Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Author

 George V. Hulme
RSS
E-Mail

Profile of George V. Hulme

News & Commentary Posts: 529
An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.
Articles by George V. Hulme
posted in November 2008

London Hospitals Still Sick From Virus Breach

11/19/2008
I was reading Graham Cluley's blog at Sophos earlier this week about a virus infection (the computer kind) at a number of U.K.-based hospitals. I pretty much passed over this story until I learned just how badly the hospitals were prepared for this.

Post a Comment

Thompson Era At Symantec Drawing To A Close

11/18/2008
Yesterday, the news broke that decade-long Symantec veteran John Thompson would be retiring. Symantec's board of directors appointed Enrique T. Salem, currently chief operating officer at the company, to be president and chief executive officer effective April 4, 2009.

Post a Comment

Palin E-Mail Hacker Trial Delayed

11/16/2008
The trial of David "Popcorn" Kernell, the 20-something student who has been accused of hacking then vice president-hopeful Sarah Palin's Yahoo e-mail account, has been postponed.

Post a Comment

Pssst. What's Your Password?

11/14/2008
Your company invests heavily in provisioning and identity management software. Password are to be changed every 90 days or so. The goal is to make sure accounts are secure and users are accountable for their actions. Problem is: Everyone is sharing passwords.

Post a Comment

Visa To Test New Credit Card Security Tactic

11/12/2008
Credit cards were never designed for online purchases. They were designed more than 50 years ago for face-to-face purchases, yet credit card companies and online merchants continue to try to re-tool credit cards as viable for online payments.

Post a Comment

Apple iLife Gets Security Fix

11/10/2008
Apple today announced a serious security fix for iLife 8.0, Aperture 2, and Max OS 10.4.9 through 10.4.11. Each of the security flaws, if left unpatched, could lead to "arbitrary code execution," which means attackers could run code of their choice on your system.

Post a Comment

The Worst Way To Learn Of A Data Breach

11/7/2008
While there's no welcomed way to learn that your customer data has been compromised, perhaps the worst way is to learn via an extortion letter. Pay up, or we'll expose millions of patient records, threatens a letter to Express Scripts.

Post a Comment

Adobe Patches PDF Flaw

11/4/2008
Security firm Core Security Technologies is warning users that Adobe Reader versions 8.1.2 and earlier are vulnerable to specially crafted PDF files that could be used gain access to authorized systems. You might want to check which version of Adobe Reader you're using.

Post a Comment

Windows Update To Get An Update

11/3/2008
According to the Microsoft Update blog, a substantial update to the Windows Update agent is on the way. The company says this update should increase the speed with which it will scan your system, as well as the number of patches it can download.

Post a Comment
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-18442
PUBLISHED: 2021-06-18
Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".
CVE-2021-3604
PUBLISHED: 2021-06-18
Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information of users and administrator accounts stored in the database.
CVE-2005-2795
PUBLISHED: 2021-06-18
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2021-32954
PUBLISHED: 2021-06-18
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system.
CVE-2021-32956
PUBLISHED: 2021-06-18
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an attacker to send a maliciously crafted URL that could result in redirecting a user to a malicious webpage.