Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Commentary

Content posted in December 2006
Technology Jeopardizes The Secret Ballot
Commentary  |  12/15/2006  | 
Ed Felten at Freedom to Tinker has several brief, but meaty, posts this week on the erosion of a pillar of Western democracy: The secret ballot. The secret ballot offers two forms of protection: Because nobody can look over your shoulder to see how you voted, it's hard to coerce your vote. And, because you can't prove to anybody how you voted, you can't sell your vote. But technology and social trends are making the secret ballot harder to preserv
Outsource Security Carefully, And Carry A Big Audit Plan
Commentary  |  12/15/2006  | 
Are IT managers desperate if they outsource security? That's the provocative question Larry Greenemeier asks in today's issue of InformationWeek. His conclusion? A resolute no. In fact, hiring an independent service provider might just be your best bet for staying safe in the midst of rising threats against malware, hackers, and internal saboteurs.
Seven Steps To Follow When Data Leakage Strikes
Commentary  |  12/14/2006  | 
At a recent summit on "data leakage," which sounds like an unfortunate side effect to a prescription medication, Experian Corp. chief information security officer James Christiansen provided a very useful rundown of what to do before, during, and
Protecting Against Insider Threats
Commentary  |  12/11/2006  | 
When you visualize what a computer criminal looks like, you probably think of a teen-ager living in his mother's basement, or a shady-looking character in a lawless country far away. But if you want to know what the most dangerous computer criminals look like, take a look at the guy sitting in the next cube.

Spam's Making A Comeback And We're All Stuck With It
Commentary  |  12/6/2006  | 
The New York Times reports grim news that anybody watching their e-mail in-boxes already knew: Spam is making a comeback. Worldwide spam volumes doubled since last year, and spam now accounts for more than 90% of e-mail worldwide. And it doesn't look like the problem is going away.



4 Tips to Run Fast in the Face of Digital Transformation
Shane Buckley, President & Chief Operating Officer, Gigamon,  12/9/2019
US Sets $5 Million Bounty For Russian Hacker Behind Zeus Banking Thefts
Jai Vijayan, Contributing Writer,  12/5/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Our Endpoint Protection system is a little outdated... 
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7257
PUBLISHED: 2019-12-11
SQL injection vulnerability in DBD::PgPP 0.05 and earlier
CVE-2013-4303
PUBLISHED: 2019-12-11
includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 does not properly detect extensions when there are an even number of "." (period) characters in a string, which allows remote attackers to conduct cross-s...
CVE-2013-5743
PUBLISHED: 2019-12-11
Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.
CVE-2013-5978
PUBLISHED: 2019-12-11
Multiple cross-site scripting (XSS) vulnerabilities in products.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Product name or (2) Price description fields via a request to wp-admin/admin.php. NOTE: This issue may...
CVE-2013-3542
PUBLISHED: 2019-12-11
Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!#/" with the same password, which makes it easier for remote attackers to obtain ...