help security teams and pen testers find searchable flaws before bad guys, Stach & Liu researchers say
Attack On Pacific Northwest National Lab Started At Public Web Servers
News  |  7/20/2011  | 
Zero-day Flash payload infected visitors to lab's public-facing Web servers
Google Tries Flagging Malware For Users
Quick Hits  |  7/20/2011  | 
Search engine will warn users if it detects a specific attack on their machines
Google Warns Searchers Of Windows Malware Infection
News  |  7/20/2011  | 
Google has started alerting users running Windows about a specific form of local malware it can detect through network traffic flows.
Page 1 / 3   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-01-26
In Bromite through 78.0.3904.130, there are adblock rules in the release APK; therefore, probing which resources are blocked and which aren't can identify the application version and defeat the User-Agent protection mechanism.
PUBLISHED: 2022-01-26
Exposure of Sensitive Information to an Unauthorized Actor in NPM hiep-simple-get prior to 4.0.1.
PUBLISHED: 2022-01-26
The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection.
PUBLISHED: 2022-01-26
The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to device damage.
PUBLISHED: 2022-01-26
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.