Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Commentary

Content posted in December 2008
<<   <   Page 2 / 2
Apple Yanks Controversial Support Page
Commentary  |  12/3/2008  | 
Apparently, Apple never intended to recommend individual users install multiple antivirus applications to protect the venerable operating system.
Alternative Web Browsers: Do They Have A Fighting Chance?
Commentary  |  12/3/2008  | 
How many Web browsers can you name? Besides the most common -- Internet Explorer (IE), Firefox, and Safari -- I know of Google's Chrome, Opera, and some Linux-specific browsers. That's it. So I was interested to read Computerworld's article ("Too good to ignore: 6 alternative browsers,") which gives a good overview of six alternative browsers (really five if you don't count separa
Were Early Warnings Ignored Prior To Mumbai Attack?
Commentary  |  12/3/2008  | 
Earlier this week it was implied that early warnings of an Islamic terrorist attack were "lost in the system." At this time, I am not able to find a credible enough source to prove whether this was actually the case, but it is rumored that the warning was specific in that the attack would come from the sea.
You've Got Backup. Why Aren't You Using It?
Commentary  |  12/3/2008  | 
New figures from Symantec indicate that more than 90 percent of all small and midsized businesses have backup technology in place, yet more than half have lost data that wasn't backed up. What's the disconnect?
Quick Thinking CEO, Employees Thwart Theft
Commentary  |  12/2/2008  | 
An employee at Vancouver-based C-W Agencies had requested three backup tapes, other employees at the firm asserted. Problem is: one disappeared.
Hiding In Plain Sight Doesn't Work
Commentary  |  12/2/2008  | 
I do a lot of penetration tests and vulnerability assessments for an assortment of business of all sizes. While doing these types of tests, I run into a lot of goofy configurations, strange setups, and wacky ideas that are an attempt by the client to improve security. The most head-scratching setup I constantly run into involves SSH on a port other than the one it is assigned, Port 22.
Significant Attack Hits DoD Computers
Commentary  |  12/1/2008  | 
Most attacks against Department of Defense systems that we hear about amount to minor attacks on unclassified systems. And while the DoD's network is hammered on 24/7, most of those probes don't get anywhere. Apparently, this attack did.
Cheat Sheets For Responders and Server Administrators
Commentary  |  12/1/2008  | 
It's not uncommon that organizations experience security breaches during the holidays. Malicious attackers who are determined to get in aren't going to take time off. They also know that there is most likely a skeleton crew, or less, manning the operations, so their activities have a greater chance of going unnoticed. Hopefully, none of you returned to work this morning to find your users complaining of strange behavior on their desktops, unexplainable network slowdowns, or other odd occurrences
Pentagon Bans USB Drives. Should You?
Commentary  |  12/1/2008  | 
The U.S. Department of Defense has quietly eliminated removable USB drives from technologies acceptable for use in government computers. While it's being reported that a virus prompted the prohibition, the ban is a reminder of just how convenient easily compromised technologies have become.
The Primary Storage Temptation
Commentary  |  12/1/2008  | 
As IT staffs get stretched even thinner, a challenge is arising in what to do with primary storage. There is still the need for more and more capacity, there are limited dollars to buy more of it, and there are limited resources to properly manage it.
<<   <   Page 2 / 2


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34580
PUBLISHED: 2021-10-27
In mymbCONNECT24, mbCONNECT24 &lt;= 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind of response the server sends for crafted invalid login attempts.
CVE-2011-4126
PUBLISHED: 2021-10-27
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere.
CVE-2011-4574
PUBLISHED: 2021-10-27
PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart, this uses timing information based on the processor's high resolution timer (the RDTSC instruction). This instruction can be virtualized, and some virtual machine hosts have chosen to disable this instru...
CVE-2020-7867
PUBLISHED: 2021-10-27
An improper input validation vulnerability in Helpu solution could allow a local attacker to arbitrary file creation and execution without click file transfer menu. It is possible to file in arbitrary directory for user because the viewer program receive the file from agent with privilege of adminis...
CVE-2021-26610
PUBLISHED: 2021-10-27
The move_uploaded_file function in godomall5 does not perform an integrity check of extension or authority when user upload file. This vulnerability allows an attacker to execute an remote arbitrary code.