News & Commentary

Content posted in September 2007
Page 1 / 5   >   >>
Would You Hire This Hacker?
Commentary  |  9/28/2007  | 
Convicted hacker Robert Moore started serving his two-year prison sentence yesterday. He has high hopes that a security company will scoop him up when he gets out. The question is: Would you hire this man?
No Excuse: Security Lessons From T.J. MAXX Data Breach
Commentary  |  9/28/2007  | 
Maybe the company should change its name to T.J. LAX -- lax security practices let the hacked retailer's data breach go from bad to worse to bad beyond belief while nobody did anything to remedy the situation.
Attackers Kill Anti-Fraud Site
News  |  9/28/2007  | 
Fraudwatchers.org buckles, collapses under weight of month-long denial-of-service attack
iHack With an iPhone
News  |  9/28/2007  | 
Your iPhone isn't just hot-looking - it's also a potential hacking weapon
Retail Security: No Sale
News  |  9/28/2007  | 
Despite harsh lessons at TJX and redoubled efforts by credit card companies to push PCI, customer data remains at risk
Bradford Networks' NAC Secures 1M Users
News  |  9/28/2007  | 
Bradford Networks' NAC secures 1M users during back-to-school rush
Akonix Publishes September IM Threat Report
News  |  9/28/2007  | 
Akonix's Threat Center tracks 33 IM attacks
CyberDefender Adds Remote Support
News  |  9/28/2007  | 
CyberDefender debuts new Internet security suites
Your Health Is None of Your Damn Business
Quick Hits  |  9/28/2007  | 
Workers at Wyoming hospital reprimanded for breaking HIPAA rules to look at their own health records
Microsofties Check Out Vulnerability Auction Site at Blue Hat
News  |  9/28/2007  | 
WabiSabiLabi participates in closed-door Microsoft summit of security researchers and Microsoft staff
Hackers Exploit Crisis in Burma
News  |  9/28/2007  | 
Email links to Dalai Lama's genuine Website, but attachment is malicious
Disaster Recovery: Plan for Recovery, Not for Disaster
Commentary  |  9/27/2007  | 
So many elements to business IT operations -- so many elements that can get sliced, diced, slammed, flooded, flamed, hacked, attacked, smashed and just plain hammered that your disaster recovery plan has to be universal to be effective.
Is Your Domain Name Safe From Porn Pirates?
Commentary  |  9/27/2007  | 
Avast. Pirates be boldly thievin' for themselves any toothsome domain name what puts a glint in their good eye. Recall the pair of scurvy dogs who battled for years over the rights to sex.com.
Startup Wins License for Secure Biometrics Token
News  |  9/27/2007  | 
Technology promises to protect privacy of user whose biometric data is stolen or copied
Comodo Unveils Free Security Tools
News  |  9/27/2007  | 
Comodo helps consumers stay safe online with new Website visual trust indicator and free desktop security tools
Cybercriminals on Your Doorstep
News  |  9/27/2007  | 
Latest scams range from legit-looking auction sites to looking you in the eye while they steal your money
Malware Plays Defense
News  |  9/27/2007  | 
New exploits can tell when they're being sandboxed for analysis
Verizon Business to Host Security Webinar
News  |  9/27/2007  | 
Experts address strategies for strengthening identity and access management programs
Quantum Secure Launches SAFE Agent
News  |  9/27/2007  | 
Quantum Secure launches SAFE Agent for Sun Microsystems' Java Identity Manager
Ounce Adds Classic ASP Support
News  |  9/27/2007  | 
Ounce Labs extends analysis capabilities with support for classic ASP
Survey: Who's Responsible for Compliance?
News  |  9/27/2007  | 
Polivec study shows growing acceptance of regulatory compliance but disagreement on who's responsible and who pays
Virus, Phishing Rise in Sept.
News  |  9/27/2007  | 
2nd wave of C-Level targeted attacks with increased sophistication
Video Shows Hack of US Power Grid
Quick Hits  |  9/27/2007  | 
A graphic dramatization made for the Department of Homeland Security simulates potential impact of a cyberterrorist attack on utility grids
Getting to the Real Endpoint of Endpoint Security
Commentary  |  9/26/2007  | 
Endpoint device and access control for small to midsize businesses is itself becoming a big business, with vitually every major security vendor offering device and access control programs tailored -- and increasingly priced -- for the market.
Many Retailers Will Not Make PCI Compliance Deadline
News  |  9/26/2007  | 
Problems with applications, access management leave credit card processors facing fines - and vulnerabilities
Metasploit Adds iPhone Hacking Tools
News  |  9/26/2007  | 
Popular pen-test tool now comes with Apple iPhone payloads
Call for Leading Lights Entries
News  |  9/26/2007  | 
September 28 entry deadline for Light Reading's Leading Lights Awards is coming up!
