Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Content posted in May 2008
Page 1 / 2   >   >>
Hey: They're Gonna Confiscate Your iPod
Commentary  |  5/30/2008  | 
From border guards to copyright cops. Get busted with ripped music at the border, and you just may have your iPod, notebook, or smartphone confiscated on the spot. Maybe even if you acquired the music legally.
Speed's Dead
Commentary  |  5/30/2008  | 
In my recent article on data deduplication on InformationWeek's sister site, Byte and Switch, a question of speed impact came up. As we talk to customers throughout the storage community about backup priorities, a surprising trend continues: the importance of shrinking the backup window has become less of a priority for disk to disk backup solutions. Why?
Are Your Employee's Phones Secure? All Of Them? Really?
Commentary  |  5/30/2008  | 
Can a single unsecured smartphone compromise your business's security? Looks that way -- and that should make you look hard at who's got phones in your company, and how they're using them.
Die, Comment Spam. Die
Commentary  |  5/29/2008  | 
Blogging software and services provider Six Apart (known for MovableType and TypePad) has unleashed a new anti-comment spam filter, creatively dubbed TypePad AntiSpam. Now how will I get the latest stock-trading tips, body-enhancing drugs, and pharma deals?
Secure Computing Tells Where Your Biggest Insecurity Is: Inside Your Company, That's Where!
Commentary  |  5/29/2008  | 
What are IT security professionals most scared of? Their companies' own employees, that's what.
Finding The Needle, Part One - Saving Money
Commentary  |  5/28/2008  | 
In the last week another new storage startup is launching a new product, another just received another round of founding, and still another announced it was being purchased. This happens almost every day with technology startup companies, especially in storage.
Adobe Flash Player Under Attack
Commentary  |  5/28/2008  | 
Security researchers are warning that an in-the-wild exploit within the Adobe Flash Player has been planted in from 20,000 to 250,000 Web pages. If that wide range of potentially affected Web pages isn't enough disparity for you, try this on: it's not entirely clear what versions of Flash are at risk. Read on...
Cloud Security
Commentary  |  5/28/2008  | 
Making use of cloud computing resources like Google's App Engine, or Salesforce.com, or Amazon S3, while all the rage, still makes some folks nervous. In particular, heads of enterprise development organizations who feel the need to tell their developers, "Nah-ah. Unless it's behind our firewall, you can't use it."
Infrastructure Virtualization
Commentary  |  5/27/2008  | 
Server virtualization helped justify and broaden the use of the SAN by leveraging networked storage to enable features like server motion. In similar fashion, companies such as Scalent Systems are using infrastructure virtualization to further justify and broaden the use of a SAN by bringing those server virtualization capabilities to nonvirtualized systems: the ability to move or start new application instances in a matter of minutes after powering on and bo
Mob Making Cyber Moves: Organized Crime Versus Disorganized Defenses
Commentary  |  5/27/2008  | 
The news that organized crime is now a bigger cyber-havoc player than independent hackers isn't surprising: as Willie Sutton said of banks in the last century, the Net is now "where the money is."
RIM To Indian Government: No Crypto Keys For You
Commentary  |  5/27/2008  | 
Just last week it looked like RIM was ready to hand over its BlackBerry message encryption to the Indian authorities. Now, it seems as if, to quote singer/songwriter Tom Petty, RIM has had a "Change Of Heart."
Do iSCSI-Only Systems Make Sense?
Commentary  |  5/23/2008  | 
When iSCSI first began to appear, there were several companies -- LeftHand Networks, EqualLogic (now owned by Dell), and others -- which developed storage solutions based solely on the protocol. But what these companies had really developed was a storage software solution that probably could have run on any protocol, although they choose iSCSI. My opinion is that this was as mu
Facebook Vulnerable To Serious XSS Attack
Commentary  |  5/23/2008  | 
If you can't trust your friends, who can you trust? On Facebook, you better think before you click that link, a security researcher warns ...
TVA 's Scary Security Lapses Have Big Lessons For Small And Midsize Businesses
Commentary  |  5/23/2008  | 
The news that the Tennessee Valley Authority (TVA) -- the largest U.S. public electric utility -- is riddled with security lapses should give pause to cybersecurity watchers and worriers everywhere. And the nature of those lapses should be a reminder to every business in the country.
Connecticut Attorney General Blasts Bank Of New York Mellon
Commentary  |  5/22/2008  | 
It's happened again. Another backup tape with millions of customers' information has gone missing. The tape was lost on Feb. 27, and the Connecticut authorities want to know more.
