Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Content by DarkReadingTim

DarkReadingTim
Member Since: March 12, 2014
Strategist
Blog Posts: 1718
Posts: 238

posted in November 2009

25 items
Security Gets Top Billing On Cyber Monday
Quick Hits  |  11/30/2009  | 
FBI, others offer tips to protect shoppers during online shopping season
New Exploit Masquerades As Flash Player Upgrade
News  |  11/25/2009  | 
Phishing campaign has hit more than 3.5 million mailboxes, researchers say
Security Is Chief Obstacle To Cloud Computing Adoption, Study Says
Quick Hits  |  11/25/2009  | 
Half of organizations say they have no plans to use cloud technology; many cite security concerns
CSI Annual Report: Financial Fraud, Malware On The Increase
News  |  11/24/2009  | 
Security pros generally happy with products; not so much with awareness programs
Microsoft Warns Of Zero-Day Flaw In Older Versions Of IE
Quick Hits  |  11/24/2009  | 
Pointer reference flaw could enable attackers to run their own code on IE machines, software giant says
Employees Willing To Steal Data; Companies On The Alert
News  |  11/23/2009  | 
Separate studies offer a scary glimpse into the minds of employees, management
Many Enterprises Still Struggling With Remote Security, Cisco Study Finds
Quick Hits  |  11/23/2009  | 
Businesses still not prepared for mobile devices, operational disruptions, report says
Product Watch: Database Acquisition Could Help Check Point Handle Social Network Attacks
Quick Hits  |  11/23/2009  | 
Additional data will help Check Point provide security in Web 2.0 environs, officials say
Former Database Administrator Convicted Of Hacking His Old Firm
News  |  11/20/2009  | 
Ex-employee attacked his old database months after being terminated
Three Indicted For Comcast Site Hack
Quick Hits  |  11/20/2009  | 
'Kryogeniks' gang redirected traffic to its own Web page in 2008
ENISA Offers Security Recommendations For Cloud Services
News  |  11/19/2009  | 
New report outlines benefits and risks, offers guidelines for choosing providers
Product Watch: Ksplice Wins Global Cybersecurity Challenge
News  |  11/19/2009  | 
Startup recognized for software that delivers Linux security updates without a reboot
T-Mobile: Employee Data Theft Leads To U.K.'s Largest Data Breach
News  |  11/18/2009  | 
Employee sold millions of customer records to data brokers, reports say
The Perfect Holiday Gift For Any Security Pro: A Bruce Schneier Action Figure
Quick Hits  |  11/18/2009  | 
For $89, one of the industry's best-known experts will sit on your desk
Startup Promises 'Disruptive,' Hardware-Based Endpoint Security Solution
News  |  11/17/2009  | 
InZero box creates 'sandbox' that quarantines malware from PC, inventors say
Most Security Products Don't Initially Work As Intended, Study Says
News  |  11/16/2009  | 
In certification tests, many products fail in functionality or logging, ICSA/Verizon reports
D.A. Davidson Breach Case Nears Resolution
Quick Hits  |  11/16/2009  | 
Judge approves settlement of lawsuit; three Latvian suspects extradited
Product Watch: IBM Unveils New Virtual Server Security Offering
News  |  11/13/2009  | 
VMware offering will help users build security into virtualized data centers, Big Blue says
Security Pros Not Confident In Their Incident Response Plans, Study Says
Quick Hits  |  11/13/2009  | 
In survey, enterprises say they suffer an average of two breaches a year
Alleged $9 Million Hacking Ring Exposed
Quick Hits  |  11/11/2009  | 
Group broke into credit card systems at RBS Worldpay, DoJ says
MassMutual Warns Of Data Breach
Quick Hits  |  11/10/2009  | 
Database may have been compromised via third party vendor
Gumblar Botnet Resurges
Quick Hits  |  11/6/2009  | 
Reactivation of Gumblar.cn domain could have ripple effect, researchers say
Former Employees Face Five-Year Sentence After Allegedly Hacking Company Database
News  |  11/5/2009  | 
System access was still possible for almost two years using old passwords, indictment says
Corporate Breaches Increase Chances Of Consumer ID Theft, Study Says
News  |  11/4/2009  | 
When their data is leaked by a business, individuals are four times more likely to suffer identity theft, Javelin study says
IT Workers Building Security Into Their Career Strategies
Quick Hits  |  11/4/2009  | 
More tech professionals seeking security certifications, CompTIA study says


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-23599
PUBLISHED: 2022-01-28
Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross site scripting and open redirect when an attacker can get a compromised version of the image_view_fullscree...
CVE-2022-0395
PUBLISHED: 2022-01-28
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-21721
PUBLISHED: 2022-01-28
Next.js is a React framework. Starting with version 12.0.0 and prior to version 12.0.9, vulnerable code could allow a bad actor to trigger a denial of service attack for anyone using i18n functionality. In order to be affected by this CVE, one must use next start or a custom server and the built-in ...
CVE-2022-23598
PUBLISHED: 2022-01-28
laminas-form is a package for validating and displaying simple and complex forms. When rendering validation error messages via the `formElementErrors()` view helper shipped with laminas-form, many messages will contain the submitted value. However, in laminas-form prior to version 3.1.1, the value w...
CVE-2021-4160
PUBLISHED: 2022-01-28
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis sug...