Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Commentary

Content posted in December 2008
<<   <   Page 2 / 2
Apple Yanks Controversial Support Page
Commentary  |  12/3/2008  | 
Apparently, Apple never intended to recommend individual users install multiple antivirus applications to protect the venerable operating system.
Alternative Web Browsers: Do They Have A Fighting Chance?
Commentary  |  12/3/2008  | 
How many Web browsers can you name? Besides the most common -- Internet Explorer (IE), Firefox, and Safari -- I know of Google's Chrome, Opera, and some Linux-specific browsers. That's it. So I was interested to read Computerworld's article ("Too good to ignore: 6 alternative browsers,") which gives a good overview of six alternative browsers (really five if you don't count separa
Were Early Warnings Ignored Prior To Mumbai Attack?
Commentary  |  12/3/2008  | 
Earlier this week it was implied that early warnings of an Islamic terrorist attack were "lost in the system." At this time, I am not able to find a credible enough source to prove whether this was actually the case, but it is rumored that the warning was specific in that the attack would come from the sea.
You've Got Backup. Why Aren't You Using It?
Commentary  |  12/3/2008  | 
New figures from Symantec indicate that more than 90 percent of all small and midsized businesses have backup technology in place, yet more than half have lost data that wasn't backed up. What's the disconnect?
Quick Thinking CEO, Employees Thwart Theft
Commentary  |  12/2/2008  | 
An employee at Vancouver-based C-W Agencies had requested three backup tapes, other employees at the firm asserted. Problem is: one disappeared.
Hiding In Plain Sight Doesn't Work
Commentary  |  12/2/2008  | 
I do a lot of penetration tests and vulnerability assessments for an assortment of business of all sizes. While doing these types of tests, I run into a lot of goofy configurations, strange setups, and wacky ideas that are an attempt by the client to improve security. The most head-scratching setup I constantly run into involves SSH on a port other than the one it is assigned, Port 22.
Significant Attack Hits DoD Computers
Commentary  |  12/1/2008  | 
Most attacks against Department of Defense systems that we hear about amount to minor attacks on unclassified systems. And while the DoD's network is hammered on 24/7, most of those probes don't get anywhere. Apparently, this attack did.
Cheat Sheets For Responders and Server Administrators
Commentary  |  12/1/2008  | 
It's not uncommon that organizations experience security breaches during the holidays. Malicious attackers who are determined to get in aren't going to take time off. They also know that there is most likely a skeleton crew, or less, manning the operations, so their activities have a greater chance of going unnoticed. Hopefully, none of you returned to work this morning to find your users complaining of strange behavior on their desktops, unexplainable network slowdowns, or other odd occurrences
Pentagon Bans USB Drives. Should You?
Commentary  |  12/1/2008  | 
The U.S. Department of Defense has quietly eliminated removable USB drives from technologies acceptable for use in government computers. While it's being reported that a virus prompted the prohibition, the ban is a reminder of just how convenient easily compromised technologies have become.
The Primary Storage Temptation
Commentary  |  12/1/2008  | 
As IT staffs get stretched even thinner, a challenge is arising in what to do with primary storage. There is still the need for more and more capacity, there are limited dollars to buy more of it, and there are limited resources to properly manage it.
<<   <   Page 2 / 2


DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Human Nature vs. AI: A False Dichotomy?
John McClurg, Sr. VP & CISO, BlackBerry,  11/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: -when I told you that our cyber-defense was from another age
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15073
PUBLISHED: 2019-11-20
An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities.
CVE-2019-15072
PUBLISHED: 2019-11-20
The login feature in &quot;/cgi-bin/portal&quot; in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities.
CVE-2019-15071
PUBLISHED: 2019-11-20
The &quot;/cgi-bin/go&quot; page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail syste...
CVE-2019-6176
PUBLISHED: 2019-11-20
A potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service.
CVE-2019-6184
PUBLISHED: 2019-11-20
A potential vulnerability in the discontinued Customer Engagement Service (CCSDK) software version 2.0.21.1 may allow local privilege escalation.