Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Commentary

Content posted in November 2009
<<   <   Page 2 / 2
Cloud Security Certification In Development, But It Won't Be Quick
Commentary  |  11/5/2009  | 
The news that formal security certification for cloud-based services is in development is welcome news indeed. The news that the players involved understand just how complicated devising a certification will be is also good news, however little it may seem so at the moment.
Wolfe's Den: HP Revs Data Center Strategy, Stabbing At Cisco
Commentary  |  11/5/2009  | 
Hewlett-Packard has fired back at Cisco in the increasingly contentious race to field an overarching data-center strategy, which will enable enterprises to rein in the complexity of sprawling networks and rampant virtualization.
What To Do With Too Much Storage Performance
Commentary  |  11/5/2009  | 
I recently concluded a series that examined the components of the storage environment that can impact overall storage I/O performance. There was storage I/O bandwidth, controllers and drives. What if you are like
IBM CEO Sam Palmisano Talks With Global CIO
Commentary  |  11/4/2009  | 
In a rare and exclusive interview, the man who transformed IBM speaks out on business analytics, cloud computing, and the emerging Smarter Planet.
A Tool For Investigating Suspicious Activity
Commentary  |  11/4/2009  | 
Dealing with malware-infected computer systems can be time-consuming. If the compromised system has sensitive information, then often digital forensics will be employed to see whether the data was or could have been accessed by the malware. With the hit-or-miss performance of antivirus solutions and craftiness of malware authors, determining whether a computer system is infected is getting harder.
What DAM Does
Commentary  |  11/4/2009  | 
Database activity monitoring (DAM) tools have a range of capabilities, including data collection and analysis. But the real question is: How does this technology help you?
FBI: SMBs Losing Millions To Cybercrooks
Commentary  |  11/4/2009  | 
Cybercrooks may have tried to nab as much as $100 million from small and midsized U.S. businesses in payroll scams over he last year. Now the FBI is talking about how to protect yourself from this automated threat.
Global CIO: IBM's New CIO Sheds Light On Priorities And Plans
Commentary  |  11/3/2009  | 
After two months as IBM's first company-wide CIO, Pat Toole talks about battling 80/20, a massive data-center consolidation, cloud initiatives, and cutting 11,500 apps.
Fundamental Failures With Incident Response Plans
Commentary  |  11/3/2009  | 
I recently got back from a sizable IT security conference in London. As I've experienced countless times at shows, everyone was most intrigued by the war stories about organizations that were victims of a data breach. Security folks have an innate desire to learn what happened to others so they can prevent encountering the same fate -- or so they say. However, after personally investigating hundreds of data breaches for my clients, there seems to be a number of recurring themes that nobody seems
Fighting The Fear Factor
Commentary  |  11/3/2009  | 
It's hard work being prey. Watch the birds at a feeder. They're constantly on alert, and will fly away from food -- from easy nutrition -- at the slightest movement or sound. Given that I've never, ever seen a bird plucked from a feeder by a predator, it seems like a whole lot of wasted effort against not very big a threat.
Mainstreaming SSD
Commentary  |  11/3/2009  | 
Most of the major Solid State Disk (SSD) manufacturers and providers are reporting record sales both in terms of units and capacity being purchased. Much of this success is being driven by cost reductions in the technology and an increased understanding of how to best implement the technology. Mainstreaming SSD is going to require more than just price drops, its going to require intelligent leveraging of the technology.
Hacking Is A Way Of Life
Commentary  |  11/2/2009  | 
We've heard the stories and seen the statistics about insider attacks and how devastating they are to enterprises and their data. However, we've heard little about the underlying causes for many of the insider attacks other than it's the user's fault and the incident could have been avoided if proper precautions were in place. A recent article over at CSO Online sheds light on one of the causes and how it's due in large part to a generation gap and a need to stay connected.
Manhattan DA Announces Major ID Theft Indictment
Commentary  |  11/2/2009  | 
A Manhattan DA brought an 149-count indictment accusing a computer technician of stealing the identities of more than 150 employees of the Bank of New York Mellon and using those identities to orchestrate more than $1.1 million in thefts against charities and non-profits, among other institutions.
Worm Infections Double In First Half Of Year: Microsoft
Commentary  |  11/2/2009  | 
Microsoft's latest Security intelligence Report confirms what we all know: worms are spreading faster and faster, and although rogue anti-virus scams remain the top threat, the rate of worm infection doubled in the first six months of 2009.
Global CIO: Juniper Attacks Cisco Head-On With Help Of IBM And Dell
Commentary  |  11/1/2009  | 
Sensing Cisco is distracted with its non-networking ventures as CIOs are growing unhappy with rising network costs, Juniper is going after Cisco full-bore with key new products and partners.
<<   <   Page 2 / 2


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30485
PUBLISHED: 2021-04-11
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.