Dark Reading
Protect The Business - Enable Access
Do more than just cursory scans. Develop
a holistic approach to app security.
Find out how!
Learn to take the ambiguity out of managing IT so you can guide your business forward.
Download now!
Use these tips from Gartner to identify the EPP solution that best suits your business.
Download now!
Most Recent | 1 | 2 | 3 | 4
Around The Web
RED ORBIT
Microsoft: Recession Could Increase Cybercrime Threat
Layoffs could increase ranks of attackers, expert says
ELECTRONIC FRONTIER FOUNDATION
Computer Science Student Investigated For Allegedly Sending Email
Campus police seize computers, search dorm room
CANADA.COM
Hackers Steal Government, Corporate Data
Employees fooled by fake job listings in email
LETHBRIDGE HERALD
New Study Suggests Email Spam Could Be Harmful To The Environment
Cost of processing and filtering spam could be as much as 22 billion kilowatt hours annually
INFOWORLD
In Poor Economy, More IT Pros Could Turn To E-Crime
KPMG study says incidence of insider fraud has tripled since 2007
SOPHOS.COM
Malware Campaign Masquerades As Email From Courier
Malicious spam appears to be message from DHL about a package addressed to your company
eWEEK
Symantec Data Leak Remains Under Investigation
Principals still trying to find out how customer data made its way to undercover reporter
WWL TV
Katrina Evacuees May Have Had Personal Data Published On The Web
FEMA says public posting of data on 17,000 evacuees was "not authorized"
CHICAGO TRIBUNE
California Mortgage Broker Charged In Multi-million-Dollar Identity Theft Ring
Broker allegedly stole data from immigrants and children of those applying for mortgages
NEWS.COM.AU
Patients' Medical Records Leaked Online By Pathology Lab
Posting of personal information on lab's Website blamed on "processing error"
CHICAGO TRIBUNE
Man Faces Charges For Illegally Accessing Customer Data
Insurance broker allegedly used personal information to try to get customers to switch carriers
THE REGISTER
Smoking Power Supply Turns Up The Heat At Online Brokerage House
Overheated server causes evacuation at TD Ameritrade
YAHOO!
Consultant Gets Four Years In Prison For Malware Install
Contractor turned thousands of machines into zombies so he could steal data
ZDNET
RIM Records All Employee Calls
Blackberry maker tapes workers' conversations to protect intellectual property
ENTERPRISE STORAGE FORUM
Social Media ?? The Next Smoking Gun
Enterprises must develop policies for using social media, just as they did with email
COMPUTERWORLD
Photocopiers: The Newest ID Theft Threat
Newest models contain hard drives that store data in unencrypted form
SWITCHED
15 Phishing Scams To Watch Out For
If you haven't warned your employees about these, it's time to take action
TECHWORLD
New "Guru" App Lets Techies Fix Friends' PCs
Symantec to launch service that updates its venerable PC Anywhere product
SILICON REPUBLIC
Identity In A Crisis
Recession spurs creative methods of stealing data from jobseekers, vulnerable businesses
ANTI-FORENSICS
The Trojan Defense
A look at how users may cover their legal tracks by claiming that their computers were remotely controlled
Best Of Web Archive:
Most Recent | 1| 2| 3| 4
What A DDoS Can Cost
Network Security Technology Evolving Rapidly, Forrester Says
UNC Charlotte Breach Affected More Than 350,000
MORE KEYHOLE
Published:2010-11-03
Severity:High
Description:Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control (Aventail.EPInstaller) before 10.5.2 and 10.0.5 hotfix 3 allows remote attackers to execute arbitrary code via long (1) CabURL and (2) Location arguments to the Install3rdPartyComponent method.
Published:2010-11-03
Severity:High
Description:Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information.
Published:2010-11-03
Severity:Medium
Description:Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1) rs and (2) rsargs[] parameters.
Published:2010-11-03
Severity:High
Description:Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.
Published:2010-11-03
Severity:Medium
Description:SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006-2503, and CVE-2009-1033.
|
