Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Content by DarkReadingTim

DarkReadingTim
Member Since: March 12, 2014
Strategist
Blog Posts: 1718
Posts: 238

posted in October 2008

27 items
Trojan Caught Stealing Data From Hundreds of Thousands
Quick Hits  |  10/31/2008  | 
Sinowal has been capturing data for almost three years without leaving a trace, RSA says
Recycled Tapes Yield Data On Former Owners
News  |  10/30/2008  | 
Study of 100 "recertified" tapes turns up sensitive data from major bank, hospital
Employees: Security Policies Are Unrealistic
Quick Hits  |  10/28/2008  | 
Many say they must break rules to get their jobs done
Security Weathering Economic Storm
News  |  10/28/2008  | 
Despite a flood of poor financial results, enterprises are finding the cash to fund security initiatives -- and even grow them
Dark Reading's New Look
Commentary  |  10/28/2008  | 
Take a close look at today's edition of Dark Reading. Notice anything different? Take a closer look. We think you'll like what you see. After nearly three years of bringing you the best -- and the scariest -- of security news and information, Dark Reading has undergone a bit of a makeover. The changes we're making aren't drastic, and, as with most new releases, we're not guaranteeing they'll all work perfectly right out of the box. But we
WiFi Availability Explodes, But Many Networks Remain Insecure
Quick Hits  |  10/27/2008  | 
RSA study indicates WiFi networks are growing, but security is still vulnerable
FTC Pushes Back 'Red Flag' Deadline
Quick Hits  |  10/24/2008  | 
Companies have another six months to develop identity theft prevention programs
A Can't-Miss Event You Can't Miss
Commentary  |  10/23/2008  | 
Usually, if you miss an industry event, you're out of luck. As Dark Reading winds up today's big virtual security event, though, I suddenly realize -- it's not over yet. "Risk, Protection, and Access: Mastering Today's Security Threats," originally held on Oct. 23, was the first-ever virtual conference co-produced by Dark Reading and our big sister publication,
Compliance Costs Increasing, Study Says
Quick Hits  |  10/22/2008  | 
Despite progress in compliance projects, most companies spent more in the past year than they did the year before
When Dates Attack
Quick Hits  |  10/20/2008  | 
Dating 'alert' sites allow women to put an 'ex' on trial without rebuttal
ANSI Launches Guide to Help Calculate Cyber Security Risk
News  |  10/20/2008  | 
Standards body advocates multi-disciplinary approach to security breach planning
'Human Error' Exposes Personal Information of 3,300 in Indianapolis
Quick Hits  |  10/17/2008  | 
Spreadsheet sat on city Web server for at least 11 days
Test Shows Shortcomings of Antivirus Programs
News  |  10/15/2008  | 
Symantec is leader in very weak field of AV products, Secunia study says
Users Know Security Policy & Break It Anyway, Study Says
Quick Hits  |  10/15/2008  | 
Many users feel they need to work around company security rules, according to RSA research
Intellectual Property Bill Becomes Law: Critics Say It Goes Too Far
News  |  10/14/2008  | 
New law gives authorities more leeway to prosecute thieves who steal sensitive data for piracy or espionage
UK Ministry of Defense Loses Hard Drive Containing Data on 700,000
Quick Hits  |  10/10/2008  | 
Officials still not sure whether drive was stolen or misplaced
The Six Most Promising Security Startups of 2008
News  |  10/10/2008  | 
Judges unveil six finalists in the annual Global Security Challenge
Symantec Scoops Up MessageLabs in $700M Deal
News  |  10/8/2008  | 
MessageLabs boosts Symantec's software-as-a-service business, executives say
Palin Hacker Indicted
Quick Hits  |  10/8/2008  | 
Son of Tennessee Democrat goes before grand jury
Users, Enterprises Pay for Poor Privacy Policies, Study Says
News  |  10/7/2008  | 
Research paper seeks to quantify loss of time spent reading confusing, overwritten privacy policies
FTC Nails List Broker for Aiding in Telemarketing Fraud
Quick Hits  |  10/6/2008  | 
List broker allegedly helped fraudsters sell 'advance-fee' credit cards by giving them unencrypted consumer data
Deutsche Telekom & T-Mobile Confirm Theft of Personal Data on 17M Customers
News  |  10/6/2008  | 
Data stolen in 2006 is already in use by criminals, reports say
Targeted Attacks, DNS Issues Hit Home in New CSI Report
News  |  10/3/2008  | 
Insider abuse shows marked drop-off in 13th annual survey by Computer Security Institute
Two Indicted for DDOS 'Hit' on US Satellite Providers
Quick Hits  |  10/3/2008  | 
European attackers allegedly hired by rival satellite provider, Justice Dept. says
Why Risk Management Doesn't Work
News  |  10/2/2008  | 
Two new studies challenge current wisdom about calculating an enterprise's security risk -- and recommend rethinking the process
'Super Users' Could Threaten Database Security, Study Says
Quick Hits  |  10/1/2008  | 
Survey by Independent Oracle Users Group says most database administrators haven't implemented proper defenses
IBM Takes On Retail Crime
News  |  10/1/2008  | 
New package of integrated products and services offered as alternative to current mishmash of in-store security technology


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-23599
PUBLISHED: 2022-01-28
Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross site scripting and open redirect when an attacker can get a compromised version of the image_view_fullscree...
CVE-2022-0395
PUBLISHED: 2022-01-28
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-21721
PUBLISHED: 2022-01-28
Next.js is a React framework. Starting with version 12.0.0 and prior to version 12.0.9, vulnerable code could allow a bad actor to trigger a denial of service attack for anyone using i18n functionality. In order to be affected by this CVE, one must use next start or a custom server and the built-in ...
CVE-2022-23598
PUBLISHED: 2022-01-28
laminas-form is a package for validating and displaying simple and complex forms. When rendering validation error messages via the `formElementErrors()` view helper shipped with laminas-form, many messages will contain the submitted value. However, in laminas-form prior to version 3.1.1, the value w...
CVE-2021-4160
PUBLISHED: 2022-01-28
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis sug...