CompTIA Survey: What Causes Most Breaches Is The Same Thing The Road To Hell Is Paved With
Commentary  |  5/22/2008  | 
Findings from a new survey indicate that most security breaches aren't the result of malicious intent. Problem is, more than a few are the result of good intentions.
Research In Motion May Hand Crypto Keys To Indian Government
Commentary  |  5/21/2008  | 
Apparently, the Indian government can't crack 256-bit encryption to read protected e-mails on RIM BlackBerrys. It appears RIM is willing to lend a hand, by handing over its (your) keys.
An Inconvenient Data Retention Policy
Commentary  |  5/21/2008  | 
I recently met with a client that had a 45-day retention policy for ALL data. I've heard of this kind of policy for e-mail, but I don't recall ever hearing of it for all the data in the enterprise. Is this realistic and can you get away with that short of a data retention policy? Not really, and here's why.
E-Mail Security And Compliance Not Taken Seriously
Commentary  |  5/20/2008  | 
Forget viruses and spam as threats to e-mail. Those as so last century. And phishing attacks tend to take money from those who may not be smart enough to hold onto theirs. I mean, who clicks on an e-mail link and starts entering sensitive financial information? That leaves regulatory compliance, lawsuits, and data leakage as the big threats.
Think Before You Toss: Symantec Security Tips On Computer Disposal
Commentary  |  5/20/2008  | 
Getting rid of old computers gets trickier every day. A Symantec podcast offers three minutes' worth of good advice on how to do so safely.
EMC's Own Not-So-Little World
Commentary  |  5/19/2008  | 
After last night's party, which featured the Goo Goo Dolls, EMC World is in full swing. The morning keynotes said about what you'd expect them to say, talking about the huge growth in stored data and all the value that can be gotten from that data. Then, of course, there was a lot of talk about new products. And while I guess I shouldn't have been surprised, I was disappointed to hear almost nothing about interoperability or standards.
Standalone SRM
Commentary  |  5/19/2008  | 
In a recent briefing with a Storage Resource Management Software manufacturer I heard the quote that I have now heard 1,001 times; "Excel is the No. 1 Storage Resource Management software." People are using Excel to do SRM work more often than specific SRM tools. They are manually inputting storage capacity, storage used, and other storage information into Excel spreadsheets.
Afghan Hijacker Gets Job At Heathrow Airport
Commentary  |  5/19/2008  | 
When the authorities stopped him while he was driving around Terminal 5 (the new one) at Heathrow Airport, they thought he was an unlicensed cab driver. Turns out he is a convicted hijacker working as a cleaner at the airport. There's more ...
Check Point Pushes Virtualized Browser Protection
Commentary  |  5/19/2008  | 
Browser vulnerabilities and threats -- malware, drive-by downloads, etc. -- is fast becoming the new security battleground. A new Check Point Technologies release promises that this will be a new security products battleground too.
Optimizing Primary Storage
Commentary  |  5/16/2008  | 
Data deduplication has done much to optimize disk backup storage, but can those same efforts be successful in primary storage? Primary storage is, of course, different than secondary storage. Any latency can cause problems with applications and users. Thin provisioning, which I wrote about last week, can help a great deal, but once the data is actually written, the space is allocated. How can you make primary storage take up less space?
What's So Bad About An Air Force Botnet?
Commentary  |  5/15/2008  | 
Air Force Col. Charles W. Williamson III proposes the armed service branch ready and deploy a massive global botnet capable of digitally choking our adversaries. Some don't like the idea. I'm wondering why this botnet hasn't been built yet.
Symantec Spam Report: April Was The Cruelest Month
Commentary  |  5/15/2008  | 
Symantec's monthly Spam Report is out, just in time to remind us of what our queues and filters and networks all know -- spam is up and so, most likely is the blood pressure of everyone who has an e-mail account.
Grand Theft Auto IV Fans Under Assault
Commentary  |  5/14/2008  | 
Identity thieves, creative scourge that they are, are always looking for the most recent trend, craze, news event, or blockbuster hit to pin their phishing and social engineering scams on the unwitting. Now they're targeting the runaway hit Grand Theft Auto IV.
Saving Sun
Commentary  |  5/14/2008  | 
The current poll on InformationWeek's sister site Byte and Switch, "Sun Down," paints a very bleak outlook for Sun storage. The final question, "Do you think they should exit the storage hardware business?" has a surprising 57% say that it should. Can Sun save itself? Probably not, but I can ...
McAfee Spam Experiment Results: Spam Is Bad And There's Lots Of It
Commentary  |  5/14/2008  | 
All spam all the time -- that's what volunteers for McAfee's Global S.P.A.M (Spammed. Persistently. All. Month.) experiment looked for, and that's what they got when they turned in their brand-new, completely unprotected machines and opened themselves to the deluge.
