Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Commentary

Content posted in December 2009
<<   <   Page 2 / 2
Bank Phishing: It Doesn't Take Much For Phishers To Take A Lot
Commentary  |  12/7/2009  | 
Most people ignore -- and, one hopes, delete unopened -- those phishmails that pose as correspondence from legitimate banks. But even a fraction of a percentage of responses generates millions for the crooks.
KACE Adds Patch and Remediation To Strengthen Patch Management For Endpoint Security
Commentary  |  12/7/2009  | 
The new technology is designed to improve patching support and add automated patch management to KBOX systems management appliances.
Researcher: iPhone Data Easy To Cultivate
Commentary  |  12/6/2009  | 
While there hasn't been any attacks on iPhones that haven't been jailbroken, one researcher has shown that once a rogue application makes its way onto the device - there's not much it can't do with your data.
Global CIO: The Top 50 Tech Quotes From 2009
Commentary  |  12/5/2009  | 
What were the most-memorable, confrontational, insightful, and valuable comments in 2009? We've pulled together 50 of the best.
SMB Security Spending To Grow In 2010, Vendors Say. What Say You?
Commentary  |  12/4/2009  | 
Small and midsized businesses are "poised" for security growth in 2010, according to a recent panel of experts. But that same conversation included warnings that the growth would come while SMBs continue to slash budgets. Paradox? Not when you factor in the cloud and security services.
The Case For Specialized Hardware
Commentary  |  12/3/2009  | 
As we described in the last few entries, adding storage software to standard servers or even to virtual servers is making more sense for a variety of data centers because of the increased performance capabilities of the Intel processor family. Despite this there may still be times in certain environments where there is a need for specialized storage hardware.
Global CIO: Outsourcer HCL To Cut Insurer's Costs By $150 Million
Commentary  |  12/2/2009  | 
HCL is taking on an end-to-end chain of processes in a deal valued at $200 million that blends IT infrastructure and services with deep business processes and more.
Test Drive Of Metasploit's NeXpose Plug-In
Commentary  |  12/2/2009  | 
Rapid7's acquisition of the Metasploit Project caused a lot of heads to turn. Concerns were raised about the project's future, specifically that of the Metasploit Framework. I held back from saying anything at the time because I was hoping for the best. Yesterday marked the first Metasploit Framework release that shows promise of the future by including integration with Rapid7's NeXpose vulnerability scanner.
Firefox On Fire
Commentary  |  12/2/2009  | 
Firefox is hot. The latest numbers show it now owns one-fourth of the browser market right now. But fame, of course, comes with a price: A recent, separate report shows that Firefox accounted for nearly 45 percent of all Web vulnerabilities in the first half of this year.
Security Pro Market Heating Up
Commentary  |  12/2/2009  | 
The good news for IT security professionals is that demand for their skills is likely to increase in the next few months, according to Robert Half Technology. The challenging news for small and midsized businesses looking for security pros is that rising demand for their skills is going to make finding and hiring them harder.
What IBM's Acquisition Of Guardium Really Means
Commentary  |  12/2/2009  | 
IBM's acquisition of database activity monitoring (DAM) vendor Guardium has created a lot of buzz in the security industry. This is the first major acquisition in the database security market, the first time a large company has bet on DAM technology, and if the rumored sales price is accurate, then it suggests IBM paid a premium. And given the value this product can provide to IBM customers, it looks like a good investment.
Global CIO: Will SAP Move To Tiered Maintenance Fees?
Commentary  |  12/1/2009  | 
SAP's intentions are always difficult to discern, but it might be on the verge of revising the support/maintenance fees its customers love to hate.
New Ransomware Attack Underway
Commentary  |  12/1/2009  | 
Security researchers at CA have found a new so-called "ransomware" attack underway. There are many things you can say about malware writers. Most of it would be NSFW. But you can't say they don't work hard at what they do.
The Secret Sauce For Security Blogging
Commentary  |  12/1/2009  | 
I recently wrote in my personal blog about how some security blogs manage to engage their audience better than others and make their readers feel more in touch with what's happening -- on top of earning credibility.
<<   <   Page 2 / 2


COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15058
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
CVE-2020-15059
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
CVE-2020-15060
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
CVE-2020-15061
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.
CVE-2020-15062
PUBLISHED: 2020-08-07
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.