Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Content posted in March 2009
<<   <   Page 2 / 2
5 Ways To Avoid Adware And Malware
Commentary  |  3/9/2009  | 
Think you're protected from adware and malware? Think again. But here are five tips to avoid leaving your computer vulnerable.
Symantec: New Conficker/Downadup Defends Itself Against Defenses
Commentary  |  3/9/2009  | 
Good news: the Conficker/Downadup worm infection seems to be shrinking. Bad news: the worm-makers have developed a new strategy aimed directly at defeating defenses erected against it.
New Dark Reading Tech Center Highlights Insider Threats
Commentary  |  3/9/2009  | 
Today marks the official launch of the Insider Threat Tech Center, a subsite of Dark Reading devoted to bringing you news, opinion, and analysis of the security threats that come from inside the organization -- and the technologies used to prevent them. This is the first of what we hope will be several Dark Reading Tech Centers, which are designed to provide you with a more focused view of specific issues, threats, and tec
Make Daylight Savings Time Daylight (And Nighttime!) Security Time
Commentary  |  3/6/2009  | 
The clock resets that come every spring and fall offer a convenient reminder to doublecheck security procedures and programs, patch status and also to remind your staff to change their passwords.
Offensive Computing: A Bad Idea That Never Dies
Commentary  |  3/5/2009  | 
Your network is getting scanned from some system on the other side of the country, or perhaps the globe. You traceroute the IP address, and discern the offending system is infected with a bot that's trying to infect you. You take a look at the device and see it's not patched for a multitude of OS vulnerabilities. Is it ethical (never mind legal) for you to take the system down with some exploits of your own?
Identity Finder: Tax Time Is Identity Protection Time -- And Not Just Online!
Commentary  |  3/5/2009  | 
As tax season moves into higher gear, so do criminals' efforts to liberate your personal information from your private files. According to one identity theft expert, our online identity protection vigilance needs to be matched by offline wariness as well.
Storage QoS For Virtualized Environments
Commentary  |  3/5/2009  | 
As the initial wave of virtualization projects come to a close, many are finding an odd result. CPU utilization is actually lower than when it started. Now users are looking to pile on more workloads but before they do they need to prioritize storage I/O performance to those workloads; they need a QoS for storage.
Lack Of Manpower Leads To Insecurity
Commentary  |  3/4/2009  | 
The "PHPBB Password Analysis" blog entry here on Dark Reading by Robert Graham offers some truly interesting insight into how users choose passwords -- great info for infosec pros and hackers alike. What I want to point out is something Robert mentions about the phpBB hack in his company's Errata Security blog that
Symantec: Norton 360 v. 3.0 Released Today
Commentary  |  3/4/2009  | 
Symantec's third iteration of its Norton 360 Internet security product offers online backup and data management tools as well the expected array of anti-virus, firewall and identity protection. All, the company says, at higher speed while making lower system demands. Marketed to home users, the package can be effective for small offices as well.
Is Antivirus Software Slipping?
Commentary  |  3/3/2009  | 
A "study," released by a security firm just yesterday, points out the well-known weakness in signature-based antivirus software. But does this mean you shouldn't rely on antivirus software?
iSCSI Strikes Back
Commentary  |  3/3/2009  | 
With all the talk about FCoE and NFS it seems that iSCSI has become the odd man out. All reports indicate that Dell continues to do well with the EqualLogic acquisition but what Hewlett-Packard is doing with its LeftHand Networks purchase remains unclear. Don't count iSCSI out yet, though -- companies are planning iSCSI storage solutions aimed r
Peter Parker's Uncle Ben Would Not Approve
Commentary  |  3/3/2009  | 
Note to Web browsers: With great power comes great responsibility.
Facebook Insecurity: The Worm Returns
Commentary  |  3/3/2009  | 
Facebook and other social network users need to be on the alert for the return of the Koobface worm, which sniffs out cookies associated with social nets, then uses that info to spread itself to other network members.
Breaking Out Of Your Zone
Commentary  |  3/2/2009  | 
There is a blog entry over at the Security Catalyst website titled "Running Outside the Zone" that I think all IT security pros should take the time to read, ponder and put into practice. I won't rehash all of the details here, but the gist of the post is that as an infosec professional, you need to get step outside your comfort zone once in a while. It helps you stay sharp, learn new skills and get better in some areas you'
Sophos: Downadup May Cause Friday the 13th / Southwest Airlines Problems
Commentary  |  3/2/2009  | 
The Downadup/Conficker infestation may be about wreak a little more havoc. Security firm Sophos says the botnet is gearing up for a Friday the 13th move, with Southwest Airlines among its possible targets.
<<   <   Page 2 / 2

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2023-03-17
The Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the full name value in versions up to, and including, 21.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that w...
PUBLISHED: 2023-03-17
The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the &acirc;&euro;&tilde;pec_coupon[code]&acirc;&euro;&trade; parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenti...
PUBLISHED: 2023-03-17
A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0. It has been rated as critical. This issue affects the function view_student of the file admin/?page=students/view_student. The manipulation of the argument id with the input 3' AND (SELECT 2100 FROM (SELECT(...
PUBLISHED: 2023-03-17
A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file Master.php?f=delete_img of the component POST Parameter Handler. The manipulation of the argument path with the input C%3A%2Ffoo.txt le...
PUBLISHED: 2023-03-17
A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=reports&amp;date_from=2023-02-17&amp;date_to=2023-03-17 of the component Report Handler. The manipula...