Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Commentary

Content posted in October 2007
Security Threats Meet Business Treats
Commentary  |  10/31/2007  | 
Having written so much about the horrors small and midsized businesses face for our two-part Halloween business terrors feature, I couldn't resist the temptation to give some thought to technology treats.
Free Security Tech Support: Treat Yourself (And Your Computer) On Halloween
Commentary  |  10/30/2007  | 
Security Company CyberDefender's offering free phone-in technical support for one day only -- and that day's tomorrow, October 31. How's that for a Halloween treat?
How Dumb Is Too Dumb To Operate a Computer?
Commentary  |  10/26/2007  | 
Over at GnuCitizen.org, Petko D. Petkov makes it clear that computer users are the weak link in Internet security. In a blog post, Petkov points out that the term "drive-by download," as defined by Wikipedia, doesn't quite work.
Net Security Woes Grows
Commentary  |  10/25/2007  | 
A new report that focuses on the security challenges facing small and midsized businesses shines a light on just how big those challenges are -- and which ones you may be overlooking.
Interop Winners: Desktop Conferencing, Deep Security
Commentary  |  10/25/2007  | 
It's a purely unscientific and anecdotal perspective, but here are my picks for most interesting and most needed technologies from Interop this week, plus the most startling stat I heard in my New York City travels.
Shallow Victory for the Federal Government
Commentary  |  10/25/2007  | 
Whether you realize it or not, John Zuccarini, a notorious scam artist, represents a threat to your online business. His cyberspace businesses illustrate the problems that the government must overcome to make it a safe haven for reputable enterprises.
World Series Ticketing System Crashes, Rebounds
Commentary  |  10/24/2007  | 
The Colorado Rockies were felled by "an external malicious attack" that crashed its online system Monday.
Internet Security Hall Of Shame
Commentary  |  10/22/2007  | 
What are the ten biggest -- and, alas, most common -- Internet security mistakes made by small and midisized businesses, their employees, vendors, family and friends?
Security Threats Rise -- And So Do Security Budgets
Commentary  |  10/19/2007  | 
Is your security budget increasing? Most small and midsized businesses are growing theirs.
Can The RIAA Close Down Usenet?
Commentary  |  10/18/2007  | 
Those of us who remember the Internet before the Web -- and yes, Virginia, there was an Internet before the Web -- will remember when Usenet was one of the major destinations for discussion and file-sharing. It's still there, in a quiet corner where the cognizanti hoped it would go unnoticed by the great unwashed. No more.
Personal Data Protection Legislation: Readers Have Their Say
Commentary  |  10/17/2007  | 
Reader comments on my post about the California governor's veto of a bill that would increase the state's data protection standards included some points warranting further discussion and some intriguing ideas. A related poll shows readers share my skepticism about businesses' will and capacity to fix the data loss problem.
Schwarzenegger Trusts Businesses To Protect Your Data; Do You?
Commentary  |  10/16/2007  | 
Gov. Arnold Schwarzenegger's veto of a California bill aimed at increasing the state's data protection standards, in part based on his view that the marketplace is handling consumer data protection, raises a troubling question: What planet is this guy living on?
Symantec To Buy Vontu?
Commentary  |  10/15/2007  | 
Symantec may be close to announcing the acquisition of Vontu, a company that helps businesses control information on their networks. Given that Symentec already licenses Vontu's data loss prevention technology, the rumored deal isn't entirely unexpected.
Mobile Security: The Data, Not The Notebook Is The Asset
Commentary  |  10/15/2007  | 
Stolen laptops and notebooks continue to get a lot of attention when a lot of confidential data gets stolen along with the device.
Employee Security: Don't Let Layoffs Go From Bad To Worse
Commentary  |  10/12/2007  | 
Layoffs, terminations and firings are never easy -- but they also shouldn't expose your company, network and equipment to more risk than they have to.
Microsoft Security Patches: 4 Critical, 2 Important
Commentary  |  10/10/2007  | 
Yesterday was Patch Day at Microsoft and a Big Day it was, with both Vista and Internet Explorer getting some fixes.
Security Costs: Are You Spending Enough? Too Much?
Commentary  |  10/9/2007  | 
The average company spends 20 percent of its technology budget on security. Does that finding match your security outlay?
Websense Emerging as Viable Security Supplier
Commentary  |  10/9/2007  | 
Are you a bit insecure about your security supplier? In this highly volatile marketplace, Websense is emerging as a vendor that medium and small businesses may want to take a closer look at.
Business Security Requires Network Security Requires Employee Security Requires Job Security
Commentary  |  10/8/2007  | 
The employee security I'm talking about here is your technical team's -- and your ability to hold onto them.
Network Security Problems? Blame The Boss!
Commentary  |  10/4/2007  | 
A recent pre-prison interview with a convicted hacker offers some surprising and important lessons in network and computer security.
Consumers May "Get" Cyber Security -- But That Doesn't Mean They've Got It
Commentary  |  10/3/2007  | 
More than 90 percent of consumers think their PCs -- and their computing habits -- are safe. Half of them are wrong.
Laptop Security: Mind The Gap
Commentary  |  10/1/2007  | 
More big retailer cyber security lessons for small to midsize businesses: This time a security gap hit The Gap.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13864
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
CVE-2020-13865
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
CVE-2020-11696
PUBLISHED: 2020-06-05
In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages (community, essential, professional) in version 2.7.0 and iTop essential and iTop professional in version 2.6.4.
CVE-2020-11697
PUBLISHED: 2020-06-05
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
CVE-2020-13646
PUBLISHED: 2020-06-05
In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed to cause a denial of service (BSOD) or other unknown impact due to failure to verify the value of a specific IOCTL.