Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in April 2008
Large Businesses Wrestle With Web 2.0
News  |  4/30/2008  | 
New capabilities turn security policies and practices on end, panelists say
Software Lets Enterprises Encrypt, Restrict Use of CD/DVD Media
Quick Hits  |  4/30/2008  | 
New technology from Lumension encrypts data on CDs, prevents reading and writing without network authorization
Webroot to Launch Enterprise Web Filtering Service
News  |  4/29/2008  | 
Content filtering will be marketed alongside email management service
Wireless Vulnerabilities Present Enterprise-Wide Threats, Expert Says
News  |  4/28/2008  | 
Wireless is the greatest threat to corporate networks since the emergence of the Internet, AirPatrol CEO says
'Long-Term' Phishing Attack Underway
News  |  4/28/2008  | 
New phishing exploit doesn't bother asking for passwords, and its stealthy malware hides out on victim's machine
Societe Generale Goat Gets IT Consulting Job
Quick Hits  |  4/28/2008  | 
Man who singlehandedly cost financial services firm more than $7B is now giving advice
Exostar Set to Launch Federated Identity Service for Aerospace
News  |  4/25/2008  | 
Service vets and authenticates customers and trading partners for its members
Men More Likely Than Women to Fall for Internet Fraud
Quick Hits  |  4/25/2008  | 
Guys lose $1.67 to every $1 lost by gals, ICCC says
Securing the Internet's DNS
News  |  4/24/2008  | 
Internet's .arpa, .org, and .uk domains soon to adopt DNSSEC
Companies May Be Held Liable for Deals With Terrorists, ID Thieves
News  |  4/23/2008  | 
New and little-known regulations could mean fines, or even jail time, for companies that do business with bad guys
eBay Turns Up the Heat on Fraudsters
Quick Hits  |  4/22/2008  | 
Special cookies will help online marketplace separate legitimate sellers from identity thieves
New Tool Lets Enterprises Manage Security on Multiple Linux Servers
News  |  4/21/2008  | 
Trusted Computer Solutions readies software that can 'lock down' servers running Red Hat, CentOS, or Oracle Enterprise Linux
Server Theft Exposes Data on 700,000 Consumers
Quick Hits  |  4/21/2008  | 
Break-in at debt collection company puts Indiana citizens' personal information at risk
2008 Could Be Record Year for Breaches
Quick Hits  |  4/18/2008  | 
More than 8 million Americans' data has been exposed so far this year, first-quarter study says
Customers Ticked Off Over Breach Notification
Quick Hits  |  4/17/2008  | 
Majority of customers have had their data exposed more than once, study says
Security, IT Operations, Compliance & Privacy Converge in Data Center
News  |  4/17/2008  | 
Formerly disconnected disciplines find themselves working together
Women Are Four Times More Likely to Give Up Passwords for Chocolate
Quick Hits  |  4/16/2008  | 
But overall willingness to give up passwords has dropped sharply since 2007, study finds
Wireless Security Gets Boost From New Round of Products
News  |  4/16/2008  | 
Wireless isn't the problem child it used to be, but authentication and management still challenge enterprises
PayPal Outlines Strategy to Slow Phishing
News  |  4/15/2008  | 
Web's biggest phishing target published multi-layered plan to reduce delivery of fake emails and warn users of phishing sites
RSA: Hashing Out Encryption
News  |  4/14/2008  | 
Vendors at RSA 2008 rolled out tools that make encryption easier to use and manage
New York Hospital Worker Arrested for Stealing 50,000 Patient Records
Quick Hits  |  4/14/2008  | 
Theft was discovered by police, not hospital IT staff
NAC Market Retrenches at RSA
News  |  4/9/2008  | 
Vendors try the appliance approach, scaling back from larger vision of enterprise-wide deployments with hundreds of end points
DHS Chief Says Current Defenses 'Insufficient' to Handle Evolving Threats
News  |  4/8/2008  | 
Homeland Security secretary Michael Chertoff says federal government and industry need to do more
Coviello: Security's a Drag on Business
News  |  4/8/2008  | 
RSA exec says more than 80% of businesses have shied away from innovation due to security concerns
Cisco, RSA Partner to Secure Data in Motion, at Rest
News  |  4/7/2008  | 
Partnership leverages data loss prevention framework unveiled by RSA last week
'Digital Trust Barometer' Is Falling
Quick Hits  |  4/7/2008  | 
More than a fifth of users have already fallen victim to online fraud
KeyCorp Unlocks Method for Extending Single Sign-on
News  |  4/4/2008  | 
Financial services firm looks to stretch SSO to business partners
Next-Gen Crypto Method Will Help Secure Mobile Apps
News  |  4/3/2008  | 
Certicom will demo new Elliptic Curve Cryptography (ECC)-based mobile ticketing, RFID tag technologies at the RSA conference
Enterprise Networks Rife With Unauthorized Apps, Study Says
News  |  4/3/2008  | 
Employees use variety of tactics to circumvent IT policies and misuse the corporate network
RSA Takes Suite Approach to Data Leak Prevention
News  |  4/2/2008  | 
Next-gen technology can inspect data, classify it, and apply policies on how to secure it


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Creating an Effective Incident Response Plan
Security teams are realizing their organizations will experience a cyber incident at some point. An effective incident response plan that takes into account their specific requirements and has been tested is critical. This issue of Tech Insights also includes: -a look at the newly signed cyber-incident law, -how organizations can apply behavioral psychology to incident response, -and an overview of the Open Cybersecurity Schema Framework.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-4169
PUBLISHED: 2022-11-28
The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. This makes it possible for unauthenticated attackers to update plugin and them...
CVE-2022-41732
PUBLISHED: 2022-11-28
IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 237407.
CVE-2021-45036
PUBLISHED: 2022-11-28
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's username and hashed password to spoof the victim's id against the server.
CVE-2022-44399
PUBLISHED: 2022-11-28
Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php.
CVE-2022-31877
PUBLISHED: 2022-11-28
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.