Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in January 2008
Page 1 / 3   >   >>
Fortify Offers States Analysis
News  |  1/31/2008  | 
Secretaries of State are offered free source code analyzer to ensure security of state-owned electronic voting systems
Malware for Windows Is Widespread
News  |  1/31/2008  | 
BitDefender Lab's top 10 malware list for January reveals domination of malware exploiting Microsoft Windows Graphics
Spyware Threat Isn't Dead, Experts Say
News  |  1/31/2008  | 
Traditional spyware attacks being replaced by more clandestine, malware-style deployments
Startup Aims for Meatier Signatures
News  |  1/31/2008  | 
New technology promises more visibility into threats, fewer false positives
Stopping Google Blog Spam
News  |  1/31/2008  | 
Removing spam from your Google blog - in seven 'easy' steps
90% of Facebook Apps Have Unnecessary Access to Private Data
Quick Hits  |  1/31/2008  | 
Researcher is building a prototype to protect users' privacy from Facebook 'widgets'
Lumension Rolls Out Security Configuration
News  |  1/30/2008  | 
Lumension Security unveils new configuration management to help organizations streamline compliance, improve posture, and reduce costs
MessageLabs Releases Jan. Spam Report
News  |  1/30/2008  | 
MessageLabs intelligence: spammers exploit new year diffidence - financial uncertainties and personal insecurities
Paper Outlines Methods for Beating Anonymity Technology
News  |  1/30/2008  | 
University professor postulates multiple methods for collecting data on 'anonymous' users
'L0pht ' Reunion on Tap
News  |  1/30/2008  | 
Famed and controversial '90s hacker group plans on-stage get-together in March in Boston
Real Estate Investment Trusts Deploys NAC
News  |  1/30/2008  | 
One of nation's largest real estate investment trusts deploys Mirage Networks to protect against zeroday threats
IR for the Enterprise
News  |  1/30/2008  | 
Mandiant's new incident response appliance carries a big price tag, but comes with heavy-duty features
11 Truths We Hate to Admit
News  |  1/30/2008  | 
To get better, we need to admit we have a few problems
Real Men Don't Fear the Web
Quick Hits  |  1/30/2008  | 
Study reveals 'macho factor' in online security as many males express overconfidence in their system integrity
Researchers Expose 'Stupid Phisher Tricks'
News  |  1/29/2008  | 
Researchers discover that phishers aren't so good at covering their tracks and protecting their 'booty'
Researchers, Vendors Gear Up for Whaling Attacks
News  |  1/29/2008  | 
Increasingly sophisticated phishing exploits target top executives, wealthy end-users
Barracuda Responds to Trend Micro Lawsuit
News  |  1/29/2008  | 
Barracuda Networks defends free and open source software from patent threat by Trend Micro
Akonix: IM Threats More Sophisticated
News  |  1/29/2008  | 
Akonix issues warnings on trends in instant messaging threat activity; publishes January IM threat report
One-Fourth of iPhones Hacked to Bypass AT&T
Quick Hits  |  1/29/2008  | 
Analyst estimates that 1 million iPhones have been 'unlocked'
Klocwork Rolls Out Insight
News  |  1/28/2008  | 
Klocwork Insight delivers innovative, patent-pending technology to empower the developer community
IronPort Upgrades Email Security Appliance
News  |  1/28/2008  | 
IronPort eases messaging administrator's workload with advanced M-Series security management appliance
Exploit Could Taint Forensics
News  |  1/28/2008  | 
Cross-site request forgery (CSRF) attack could falsely implicate an innocent user
Societe Generale: How Did It Happen?
