Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
14 Enterprise Security Tips From Anonymous Hacker
Former Anonymous member "SparkyBlaze" advises companies on how to avoid massive data breaches.
New Windows Worm Wriggling Through Networks
'Morto' targets weak passwords, usernames and spreads via the Remote Desktop Protocol.
Gmail Attack Highlights Web Insecurity
A man-in-the-middle attack that relied on an unauthorized Google SSL certificate has revived concern over whether any Web communication is really secure.
Insulin Pump Hack Controversy Grows
Security researcher--and pump user--who found the flaw takes medical device manufacturer Medtronic to task for its response to the security vulnerability.
Apache Issues Workarounds For 'Killer' Attack
Development team spells out mitigation strategies for DDoS threat in advance of patch release.
Google Gives Up $500M In Revenue From Canadian Online Pharmacies
Search engine giant should not have sold ads to unauthorized pharmacies, Department of Justice says
Chinese Military Documentary Reveals Alleged Attack Software
Government-run TV channel program accidentally reveals what appears to be software designed for cyber warfare.
Google Patches Critical Chrome Bug
Chrome browser update includes patches for 11 vulnerabilities, including several discovered by Google bug bounty winners.
Hacked Medical Device Sparks Congressional Inquiry
Legislators demand answers after a security researcher remotely controlled his own insulin pump using a $20 radio frequency transmitter at Black Hat.
McAfee Blew Shady RAT Analysis, Kaspersky Says
Security expert Eugene Kaspersky dismissed the seriousness of the Shady RAT botnet and suggested McAfee was purposefully alarmist in its report.
Facebook Offers Security Guide
Faceboook tries to explain the many security issues that have arisen for users of social networking and give tips for keeping accounts secure.
Microsoft Disables Supercookies On MSN
The online user tracking technique is drawing fire, and numerous businesses are stepping away from the firms that practice it.
Google Reports How Web Attackers Evade Malware Detection
Data gathered from Google's Safe Browsing API service reveals drive-by infections most common, with IP cloaking on the rise.
7 Ways To Stop Insider Hack Attacks
A former IT staffer invaded his pharmaceutical employer's network and deleted virtual machines, causing about $800,000 in losses. Here's how to prevent such trouble.
Google Disputes Socially Engineered Malware Study
After IE9 beat Chrome on security in a report, Google says social engineering accounts for only 2% of malware found on the Web.
Citigroup Case Spotlights Insider Threat Dangers
Case of Citigroup, fined for missing suspicious behavior of employee who bilked customers of $750,000, shows IT must be backed by supervisory control.
3 Security Lessons From BART's Anonymous Breach
As BART continues to face attacks from the hacker group
Anonymous, its security weak points have become painfully
obvious. Here's what your IT staff can learn from BART's
mistakes.
DOD Expanding Contractor Cybersecurity Program
Pilot program that shares threat information with defense contractors, network providers has stopped hundreds of intrusions, DOD says.
Scotland Yard Read Encrypted BlackBerry Messages During Riots
British police officials said they used confiscated BlackBerry smartphones to "break into" encrypted communications.
Botnets And Google Dorks: New Recipe For Hacking
Attackers finding new ways to automate the hunt for vulnerabilities, Imperva researchers say.
Botnets And Google Dorks: A New Recipe For Hacking
Attackers finding new ways to automate the hunt for vulnerabilities, Imperva researchers say
Internet Explorer 9 Best At Catching Socially Engineered Malware
Microsoft's newest browser outperforms Chrome, Firefox, Safari, and Opera in lab test for detecting malware-laden links
Microsoft IE9 Blocks Malware Best
Report finds that IE9's ability to block malicious URLs, malware, and phishing attacks far surpasses that of Chrome, Safari, Firefox, or Opera.
SpyEye Trojan Source Code Published
Once costly code for data-stealing Trojan is now available to the masses; exploits expected to rise, Damballa reports.
