Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in July 2011
<<   <   Page 3 / 3
AntiSec Hacks FBI Contractor
News  |  7/11/2011  | 
Hacktivist group posts emails, data related to sensitive government projects, access credentials for VPNs and Department of Energy servers.
As SQL Injection Attacks Surge, New Report Offers Insight On How To Prevent Them
News  |  7/10/2011  | 
SQL injection has taken its place among the top Web threats and compromised some of the Internet’s best-known companies. Here's a look at how SQL injection attacks happen -- and what you can do about it
New Research Names Top 10 Malware Delivery Networks
Quick Hits  |  7/9/2011  | 
Emerging category of networks is distinct from botnets, Blue Coat study says
Google Implements WebGL Security Fix
News  |  7/8/2011  | 
Web developers wishing to make use of cross-domain media elements with WebGL should look to a new mechanism called CORS.
Reports: DHS, IRS Databases At Risk
News  |  7/8/2011  | 
Protected critical infrastructure information at risk in DHS data stores, IG report says
Florida Election Servers Hacked Again
News  |  7/8/2011  | 
After state officials boasted about security improvements following a breach, a hacker once again breached the same voter record systems.
Murdoch Kills 'News of the World': The Coming Security Backlash
Commentary  |  7/8/2011  | 
News Corp. scandal demonstrates massive shift in how privacy is perceived
WellPoint Reaches $100K Settlement For Data Breach
News  |  7/8/2011  | 
WellPoint has also agreed to pay for up to two years of credit monitoring and other protection to affected customers
UCLA Health System Pays $865,000 Over Privacy Charges
News  |  7/8/2011  | 
Employees allegedly looked at personal health records of celebrities such as Tom Cruise and Farrah Fawcett.
WellPoint Fined $100,000 For Data Breach
News  |  7/8/2011  | 
Insurer admits being late to notify Indiana officials that records of 32,000 applicants were vulnerable for months.
Washington Post Data Breach Affects More Than 1 Million Job Seekers
News  |  7/7/2011  | 
User IDs, email addresses compromised in two separate attacks
Italian Police Arrest Alleged Anonymous Hackers
News  |  7/7/2011  | 
Authorities in Switzerland also crack down on members of the loosely organized hacking collective known as Anonymous.
Five Steps To Help Repel The 'Lulz'
News  |  7/7/2011  | 
Targeted attacks are a reality today, especially with the likes of hacktivist groups such as Anonymous
Simple Isn't Simple
Commentary  |  7/7/2011  | 
It's time to admit security is hard, and to stop blaming the victims for being human
DARPA's Peiter 'Mudge' Zatko Takes Keynote Stage At Black Hat USA 2011
News  |  7/7/2011  | 
Zatko is the inventor of L0phtCrack, AntiSniff, L0phtWatch/Tempwatch, and SLINT
'Weev' Indicted In iPad User-Data Theft Case
Quick Hits  |  7/7/2011  | 
Second Goatse Security member now faces official charges for allegedly hacking into AT&T servers and grabbing iPad user information
'Sophisticated Cyberattack' Hits Pacific Northwest National Lab
News  |  7/6/2011  | 
Energy Department research facility's website down; employees still unable to access email
Researchers Dissect The Underground Economy Of Fake Antivirus Software
News  |  7/6/2011  | 
Scareware pushers see more than 2 percent sales conversion, make millions in profit -- and even offer refunds
New FFIEC Guidance Will Benefit SMBs
News  |  7/6/2011  | 
New rules that call for banks to implement anomaly detection will help catch 'man in the browser' types of attacks and fraud, experts say
Symantec, Allscripts Offer Security Risk Assessment Tool
News  |  7/6/2011  | 
The Web app automates the review of administrative, technical, and physical safeguards as defined by HIPAA and HITECH.
March Attack On South Korea Might Have Been A Test Run, Researchers Say
Quick Hits  |  7/6/2011  | 
Sophisticated attack was likely perpetrated by the same group who hit country in 2009, McAfee report says
HP TouchPad, Smartphone Hacked
News  |  7/6/2011  | 
The WebOS mobile operating system platform is vulnerable to XSS, cross-site request forgery based upon a researcher's published proof-of-concept for an attack.
Consumers In The Cloud: Businesses Beware
News  |  7/6/2011  | 
Companies should take a hard look at what cloud services their employees are using following last week's authentication bug at Dropbox.
End-User Security: SMBs Prefer Invisibility
News  |  7/5/2011  | 
Social media and mutating malware have changed the threat landscape, prompting smaller companies to list education and security users don't notice as top needs, Symantec found during the Endpoint Protection 12 public beta.
Researcher Demonstrates HP TouchPad, Smartphone Hack
News  |  7/5/2011  | 
Mobile operating system platform vulnerable to XSS, cross-site request forgery
Botnet Postmortem: Rustock Now Less Than Half The Size It Was At Takedown
Quick Hits  |  7/5/2011  | 
New Microsoft report says Rustock victims likely infected with other malware, and still 'a long way to go' in cleaning up machines infected by the massive, now-defunct spamming botnet
Low And Slow, Persistence, Loud And Proud, And The Fundamentals
Commentary  |  7/5/2011  | 
The attackers are changing (again), but security fundamentals remain the same -- and we still suck at them
LulzSec's Top 3 Hacking Tools Deconstructed
News  |  7/5/2011  | 
Analysis suggests LulzSec was most effective using a relatively unknown vulnerability to launch large-scale, botnet-driven attacks against everyone from Sony to the Senate.
Fox News Twitter Account Hacked, Claims Obama Killed
News  |  7/5/2011  | 
Weak or reused passwords likely exploited by group with Anonymous hacking collective sympathies.
Indigo IdentityWare Partners With MorphoTrak In Biometric Authentication For Healthcare
News  |  7/1/2011  | 
Collaboration combines MorphoTrak’s biometrics with Indigo’s proprietary Identity and Access Management solution
Tech Insight: Protecting Your Company From Breaches At Your Third-Party Vendor
News  |  7/1/2011  | 
Look beyond provider's compliance claims and get down to the technical details
Inside Indestructible Botnet, Security Experts See Flaws
News  |  7/1/2011  | 
The huge TDL4 botnet has snared 4.5 million PCs, as the malware creators pay handsomely for results. But experts say it's sneaky, not unstoppable.
4 Tips: Make Your SMB Website More Secure
News  |  7/1/2011  | 
Consider this expert advice on how small and midsize businesses can build websites that are well-protected from attacks--and keep them safe.
Enterprises Should Patch For Vuln Criticality, Not App Popularity, Researchers Say
Quick Hits  |  7/1/2011  | 
Organizations could reduce risk significantly by changing patching priorities, according to Secunia
<<   <   Page 3 / 3


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.