Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Commentary

Content posted in December 2008
<<   <   Page 2 / 2
Apple Yanks Controversial Support Page
Commentary  |  12/3/2008  | 
Apparently, Apple never intended to recommend individual users install multiple antivirus applications to protect the venerable operating system.
Alternative Web Browsers: Do They Have A Fighting Chance?
Commentary  |  12/3/2008  | 
How many Web browsers can you name? Besides the most common -- Internet Explorer (IE), Firefox, and Safari -- I know of Google's Chrome, Opera, and some Linux-specific browsers. That's it. So I was interested to read Computerworld's article ("Too good to ignore: 6 alternative browsers,") which gives a good overview of six alternative browsers (really five if you don't count separa
Were Early Warnings Ignored Prior To Mumbai Attack?
Commentary  |  12/3/2008  | 
Earlier this week it was implied that early warnings of an Islamic terrorist attack were "lost in the system." At this time, I am not able to find a credible enough source to prove whether this was actually the case, but it is rumored that the warning was specific in that the attack would come from the sea.
You've Got Backup. Why Aren't You Using It?
Commentary  |  12/3/2008  | 
New figures from Symantec indicate that more than 90 percent of all small and midsized businesses have backup technology in place, yet more than half have lost data that wasn't backed up. What's the disconnect?
Quick Thinking CEO, Employees Thwart Theft
Commentary  |  12/2/2008  | 
An employee at Vancouver-based C-W Agencies had requested three backup tapes, other employees at the firm asserted. Problem is: one disappeared.
Hiding In Plain Sight Doesn't Work
Commentary  |  12/2/2008  | 
I do a lot of penetration tests and vulnerability assessments for an assortment of business of all sizes. While doing these types of tests, I run into a lot of goofy configurations, strange setups, and wacky ideas that are an attempt by the client to improve security. The most head-scratching setup I constantly run into involves SSH on a port other than the one it is assigned, Port 22.
Significant Attack Hits DoD Computers
Commentary  |  12/1/2008  | 
Most attacks against Department of Defense systems that we hear about amount to minor attacks on unclassified systems. And while the DoD's network is hammered on 24/7, most of those probes don't get anywhere. Apparently, this attack did.
Cheat Sheets For Responders and Server Administrators
Commentary  |  12/1/2008  | 
It's not uncommon that organizations experience security breaches during the holidays. Malicious attackers who are determined to get in aren't going to take time off. They also know that there is most likely a skeleton crew, or less, manning the operations, so their activities have a greater chance of going unnoticed. Hopefully, none of you returned to work this morning to find your users complaining of strange behavior on their desktops, unexplainable network slowdowns, or other odd occurrences
Pentagon Bans USB Drives. Should You?
Commentary  |  12/1/2008  | 
The U.S. Department of Defense has quietly eliminated removable USB drives from technologies acceptable for use in government computers. While it's being reported that a virus prompted the prohibition, the ban is a reminder of just how convenient easily compromised technologies have become.
The Primary Storage Temptation
Commentary  |  12/1/2008  | 
As IT staffs get stretched even thinner, a challenge is arising in what to do with primary storage. There is still the need for more and more capacity, there are limited dollars to buy more of it, and there are limited resources to properly manage it.
<<   <   Page 2 / 2


Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23394
PUBLISHED: 2021-06-13
The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.