Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Author

 George V. Hulme
RSS
E-Mail

Profile of George V. Hulme

News & Commentary Posts: 529
An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.
Articles by George V. Hulme
posted in July 2008

Modeling IT Attacks

7/28/2008
Every day IT managers have to contend with an ever-changing risk environment. That's where good risk modeling can help.

Post a Comment

Disclosure Isn't Working

7/24/2008
After a decade of writing about IT security, I don't know how anyone would think this current system of disclose and patch is working. It's not.

Post a Comment

iPhone Is Owned Again; Yawn

7/20/2008
A little more than a week after Apple's shiny new iPhone 3G went on sale, a team of programmers say they've, once again, gained control over the highly coveted gadget.

Post a Comment

Securing Your Wireless Internet Connection (You Know You Should)

7/13/2008
Well, it's not really breaking news, security firm Kaspersky Lab is pointing out the obvious: that most home and small business wireless networks run at a low, or no, level of security. Kaspersky Lab also listed a handful of steps that could be taken to enhance your wireless security. And while it's all good advice, it left out one of the most important.

Post a Comment

Hacking The Hypervisor

7/8/2008
Security researchers from Invisible Things Lab will be demonstrating (they say) just how easy it is to hack the hypervisor. More specifically, they'll be discussing the (in)security of the Xen hypervisor, such as how to plant rootkits, how to bypass various hypervisor anti-subverting techniques, as well as how "Bluepills" can be used in bare-metal hypervisor compromises. They plan on releasing proof-of-concept code. This could get interesting.

Post a Comment

Identity Management As A Service

7/7/2008
Just before the long July 4 holiday weekend, I had a chance to speak with on-demand identity management start-up Symplified. This vendor is well capitalized and has veteran IdM leadership at its helm. It also wants to "revolutionize" the identity and assessment management (IdM) market. And it just might do so.

Post a Comment

Microsoft Readies Most Secure IE To Date

7/3/2008
Next month, should Microsoft make good on its promises, Internet Explorer 8 will pack some considerable security enhancements. Could Microsoft deliver not only the most widely used Web browser, but also the most secure?

Post a Comment

Hey You. Yeah, You: Patch Your Web Browser

7/1/2008
Roughly 59% of Internet users use the latest, more secure Web browsers, according to an examination of what version Web browser, down to the patch level, people are using. That means about 576 million Web surfers leave themselves vulnerable to attack. You might just (not) be surprised by who doesn't patch.

Post a Comment
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31664
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-33185
PUBLISHED: 2021-06-18
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-33186
PUBLISHED: 2021-06-18
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31272
PUBLISHED: 2021-06-18
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
CVE-2021-31660
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.