Why Software Stinks
Commentary  |  5/13/2008  | 
Earlier this decade, many universities started adding cybersecurity as part of a well-rounded programming curriculum. Apparently, universities in the U.K. didn't get the memo.
You Think You've Really Destroyed That Data? Take A Look At What Got Recovered From Shuttle Columbia
Commentary  |  5/13/2008  | 
The loss of the Space Shuttle Columbia and its crew in 2003 continues to haunt many of us -- and, unexpectedly, has offered a lesson in the persistence of hard disk data.
Hacker Publishes Personal Data Of Six Million Onto Internet
Commentary  |  5/12/2008  | 
The hacker took the data from several government-run Web sites, then displayed the data for all to see.
Complete Virtualization
Commentary  |  5/12/2008  | 
As the economy slows down and budgets tighten up, once again IT professionals are being asked to do more with less (does anyone remember when you were allowed to do less with more?). How can you tighten up your storage processes one more time? The first technology that I would count on to help is virtualization. For virtualization to truly pay off it must be more than just server virtualization.
Backscatter Spam Spreading, Bouncemail Battle Heats Up
Commentary  |  5/9/2008  | 
Have you been backscatter or bounceback spammed yet? No? Be patient -- if your e-mail address has ever been published on the Web, the odds may be against you.
Data Moveage: How To Move Data And Live To Tell About It
Commentary  |  5/9/2008  | 
In a previous entry I wrote about the importance of moving data from primary storage to another platform. The roadblock is how to move that data from expensive storage to secondary storage. The traditional approach of deploying an agent on every server that monitors all the files and then moves files that haven't been accessed to a lower class of storage hasn't worked well in the enterprise. There are a variety of reasons, but most of the issues are the deployment and management of that many age
Firefox Provides Increased Security Over Internet Explorer? Not So Much.
Commentary  |  5/8/2008  | 
It's been reported that the Firefox Web browser has been distributing a Trojan horse application with the Vietnamese language pack. No one is sure how many users may have unwittingly downloaded the malware.
NFS Saved By VMware?
Commentary  |  5/8/2008  | 
Will NFS become the predominant storage deployment method for VMware implementations? NFS didn't need to be saved, but because of VMware its use has been broadened beyond the traditional Unix implementations. Instead of creating a LUN for each VMware Virtual Disk (VMDK), with NFS you manage multiple VMDK files on a single NFS Volume. This makes sense because VMDK's are files, not actual disks.
The Most Critical Factor To Attaining Organizational Security: You
Commentary  |  5/7/2008  | 
According to a study just released by consulting firm Frost & Sullivan, you -- that's right: you -- may be the most important factor in the security of your organization.
More On Disaster Recovery: Mind The Gaps In Your Plans
Commentary  |  5/7/2008  | 
We've talked a lot here about disaster recovery, and almost as much about planning for disaster recovery. In considering these, it's well-worth considering -- and looking for -- any hidden gaps or vulnerabilities that might bring even the best-laid plans to grief.
Data Keepage
Commentary  |  5/7/2008  | 
Your servers are probably bloated with data that is years old and yet despite your retention policy, if you have one, you keep it all. The relatively inexpensive price of disk capacity has made it easier to keep everything on primary disk storage. When you think of primary storage, you think of active data, databases, current documents, e-mail, etc. -- but because of the affordability of storage, it basically also has become the archive. Data is kept on disk, "just in case." It seems easier to s
Security Researchers Find Trove of Stolen Data
Commentary  |  5/6/2008  | 
A server used as a "drop site" for stolen and highly sensitive information has been uncovered by security researchers.
Manhole Covers: Gateways To Terrorism
Commentary  |  5/6/2008  | 
Fear mole-men with bombs. That, more or less, is the message from Manhole Barrier Security Systems, which on Monday warned that cities need to do more to protect against assaults on infrastructure launched by underground attackers.
Page 1 / 2   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-10-21
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the ...
PUBLISHED: 2021-10-21
A vulnerability in the web-based management interface of Cisco Tetration could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack on an affected system. This vulnerability exists because the web-based management interface does not sufficiently validate user...
PUBLISHED: 2021-10-21
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify various resources via a Cross-Site Request Forgery (CSRF) vulnerability, following an Information Disclosure vulnerability in the referrer headers which discloses a user's CSRF token. The affected versions ar...
PUBLISHED: 2021-10-21
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.
PUBLISHED: 2021-10-21
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this ad...