Slide Show: Sights And Sounds Of Black Hat USA 2011
Zombies, robots, 'war-flying' drones, PWN phones -- and scary, real-world SCADA hacks were among the mix of lighthearted and deadly serious demonstrations and presentations at this year's Black Hat USA in Las Vegas
BART Braces For More Attacks From Anonymous
The SF Bay area's transit agency expects more website disruptions after an attack over the weekend.
Can Data Breaches Kill?
When data is sensitive enough, its exposure has the potential to be fatal.
Researchers Claim Flaws In Facebook; Facebook Calls Them 'Best Practices'
Short passwords, non-SSL-encrypted forms are criticized by Cenzic
AntiSec Data Dump IDs Thousands Of Cops, Informants
Hacker group's release includes social security numbers, credit card data, and passwords for thousands of officers and informants.
Visa Pushes PIN Requirement With Credit Card Purchases
European consumers are used to this drill, but now Visa is putting its muscle behind increased security measures in the United States.
Shady RAT No China Smoking Gun
Kudos to McAfee for discovering attacks that go undiscovered too often, but questions about attack severity, sophistication, or nation-state backing remain.
Encrypt Early, Encrypt Often
You can't rely on cloud providers for data security.
Anonymous Threats To Kill Facebook: Another Hoax?
Security experts question whether the plot against Facebook is real, noting odd Twitter accounts used to launch the campaign.
Tween Hacker's Time-Travel Trick
DefCon Kid discovers new class of vulns
RIM's London Riot Fallout Increases: BlackBerry Blog Hacked
Hackers take issue with RIM's cooperation with London Police. Multiple people arrested on charges of inciting others to violence via Facebook.
Google Researcher Dissects Sophos Antivirus Software
AV product vendors don't provide sufficient technical details on how their products work, researcher says at Black Hat USA.
70 Percent Of Infected Consumer Machines Hit With Multiple Malware Types
New Sourcefire Immunet and ClamAV data provides snapshot of consumer malware threats
Don't Blame RIM, Twitter For London Riots
You may dislike social networking or smartphones all you want--but remember they're just tools used by people.
U.K. Police Seek BlackBerry Messages Following Riots
BlackBerry maker Research In Motion has offered to help the police with their investigation, but has not specified what data will be shared.
State Department, Auditors Clash On IT Security Monitoring
GAO says the department's iPost risk-scoring program doesn't handle non-Windows systems or sufficiently detail vulnerabilities, and fails to reflect the impact and likelihood of threats.
Google Researcher Dissects Sophos Antivirus Software
AV product vendors don't provide sufficient technical details on how their products work, researcher says at Black Hat USA
SSL Certificates May Offer False Sense Of Trust
Researcher points to fundamental problems in SSL and DNSSEC, and says it's time for users to take control of trust.
How USB Sticks Cause Data Breach, Malware Woes
Half of businesses have lost sensitive or confidential information due to USB memory sticks, with many incidents involving those infected with malware.
Anonymous Cracks Cops Data Again
The "hacktivist" Anonymous operation known as AntiSec released a 7.4 GB file with emails and personal information from 56 different law enforcement agencies.
Siemens Joins SCADA Hack Demo At Black Hat
NSS Labs researcher Dillon Beresford shows holes in Siemens programmable logic controllers that could lead to attacks.
Siemens Shows Up For Black Hat Demo Of SCADA Hack
NSS Labs researcher Dillon Beresford shows holes in Siemens programmable logic controllers (PLCs) that could lead to attacks
Getting Root On The Human Body
Black Hat researcher shows it is possible to remotely control a diabetic's insulin pump without person's knowledge
Wardriving Evolves Into Warflying
Researchers release specs for a DIY radio-controlled plane that hacks systems by air.
iPad Credit Card Reader Hacked As Skimmer
The Square reader for iPhone and iPad converts credit card numbers into plain audio, enabling criminals to convert stolen cards into cash.
The Week In Security: 4 Big Stories
Cyber threats as part of future wars, Android malware, and Shady Rats made news. Don't miss the week's key security stories.
|
How Cybersecurity Incident Response Programs Work (and Why Some Don't)This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
The Threat from the Internet—and What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Tweet This
15 Comments