News  |  1/28/2008  | 
Investigation continues as French bank and others try to figure out how a junior trader lost $7B
Metasploit Gets User-Friendlier
News  |  1/28/2008  | 
Version 3.1 of the popular open hacking tool is available
FaceTime Discovers DIY Phishing Kit
News  |  1/28/2008  | 
FaceTime Security researchers expose 'do-it-yourself' phishing generator for hacking Webmail and social networking sites
Medical Clinic Goes NAC
News  |  1/28/2008  | 
Cooper Clinic secured via managed network access control deployment
Enterprises Rolling on Logs
Quick Hits  |  1/28/2008  | 
Once seen as a necessary evil, security logs are now becoming an everyday data source, survey says
Hackers Attack Scientology
Quick Hits  |  1/25/2008  | 
"Anonymous" group launches denial of service attacks on church sites in retribution for YouTube's withdrawal of Cruise video clip
Attackers Abuse Google Blogger
News  |  1/25/2008  | 
Blogger is flooded with phony blogs - including some that inject malware
University Nixes Cisco NAC for ConSentry's
News  |  1/25/2008  | 
Failed NAC installation led Fayetteville State University to go with a Cisco competitor for NAC and switching
Interview With a Web App Security Pro
News  |  1/24/2008  | 
If you're looking to hire a good Web application security expert, be sure you're asking the right questions
Feds Say 'Adios' to Admin Rights on Windows
News  |  1/24/2008  | 
The Federal Desktop Core Configuration mandate for Windows XP and Vista clients goes into effect on February 1
SecureMac Intros MacScan Family Pack
News  |  1/24/2008  | 
Anti-spyware software protects up to 3 computers on a home network
Microsoft: Vista Has Fewer Flaws Than Other First-Year OSes
News  |  1/23/2008  | 
Vista logged fewer vulnerabilities in its first year than XP, Red Hat, Ubuntu, and Apple Mac OS X did in their first years
Most Malware Now Comes From Legitimate Sites
Quick Hits  |  1/23/2008  | 
Biggest danger is no longer purpose-built malicious sites, but legit sites that are unwittingly distributing dangerous code
Keeping an Eye on the Weakest Link
News  |  1/23/2008  | 
Beware the vulnerabilities you create when you merge new units or acquisitions into your corporate network
Packet Analytics Launches Net/FSE
News  |  1/22/2008  | 
Packet Analytics launches Net/FSE, free downloadable network forensic search engine
BullGuard Offers Free Spam Filter
News  |  1/22/2008  | 
BullGuard declares war on spam with free Spamfilter
'Drive-By Pharming' Now a Reality, Researchers Say
News  |  1/22/2008  | 
Theoretical exploit that allows attackers to hijack DNS servers and routers has been spotted in the wild, Symantec says
FireEye Appoints 2 Execs
News  |  1/22/2008  | 
FireEye attracts 2 of the industry's most renowned security experts and technologists
New VOIP 'Call-Jacking' Hack Unleashed
News  |  1/22/2008  | 
Researchers release proof-of-concept for advanced phishing and stealing VOIP calls
SonicWall Aventail E-Class Gets Enhanced AV
News  |  1/22/2008  | 
SonicWall Aventail E Class remote access solution to offer enhanced integration with antivirus protection
Hacking Wireless Headsets
News  |  1/22/2008  | 
Those cool wireless headsets keep your hands free - and give hackers the ability to eavesdrop on your conversations
V.i. Labs Enhances CodeArmor
News  |  1/22/2008  | 
V.i. Labs unveils enhancements to CodeArmor for enterprise organizations and software vendors
Fortinet Warns Mobile Users of Worm
News  |  1/22/2008  | 
The FortiGuard Global Security Research Team discovered a new SymbianOS Worm actively spreading on various mobile phone networks
Criminal Gangs Hit Macs for 1st Time
News  |  1/21/2008  | 
New Sophos security report reveals cybercriminals moving beyond Microsoft
Panda Security Rolls Out Anti-Fraud Service
News  |  1/21/2008  | 
Panda Security uses 'collective intelligence' to stop online frauds with availability of Panda Security for internet transactions
A 'Swift' Kick to the Secure Development Process
News  |  1/18/2008  | 
New system makes it easier to write secure, robust, and high-performance Web applications
Tech Insight: Incident Response
News  |  1/18/2008  | 
IR tools speed up response time to a security breach and help minimize the damage
Los Alamos Labs Vets Launch Forensics Company
News  |  1/18/2008  | 
Startup Packet Analytics, founded by former DOE lab security analysts, to launch company, product on Tuesday
Page 1 / 3   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-10-19
A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is written. The highest threat from this vulnerability ...
PUBLISHED: 2021-10-19
FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any changes have been made before copying the new version in. In particular, it uses the MD5File() function, which takes a pathname as an argument, and is called with euid 0. A race condition in this process may...
PUBLISHED: 2021-10-19
A potential security vulnerability has been identified in HPE Superdome Flex Servers. The vulnerability could be remotely exploited to allow Cross Site Scripting (XSS) because the Session Cookie is missing an HttpOnly Attribute. HPE has provided a firmware update to resolve the vulnerability in HPE ...
PUBLISHED: 2021-10-19
Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period.
PUBLISHED: 2021-10-19
WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram (versions <= 2.0.2) vulnerable at "Headline" (&message_data[16][headline]) input.