Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Researchers Report New, 'Indestructible' Botnet
TDL-4 features new defenses, Kaspersky researchers say; other experts not so sure about the 'indestructible' part
Mass-Meshing A Gumblar Creation
Who doesn't love a new buzzword? 'Mass-meshing' is a new term that describes an old problem first presented by the Gumblar attacks in 2009
LulzSec Successors Press On, Hitting Viacom, AZ
Hacking groups Anonymous and #AntiSec mount attacks on media companies and a previous LulzSec government target.
LulzSec Members Apparently Outed
An anonymous post claims to put names to four of the group's six members, leading security experts to predict imminent arrests.
Passwords: Tips For Better Security
You can make your passwords more secure if you follow a few simple rules: Don't reuse passwords, make them long and random, and don't be afraid to write them down, say security experts.
Feds Identify Top 25 Software Vulnerabilities
Department of Homeland Security worked with non-profits and the private sector to come up with a list of the most worrisome threats and how organizations can mitigate them.
Health Data Losses: Don't Blame Hackers
Physical theft and lost computing devices are responsible for most of the health data that has been compromised, not hacking, according to U.S. Dept. of Health and Human Services.
DARPA Sharpens Focus On Video Analysis Technology
The VIRAT and PerSEAS programs aim to create better ways to detect dangerous behavior, such as burying improvised explosive devices, during combat.
Who Bears Online Fraud Burden: Bank Or Business?
Two recent court cases with very different outcomes call attention to the uncertain--and potentially expensive--regulatory and legal environment for small businesses and their online banking security.
Are LulzSec, Anonymous The Pissed-Off Canary In The Coal Mine?
LulzSec and Anonymous could be doing the world a favor by showcasing weak systems, and their actions suggest these systems and others like them could have been compromised for months by those wanting to do harm
LulzSec Hacks Arizona Police Computers
Hacktivist group posts a torrent containing internal files lifted from law-enforcement as part of global cybercrime campaign against governments.
Eavesdropper Steals Quantum Crypto Keys
So-called "perfect eavesdropper" steals keys while they're being negotiated, without alerting users.
FBI Breaks Up Two Big Scareware Rings
Feds seize equipment and trigger arrests as "Operation Trident Tribunal" targets scareware campaigns that collectively stole $74 million.
Next Virus Victim: Your Doctor's Or Nurse's iPad?
Networked devices used by medical personnel carry vulnerability to viruses and security threats, requiring careful teamwork between IT and clinical engineering, experts say.
Spear Phishers Aiming At SMBs
Pilfered email addresses and personal information from Epsilon and Sony breaches will make attacks on SMBs even more likely.
WordPress Warns Of Trojanized Plug-Ins, Urges Patching
Attackers added a back door to three plug-ins that were available for download from WordPress for more than 24 hours.
LulzSec Takes Hit, Keeps On Hacking
British authorities charge teenager with launching DDoS attack, and anti-LulzSec group says it's tracing identities of the hacking group's members.
'John The Ripper' Gets A Face-Lift
Popular open-source password-cracking tool now faster, and backed with Rapid7 sponsorship
SMBs Face Social Media Security Challenges
Wedge Networks upgrades its deep content inspection network gateway to monitor social media and Web application traffic for security risks.
The End Is Near For Paid Antivirus On PCs
The rise of free but "good enough" software spells an end to the days of having to pay for PC antivirus software.
IT Pros Lose Sleep Over Spyware, Not APT
eEye survey finds most IT admins, managers, and C-level executives consider Stuxnet, Operation Aurora, and other high-profile targeted threats 'minor' concerns
LulzSec, Anonymous: Feds Most Wanted
While the hacker groups have drawn attention with public boasts, federal investigators have set up shop in numerous social media sites, going undercover where necessary to root cyber criminals.
Dropbox Files Left Unprotected, Open To All
A software bug rendered the account authentication mechanism non-functional for four hours, leaving customers fuming over the latest security lapse at the popular online file storage service.
3 DNS Risk Reduction Strategies
Department of Homeland Security cybersecurity guidance identifies the three most common risks associated with the Internet's address infrastructure and provides methods for mitigating them.
Network Solutions Suffers DDoS Attack
A distributed denial of service attack took down Network Solutions, severing access to DNS servers, websites, plus hosted servers and email accounts.
Scotland Yard Busts Alleged LulzSec Mastermind
British police, in a joint investigation with the FBI, arrest a teenager on charges of computer misuse and fraud.
Hack Attack Exposes 1.3 Million Sega Accounts
LulzSec says to watch your Facebook, Gmail, and Skype passwords, though no one has claimed responsibility for the Sega breach.
CA Security Spinoff Vows To Surprise The Marketplace
Total Defense has a new name and VC funding, but it faces a tough battle against market-dominating antivirus products, most of which are free.
Advanced Exploitation Of Flash Vulnerability In The Wild
New Flash exploit is extremely effective against the security technologies that many depend on for shelter -- is this a sign of things to come?
Feds, ISPs Team On Cybersecurity For Defense Contractors
The Departments of Defense and Homeland Security are providing cyber threat intelligence to 25 defense contractors and their Internet service providers.
Microsoft Warns Of Huge Phone Scam
Forget fake antivirus software; PC users are getting calls from fake security experts.
The Dark Side Of The Cloud
Wave of high-profile breaches of cloud-based services during the past few months a reality check for entrusting your data with these providers, according to a new Dark Reading Analytics report
How Fast Should Companies Come Clean On Breaches?
Disclosing them too quickly can compromise investigations, security experts warn.
Microsoft, Apple Dis WebGL
Microsoft says it's insecure; Apple won't be supporting it in iOS 5, except to accelerate its iAds.
SMB Websites Face Mass Meshing Attacks
Here's how to protect your SMB website--and what to do if it's been compromised.
Citi: Hackers Got More Records Than We Thought
Citigroup on Wednesday said it had underestimated the number of accounts breached in a recent attack by 70%--but such revisions are not unusual, security experts say.
Why Hackers Found Easy Targets At IMF, Citigroup
Security experts say simple tactics succeeded in breaching major organizations in recent weeks because companies failed to conduct their own penetration testing.
Latest Android Malware Takes Flight With Angry Birds
Malware was embedded in applications that promised to help users cheat their way through Rovio's popular Angry Birds game
LulzSec, Recent Hacks Show Government Agencies Unprepared
The U.S. Senate became the latest victim in a string of hacks into government and high-profile groups like the IMF and Lockheed Martin. Here's what security experts say the Feds must do better.
What Do IMF, Citigroup, And Sony Hacks Share?
Many organizations have been focusing on complying with regulations, rather than taking a top-down look at what most needs to be secured, security experts say.
Microsoft Patch Tuesday To Address 34 Security Risks
The next Patch Tuesday will include a whopping 34 fixes, including critical vulnerabilities in all versions of Microsoft Windows, Internet Explorer, and Excel.
FBI Ramping Up Cyber-Attack Defense
FBI Director Robert Mueller told Congress that high-profile hacks into Google and Sony highlight increased threats and make cybersecurity a key priority.
Citigroup Confirms Hackers Stole Customer Data
Names, account numbers, email addresses, and contact details for more than 200,000 customers stolen in newest attack.
Russian Masterminds Ran Rustock Botnet, Microsoft Says
Forensic analysis of server hard drives points to Russian controllers and turns up email templates mentioning that old favorite, Viagra.
Schwartz On Security: Confused By RSA's Clarification?
While RSA has offered to replace some tokens, many customers still don't know how or why their SecurID tokens may pose a security risk.
IPv6 Graduation Day
Big Bird, Google, and Facebook participate in first high-profile test flight of new IP protocol amid DDoS threat backdrop
Sony Breach Reveals Users Lax With Password Security
Analysis of recent hacks finds that people commonly reuse logins and choose easy-to-crack passwords.
Spear Phishing Attacks On The Rise
Symantec warns that spear-phishing attack volume has hit a two-year high as attackers try to install botnet software, keylogging applications, or other malware.
Hacking Group LulzSec Denies Arrest Report
Sony and InfraGard were targeted by the group, which refutes online reports that a member was arrested by the FBI.
New Malware Can Launch Multiple Types Of Advertising Fraud
'Ad hijacking' leads to multiple exploits, Adometry researchers say
|
Latest Comment: This comment is waiting for review by our moderators.
The Year in Security: 2019This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
![[Just Released] How Enterprises are Attacking the Cybersecurity Problem](https://dsimg.ubm-us.net/asset/413163/625983/report%20thumbnail.PNG)
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Tweet This
6 Comments
