Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in January 2008
Page 1 / 3   >   >>
Fortify Offers States Analysis
News  |  1/31/2008  | 
Secretaries of State are offered free source code analyzer to ensure security of state-owned electronic voting systems
Malware for Windows Is Widespread
News  |  1/31/2008  | 
BitDefender Lab's top 10 malware list for January reveals domination of malware exploiting Microsoft Windows Graphics
Spyware Threat Isn't Dead, Experts Say
News  |  1/31/2008  | 
Traditional spyware attacks being replaced by more clandestine, malware-style deployments
Startup Aims for Meatier Signatures
News  |  1/31/2008  | 
New technology promises more visibility into threats, fewer false positives
Stopping Google Blog Spam
News  |  1/31/2008  | 
Removing spam from your Google blog - in seven 'easy' steps
90% of Facebook Apps Have Unnecessary Access to Private Data
Quick Hits  |  1/31/2008  | 
Researcher is building a prototype to protect users' privacy from Facebook 'widgets'
Lumension Rolls Out Security Configuration
News  |  1/30/2008  | 
Lumension Security unveils new configuration management to help organizations streamline compliance, improve posture, and reduce costs
MessageLabs Releases Jan. Spam Report
News  |  1/30/2008  | 
MessageLabs intelligence: spammers exploit new year diffidence - financial uncertainties and personal insecurities
Paper Outlines Methods for Beating Anonymity Technology
News  |  1/30/2008  | 
University professor postulates multiple methods for collecting data on 'anonymous' users
'L0pht ' Reunion on Tap
News  |  1/30/2008  | 
Famed and controversial '90s hacker group plans on-stage get-together in March in Boston
Real Estate Investment Trusts Deploys NAC
News  |  1/30/2008  | 
One of nation's largest real estate investment trusts deploys Mirage Networks to protect against zeroday threats
IR for the Enterprise
News  |  1/30/2008  | 
Mandiant's new incident response appliance carries a big price tag, but comes with heavy-duty features
11 Truths We Hate to Admit
News  |  1/30/2008  | 
To get better, we need to admit we have a few problems
Real Men Don't Fear the Web
Quick Hits  |  1/30/2008  | 
Study reveals 'macho factor' in online security as many males express overconfidence in their system integrity
Researchers Expose 'Stupid Phisher Tricks'
News  |  1/29/2008  | 
Researchers discover that phishers aren't so good at covering their tracks and protecting their 'booty'
Researchers, Vendors Gear Up for Whaling Attacks
News  |  1/29/2008  | 
Increasingly sophisticated phishing exploits target top executives, wealthy end-users
Barracuda Responds to Trend Micro Lawsuit
News  |  1/29/2008  | 
Barracuda Networks defends free and open source software from patent threat by Trend Micro
Akonix: IM Threats More Sophisticated
News  |  1/29/2008  | 
Akonix issues warnings on trends in instant messaging threat activity; publishes January IM threat report
One-Fourth of iPhones Hacked to Bypass AT&T
Quick Hits  |  1/29/2008  | 
Analyst estimates that 1 million iPhones have been 'unlocked'
Klocwork Rolls Out Insight
News  |  1/28/2008  | 
Klocwork Insight delivers innovative, patent-pending technology to empower the developer community
IronPort Upgrades Email Security Appliance
News  |  1/28/2008  | 
IronPort eases messaging administrator's workload with advanced M-Series security management appliance
Exploit Could Taint Forensics
News  |  1/28/2008  | 
Cross-site request forgery (CSRF) attack could falsely implicate an innocent user
Societe Generale: How Did It Happen?
