Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Veracode Launches Free XSS Bug Scanning Service
Offering detects cross-site scripting flaws in Java applications, provides reports, remediation information
Trend Micro Unveils IBM Security Suite
ScanMail Suite for 64-bit Lotus Domino platforms uses a cloud-based database to detect threats, including those generated by URL-shortening services recently linked to the spread of malware.
Data-Leak Flaw Found In Newest Version Of Google Android
'Gingerbread,' or Version 2.3, contains similar flaw as previous versions
Lab Discovers 50 Millionth Virus
AV-Test's malware repository numbers illustrate the malware explosion
Researcher To Release Smartphone Botnet Proof-Of-Concept Code
Rootkit, SMS text messages used to build a botnet of smartphones
Schwartz On Security: Slouching Toward Smartphone, Apple Armageddon
Every new year brings fresh warnings that the next smartphone botnet or Apple "I Love You" virus is imminent, while real attacks keep escalating.
Mozilla Blocks Buggy Skype Toolbar
Responsible for over 40,000 Firefox crashes last week, the Skype Toolbar has been temporarily blocked.
Widgets Are Prime Targets For Site Infection, Researcher Says
Popular third-party site elements could be single point of infection, according to Dasient
Next-Generation Threats: The Inside Story
Cutting-edge attacks like Stuxnet and Zeus will be the everyday security challenges of tomorrow. Here's what you need to know.
Google Acknowledges Web Spam Complaints
Low-quality content has some Internet users worried about the relevance of Google search results.
Tech Insight: Layering Up For Malware Protection
No one layer of threat detection technology can sufficiently protect the enterprise today from malicious code—a look at five best practices
Malware, Mobile Lead SMB Security Threats
Online marketing and blogs are another key attack vector that small and midsize businesses need to guard, says Blue Coat Security researcher.
A Job Applicant? Nope, It's A Malware Attack
Cybercriminals burying malicious code in responses to job postings, IC3 says
Smartphone Hack Highlights More GSM Woes
Researcher exploits new bugs in firmware to wrest control of vulnerable iPhone, Android devices
Schwartz on Security: Bling Botnets Sell Gangster Lifestyle
As profit-driven attack toolkits and their supporting botnets muscle up, organizations need more than technology to defend themselves.
Malware Volume Doubled In 2010
A new threat appears more than once each second, as attackers increasingly turn their attention to social networks, reported Sophos.
Malware Toolkits Generate Majority Of Online Attacks
Crimeware is growing more automated and effective, lowering the bar for criminals looking to cash in, says Symantec report.
The Relative Risk Of Malware
Trend Micro reports there are 3.5 new malware released every second, up from 1 new malware every 1.5 seconds a year ago. But what's your actual risk?
'Ransomware' Threats Growing
The malware typically encrypts data or disables master boot records, then extorts money to undo damage and restore access.
Cyber Warfare Risks Overblown
Calls for military oversight of cybersecurity distract from protecting against legitimate threats, said the Organization for Economic Cooperation and Development.
Botnets Make Early Splash In New Year
As Rustock and Waledac begin pumping spam again, botnet experts say the bad guys will be up to their old tricks -- with some new twists -- in 2011
Spectrum Analyzer Catches Cell Phone Cheats In Taiwan
Anti-cheating use aside, security experts say spectrum analysis tools could be a new data breach threat vector.
Defying Skeptics, Wikipedia Thrives
Rather than being overwhelmed by vandalism, Wikipedia has managed to remain one of the more vital, if not always 100% accurate, sources of information online.
Botnets Resurge After Holiday Break
After going dark for about a week, the Waledac and Rustock botnets suddenly resurfaced and began unleashing large quantities of pharmaceutical spam.
China Industrial Control Software Vulnerable To Trojan Attack
Bug could allow an attacker to take control of a widely used Chinese SCADA system by using a Stuxnet-type exploit.
Hackers Could Game Wall Street With Network Latency
Even a few extra milliseconds would give an attacker enough time to execute trades ahead of the competition, warns a security researcher.
Schwartz On Security: Hack My Ride
Car security exploits are fast, cheap, and out of control. Why don't automotive manufacturers do more to secure their vehicles?
Microsoft's January Patch Missing Fixes For Five Flaws
The company's patch process seems slow to respond to known vulnerabilities.
Java Attacks Spiking
Researchers see increase in malicious Trojans favoring built-in Java functionality over application-related vulnerabilities.
Facebook Virus Spread Via Photo Albums
Attacks, survey scams, and hoaxes, including one alleging the social network will shut down in March, running in high gear.
Cell Phones Vulnerable To 'SMS Of Death'
A single text can shut down and knock low-end handsets -- from Nokia, LG, Samsung, Motorola, Sony Ericsson, and Micromax -- off of a cell phone network, say researchers.
Researcher Exposes More Holes In GSM Crypto
Popular mobile communications encryption algorithm is crackable, Karsten Nohl says
Tech Insight: Six Security Threats You Need To Know About
Security pros will have their hands full with revamped versions of current threats, while new ones also will bubble to the top
Google Researcher's IE 8 Bug Flaw Find Confirmed
US-CERT warns of critical 'use-after-free' browser flaw
Microsoft To Patch Three Vulnerabilities Tuesday
January's software update won't fix two zero-day bugs being exploited by attackers.
Security Researcher Defeats Adobe Flash Sandbox
Flash expert Billy Rios bypassed Flash Player feature meant to prevent malicious attacks.
Zero Day IE Vulnerability Confirmed
No patch yet available for Internet Explorer flaw, as Microsoft and Google researcher trade barbs over bug's disclosure.
Sourcefire Buys Cloud Security Firm
Immunet's cloud-based anti-malware model to boost Sourcefire's enterprise endpoint offerings
Report: More Than A Third Of All Malware In History Was Created In 2010
Banking Trojans still dominate the new wave of malware, PandaLabs says
Attackers Broke Malware Records In 2010
Over the past year, online criminals created one-third of all viruses and 34% of all malware ever seen.
Spam Attack Captures Government Data
A Zeus botnet variant disguised as a White House electronic greeting card netted numerous documents from U.S. agencies.
Microsoft Warns Of Windows Graphics Vulnerability
Disclosed last month, a flaw in the Windows Graphics Rendering Engine could be used to execute malicious code.
New Stealth Rootkit Steals Windows 7, Server 2008 User Privileges 'On The Fly'
Researcher plans to hand off code to antivirus vendors, and then to EC-Council for ethical hacking training
7 Ways To Save Microsoft In 2011
If Redmond can't adapt to the most competitive landscape in decades, it will fall further behind Apple and Google in key growth markets like phones and tablets.
IE Zero Day Flaw Leaked To Google Search
Log from security researcher's fuzzing engine found someone at a Chinese IP address searching for the exact Microsoft Internet Explorer attack signature.
Accidental Leak Reveals Chinese Hackers Have IE Zero Day
Google researcher's new fuzzer finds vulnerabilities in all browsers
Top 10 Security Predictions For 2011
More malware, botnets, and mayhem, including online protests and political attacks, are in store for this year, according to security experts.
For Hackers, 2011 Looks Like A Prosperous New Year
If you're an attacker, the new year is a target-rich environment. Here are five areas where you should shore up your defenses
|
Latest Comment: -when I told you that our cyber-defense was from another age
Navigating the Deluge of Security DataIn this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industry’s conventional wisdom. Here’s a look at what they’re thinking about.
Tweet This
1 Comments