Trend Micro Unveils TM Internet Security 2008
News  |  9/26/2007  | 
New Trend Micro Internet Security products strengthen personal information protection and deliver enhanced performance
Hackers Post Names, Credit Card Info on eBay
Quick Hits  |  9/26/2007  | 
Auction site says incident is a hack, not a leak
ArcSight Debuts PCI Protection
News  |  9/26/2007  | 
ArcSight debuts comprehensive, scalable and cost-effective PCI protection solution
Watson SCS Offers Free IT Security Assessment
News  |  9/26/2007  | 
IBM partner Watson SCS offers complimentary IT security assessment
Uplinkearth Partners With Comodo
News  |  9/26/2007  | 
Uplinkearth partners with Comodo to provide SSL certificates, such as the newly released EV SSL certificates
Peter Tippett to Keynote Tradeshow
News  |  9/26/2007  | 
Security pioneer from Verizon Business to keynote at virtual security tradeshow
Brabeion Joins PCI Alliance
News  |  9/26/2007  | 
Brabeion Software joins PCI Security Vendor Alliance and helps major retailers meet PCI data security standard deadlines
Blue Lane Adds Support for VMware
News  |  9/26/2007  | 
Blue Lane delivers unmatched protection and network flow visibility for VMware Infrastructure 3 environments
VARs Adopt Consolidated Network Security
News  |  9/26/2007  | 
VARs adopting consolidated network security solutions as corporate demand escalates
Canadian Government Sheds Light On TJX Breach
News  |  9/25/2007  | 
Attack was conducted via wireless links at two Miami Marshall's stores, investigation reveals
San Jacinto College Uses Mirage's NAC
News  |  9/25/2007  | 
San Jacinto College seeks to protect from threats introduced by peer-to-peer file sharing
Virtual Civil Disobedience
News  |  9/25/2007  | 
Now that n.runs has opened the floodgates by putting its hacking tool back online, who'll step up next?
Cigital Secures Marriott International
News  |  9/25/2007  | 
Cigital develops data encryption solution for Marriott International
VeriSign Flexes DNS Security Muscle
News  |  9/25/2007  | 
Internet DNS server host upgrades its infrastructure as DNS attacks continue to hammer the Net
Code Green Launches DLP Appliance
News  |  9/25/2007  | 
Code Green Networks launches industry's first data loss prevention appliance for small businesses and branch offices
BreakingPoint Unveils Application Traffic Generator
News  |  9/25/2007  | 
BreakingPoint Systems unveils world's fastest application traffic generator
Former CheckPoint VP Joins Insightix
News  |  9/25/2007  | 
Bill Lavelle joins Insightix as vice president of sales in the Americas
Apple: Bypassing AT&T Can Break Your iPhone
Quick Hits  |  9/25/2007  | 
Trying to use another service could be the death of your favorite new gadget
Mexico City Airport Adds New ID Solution
News  |  9/25/2007  | 
Mexico City International Airport uses Bioscrypt's identity and access management solution in new state-of-the-art terminal
Sophos Update Blocks Remote Connection Tools
News  |  9/25/2007  | 
Sophos helps organizations block unauthorized remote connection tools
NeoScale, Bridgehead Announce New Encryption
News  |  9/25/2007  | 
Combined solution provides enterprise-wide data protection and robust encryption with enterprise key management for hospital data on tape
VeriSign Completes Milestones
News  |  9/25/2007  | 
VeriSign completes key milestones in initiative to strengthen and diversify global Internet infrastructure
Study: Poor ID, Access Management in UK
News  |  9/25/2007  | 
New independent survey by Siemens Insight Consulting uncovers security policy lapses in UK business
Page 1 / 5   >   >>


Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
To Click or Not to Click: The Answer Is Easy
Kowsik Guruswamy, Chief Technology Officer at Menlo Security,  11/14/2018
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19279
PUBLISHED: 2018-11-14
PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non-SSD devices, this is limited to a 5-second window and file sizes less than 600 bytes. The effect on SSD devices may be greater.
CVE-2018-19280
PUBLISHED: 2018-11-14
Centreon 3.4.x has XSS via the resource name or macro expression of a poller macro.
CVE-2018-19281
PUBLISHED: 2018-11-14
Centreon 3.4.x allows SNMP trap SQL Injection.
CVE-2018-17960
PUBLISHED: 2018-11-14
CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source-mode paste.
CVE-2018-19278
PUBLISHED: 2018-11-14
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed lengt...