News  |  1/28/2008  | 
Investigation continues as French bank and others try to figure out how a junior trader lost $7B
Metasploit Gets User-Friendlier
News  |  1/28/2008  | 
Version 3.1 of the popular open hacking tool is available
FaceTime Discovers DIY Phishing Kit
News  |  1/28/2008  | 
FaceTime Security researchers expose 'do-it-yourself' phishing generator for hacking Webmail and social networking sites
Medical Clinic Goes NAC
News  |  1/28/2008  | 
Cooper Clinic secured via managed network access control deployment
Enterprises Rolling on Logs
Quick Hits  |  1/28/2008  | 
Once seen as a necessary evil, security logs are now becoming an everyday data source, survey says
Hackers Attack Scientology
Quick Hits  |  1/25/2008  | 
"Anonymous" group launches denial of service attacks on church sites in retribution for YouTube's withdrawal of Cruise video clip
Attackers Abuse Google Blogger
News  |  1/25/2008  | 
Blogger is flooded with phony blogs - including some that inject malware
University Nixes Cisco NAC for ConSentry's
News  |  1/25/2008  | 
Failed NAC installation led Fayetteville State University to go with a Cisco competitor for NAC and switching
Interview With a Web App Security Pro
News  |  1/24/2008  | 
If you're looking to hire a good Web application security expert, be sure you're asking the right questions
Feds Say 'Adios' to Admin Rights on Windows
News  |  1/24/2008  | 
The Federal Desktop Core Configuration mandate for Windows XP and Vista clients goes into effect on February 1
SecureMac Intros MacScan Family Pack
News  |  1/24/2008  | 
Anti-spyware software protects up to 3 computers on a home network
Microsoft: Vista Has Fewer Flaws Than Other First-Year OSes
News  |  1/23/2008  | 
Vista logged fewer vulnerabilities in its first year than XP, Red Hat, Ubuntu, and Apple Mac OS X did in their first years
Most Malware Now Comes From Legitimate Sites
Quick Hits  |  1/23/2008  | 
Biggest danger is no longer purpose-built malicious sites, but legit sites that are unwittingly distributing dangerous code
Keeping an Eye on the Weakest Link
News  |  1/23/2008  | 
Beware the vulnerabilities you create when you merge new units or acquisitions into your corporate network
Packet Analytics Launches Net/FSE
News  |  1/22/2008  | 
Packet Analytics launches Net/FSE, free downloadable network forensic search engine
BullGuard Offers Free Spam Filter
News  |  1/22/2008  | 
BullGuard declares war on spam with free Spamfilter
'Drive-By Pharming' Now a Reality, Researchers Say
News  |  1/22/2008  | 
Theoretical exploit that allows attackers to hijack DNS servers and routers has been spotted in the wild, Symantec says
FireEye Appoints 2 Execs
News  |  1/22/2008  | 
FireEye attracts 2 of the industry's most renowned security experts and technologists
New VOIP 'Call-Jacking' Hack Unleashed
News  |  1/22/2008  | 
Researchers release proof-of-concept for advanced phishing and stealing VOIP calls
SonicWall Aventail E-Class Gets Enhanced AV
News  |  1/22/2008  | 
SonicWall Aventail E Class remote access solution to offer enhanced integration with antivirus protection
Hacking Wireless Headsets
News  |  1/22/2008  | 
Those cool wireless headsets keep your hands free - and give hackers the ability to eavesdrop on your conversations
V.i. Labs Enhances CodeArmor
News  |  1/22/2008  | 
V.i. Labs unveils enhancements to CodeArmor for enterprise organizations and software vendors
Fortinet Warns Mobile Users of Worm
News  |  1/22/2008  | 
The FortiGuard Global Security Research Team discovered a new SymbianOS Worm actively spreading on various mobile phone networks
Criminal Gangs Hit Macs for 1st Time
News  |  1/21/2008  | 
New Sophos security report reveals cybercriminals moving beyond Microsoft
Panda Security Rolls Out Anti-Fraud Service
News  |  1/21/2008  | 
Panda Security uses 'collective intelligence' to stop online frauds with availability of Panda Security for internet transactions
A 'Swift' Kick to the Secure Development Process
News  |  1/18/2008  | 
New system makes it easier to write secure, robust, and high-performance Web applications
Tech Insight: Incident Response
News  |  1/18/2008  | 
IR tools speed up response time to a security breach and help minimize the damage
Los Alamos Labs Vets Launch Forensics Company
News  |  1/18/2008  | 
Startup Packet Analytics, founded by former DOE lab security analysts, to launch company, product on Tuesday
Page 1 / 3   >   >>


US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16680
PUBLISHED: 2019-09-21
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
CVE-2019-16681
PUBLISHED: 2019-09-21
The Traveloka application 3.14.0 for Android exports com.traveloka.android.activity.common.WebViewActivity, leading to file disclosure and XSS.
CVE-2019-16677
PUBLISHED: 2019-09-21
An issue was discovered in idreamsoft iCMS V7.0. admincp.php?app=members&do=del allows CSRF.
CVE-2019-16678
PUBLISHED: 2019-09-21
admin/urlrule/add.html in YzmCMS 5.3 allows CSRF with a resultant denial of service by adding a superseding route.
CVE-2019-16679
PUBLISHED: 2019-09-21
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion.