Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Commentary

Content posted in January 2010
<<   <   Page 2 / 2
Office Users Targeted In Phishing, Rogueware Attacks
Commentary  |  1/10/2010  | 
Two separate Internet security firms are warning customers that Microsoft Office users are being specifically targeting in these attacks.
When PDFs And Flash Files Attack
Commentary  |  1/8/2010  | 
It's getting harder to protect our users from threats coming at them from seemingly trusted places. The Websites they've been using for years are suddenly the source of attacks through malicious advertisements being pushed to the "trusted" site by a third-party advertising service. File format attacks against Adobe's Flash and Acrobat are becoming the exploit du jour for attackers.
Winter Worryland: Keeping Secure When The Weather Turns Rough
Commentary  |  1/8/2010  | 
The chill that's wrapped much of the country in its grasp the last couple of weeks offers a pretty good, if pretty obvious, opportunity to take a look at the effects weather can have on your business -- and especially your business security.
Global CIO: Cloud Computing's Deadly Vulnerability--And How To Avoid It
Commentary  |  1/8/2010  | 
This one even trumps concerns about security, compliance, privacy, and management.
Adobe Reader's Patch Tuesday
Commentary  |  1/7/2010  | 
Next Tuesday, Jan. 12, is Microsoft Patch Tuesday. Beyond the usual patches from Microsoft, we will also get a critical update for a piece of software that increasingly plays a role in exploiting desktop systems -- the Adobe Reader from Adobe Systems.
Do We Need Tier 1 Storage?
Commentary  |  1/7/2010  | 
Tiered storage often means the development of a storage strategy that moves data from fast, expensive storage to slower SATA based storage. Tiered storage can also refer to the quality of the storage. A tier 1 storage system may have a higher level of reliability and DR functionality than a tier 2 system. The delta between the quality and capabilities of these tiers is quickly eroding, which makes the question a fair one to ask.
New Year Will Put New Pressure On Security Services Decisions
Commentary  |  1/7/2010  | 
Security, as many consumers have recently discovered, is a matter of perspective. Many consumers carefully lock their houses each night and turn off their computers. They keep their AV products up to date, their wireless connections encrypted, and their passwords in their heads.
Airline Security: The Technical Task Of Connecting Dots
Commentary  |  1/7/2010  | 
The Obama team must not underestimate the integration effort required to assimilate intelligence data generated by myriad sources.
CES Den: Cisco Video Thrust Telegraphs Bandwidth-Bandit Strategy
Commentary  |  1/7/2010  | 
Cisco CEO John Chambers' plan to support live consumer videoconferencing is a smart stealth move to drive bandwidth demands, and capture the resulting uptick in networking sales. Here's a strategic assessment.
Global CIO: 20 SAP Add-Ons That CIOs Will Love
Commentary  |  1/6/2010  | 
This list can help increase the value of your SAP environments, courtesy of analyst Ray Wang.
Detecting DNS Hijacks Via Network Monitoring
Commentary  |  1/6/2010  | 
Last year saw a slew of different DNS attacks. The most recent incident was the hijacking of Twitter's DNS records to redirect to a Website stating, "This site has been hacked by the Iranian Cyber Army." Though the impact to a company's public image can be large, DNS redirection attacks have the potential to be even more devastating than a tarnished image.
Panda Security: Malware Tops 25 Million In 2009
Commentary  |  1/6/2010  | 
As I read PandaLab's Annual Malware Report, just published yesterday, the headline number of 25 million new malware samples struck me in this way: So What. And it leaves one wondering why some security vendors choose to focus so heavily on Fear, Uncertainly, and Doubt (FUD). Most of that "new" malware crud doesn't get anywhere.
Facebook's Security Team Frustrates Cybercriminals
Commentary  |  1/5/2010  | 
Though Facebook is one of the potentially most virulent platforms on the Internet, its security team is very talented, which makes life for cybercriminals all the more difficult.
Global CIO: Hewlett-Packard Recruits Microsoft To Raid Sun's Customers
Commentary  |  1/5/2010  | 
HP plus Microsoft, Red Hat and Novell are trying to pull leery CIOs away from Sun before the Oracle deal closes.
Top 10 Threats: Malware List From Sunbelt
Commentary  |  1/5/2010  | 
Sunbeltlabs' look at December's top ten malware threats offers a reminder that while Trojans remain the biggest threat, search strings are gaining fast, particularly searches involving young dead celebrities (Brittany Murphy)and -- surprise! -- Tiger Woods.
Global CIO: 13 CIOs Describe Their Biggest Mistakes
Commentary  |  1/4/2010  | 
We all make decisions we wish we could do over. These leaders aren't afraid to admit theirs.
New Threats Target Adobe PDF Zero Day
Commentary  |  1/4/2010  | 
Adobe Acrobat and Adobe Reader are vulnerable and under attack from a new, sophisticated zero-day Javascript exploit according to the SANS Internet Storm Center.
Global CIO: Federal CIO Vivek Kundra's $5Billion Credibility Gap
Commentary  |  1/4/2010  | 
Kundra's first year brought inspiring visions but also misguided support for runaway spending--will he reverse that in 2010?
How Obama Could Fix Airline Security
Commentary  |  1/4/2010  | 
Northwest Airlines' Christmas Day scare showcases why the current airline security program, which potentially violates due process and treats every passenger as a criminal, isn't working. It's time to start over and focus more on substance and apply a fresh set of eyes to this problem. This is one more chance for President Obama to give us a change we can believe in, and it's also a chance for us to look at airline security practices and take them for what they are -- an example of what not to
Four Tiers For The New Decade
Commentary  |  1/4/2010  | 
The storage component is changing, becoming either dramatically faster with Solid State Disk (SSD) technology or fundamentally more cost effective thanks to capacity-efficient disk archiving or overhead-efficient cloud storage. In addition all current storage will still need to be managed. A four-tier storage strategy will allow storage managers to develop a storage environment that is both cost efficient and meets increasing performance demands.
Here Come The Holiday Devices -- And The Post-Holiday Risks
Commentary  |  1/4/2010  | 
Smartphones and thumb-drives and players and everything else digital and USB-equipped (and wireless!), oh my! How many of the people in your business received digital, connect-able gifts this holiday season? How many of them brought those gifts to work with them today? And more to the point, how many of those devices are now connected to your network?
Significant Worm and Virus Attacks of The Decade
Commentary  |  1/2/2010  | 
We certainly thought viruses and digital exploits were a nuisance throughout the 1990s. But there was nothing like the Morris worm that played havoc on Internet users on November 2, 1988. That all changed in the spring of 2000, and what a can of worms the oughts turned out to be. And how quaint the malware of the 1990s looks in comparison.
New Year's Security Resolutions Require Full Year's Security Resolve, Especially Where Employees Are Concerned
Commentary  |  1/1/2010  | 
Everybody makes resolutions, everybody breaks resolutions. No less true for small and midsized business security resolutions than any other kind. But security resolutions generally require the participation of others who might not be as security conscious as you are (You think?). And that's where the resolve comes in.
<<   <   Page 2 / 2


COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15058
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
CVE-2020-15059
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
CVE-2020-15060
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
CVE-2020-15061
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.
CVE-2020-15062
PUBLISHED: 2020-08-07
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.