Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in January 2008
Page 1 / 3   >   >>
Fortify Offers States Analysis
News  |  1/31/2008  | 
Secretaries of State are offered free source code analyzer to ensure security of state-owned electronic voting systems
Malware for Windows Is Widespread
News  |  1/31/2008  | 
BitDefender Lab's top 10 malware list for January reveals domination of malware exploiting Microsoft Windows Graphics
Spyware Threat Isn't Dead, Experts Say
News  |  1/31/2008  | 
Traditional spyware attacks being replaced by more clandestine, malware-style deployments
Startup Aims for Meatier Signatures
News  |  1/31/2008  | 
New technology promises more visibility into threats, fewer false positives
Stopping Google Blog Spam
News  |  1/31/2008  | 
Removing spam from your Google blog - in seven 'easy' steps
90% of Facebook Apps Have Unnecessary Access to Private Data
Quick Hits  |  1/31/2008  | 
Researcher is building a prototype to protect users' privacy from Facebook 'widgets'
Lumension Rolls Out Security Configuration
News  |  1/30/2008  | 
Lumension Security unveils new configuration management to help organizations streamline compliance, improve posture, and reduce costs
MessageLabs Releases Jan. Spam Report
News  |  1/30/2008  | 
MessageLabs intelligence: spammers exploit new year diffidence - financial uncertainties and personal insecurities
Paper Outlines Methods for Beating Anonymity Technology
News  |  1/30/2008  | 
University professor postulates multiple methods for collecting data on 'anonymous' users
'L0pht ' Reunion on Tap
News  |  1/30/2008  | 
Famed and controversial '90s hacker group plans on-stage get-together in March in Boston
Real Estate Investment Trusts Deploys NAC
News  |  1/30/2008  | 
One of nation's largest real estate investment trusts deploys Mirage Networks to protect against zeroday threats
IR for the Enterprise
News  |  1/30/2008  | 
Mandiant's new incident response appliance carries a big price tag, but comes with heavy-duty features
11 Truths We Hate to Admit
News  |  1/30/2008  | 
To get better, we need to admit we have a few problems
Real Men Don't Fear the Web
Quick Hits  |  1/30/2008  | 
Study reveals 'macho factor' in online security as many males express overconfidence in their system integrity
Researchers Expose 'Stupid Phisher Tricks'
News  |  1/29/2008  | 
Researchers discover that phishers aren't so good at covering their tracks and protecting their 'booty'
Researchers, Vendors Gear Up for Whaling Attacks
News  |  1/29/2008  | 
Increasingly sophisticated phishing exploits target top executives, wealthy end-users
Barracuda Responds to Trend Micro Lawsuit
News  |  1/29/2008  | 
Barracuda Networks defends free and open source software from patent threat by Trend Micro
Akonix: IM Threats More Sophisticated
News  |  1/29/2008  | 
Akonix issues warnings on trends in instant messaging threat activity; publishes January IM threat report
One-Fourth of iPhones Hacked to Bypass AT&T
Quick Hits  |  1/29/2008  | 
Analyst estimates that 1 million iPhones have been 'unlocked'
Klocwork Rolls Out Insight
News  |  1/28/2008  | 
Klocwork Insight delivers innovative, patent-pending technology to empower the developer community
IronPort Upgrades Email Security Appliance
News  |  1/28/2008  | 
IronPort eases messaging administrator's workload with advanced M-Series security management appliance
Exploit Could Taint Forensics
News  |  1/28/2008  | 
Cross-site request forgery (CSRF) attack could falsely implicate an innocent user
Societe Generale: How Did It Happen?
News  |  1/28/2008  | 
Investigation continues as French bank and others try to figure out how a junior trader lost $7B
Metasploit Gets User-Friendlier
News  |  1/28/2008  | 
Version 3.1 of the popular open hacking tool is available
FaceTime Discovers DIY Phishing Kit
News  |  1/28/2008  | 
FaceTime Security researchers expose 'do-it-yourself' phishing generator for hacking Webmail and social networking sites
Medical Clinic Goes NAC
News  |  1/28/2008  | 
Cooper Clinic secured via managed network access control deployment
Enterprises Rolling on Logs
Quick Hits  |  1/28/2008  | 
Once seen as a necessary evil, security logs are now becoming an everyday data source, survey says
Hackers Attack Scientology
Quick Hits  |  1/25/2008  | 
"Anonymous" group launches denial of service attacks on church sites in retribution for YouTube's withdrawal of Cruise video clip
Attackers Abuse Google Blogger
News  |  1/25/2008  | 
Blogger is flooded with phony blogs - including some that inject malware
University Nixes Cisco NAC for ConSentry's
News  |  1/25/2008  | 
Failed NAC installation led Fayetteville State University to go with a Cisco competitor for NAC and switching
Interview With a Web App Security Pro
News  |  1/24/2008  | 
If you're looking to hire a good Web application security expert, be sure you're asking the right questions
Feds Say 'Adios' to Admin Rights on Windows
News  |  1/24/2008  | 
The Federal Desktop Core Configuration mandate for Windows XP and Vista clients goes into effect on February 1
SecureMac Intros MacScan Family Pack
News  |  1/24/2008  | 
Anti-spyware software protects up to 3 computers on a home network
Microsoft: Vista Has Fewer Flaws Than Other First-Year OSes
News  |  1/23/2008  | 
Vista logged fewer vulnerabilities in its first year than XP, Red Hat, Ubuntu, and Apple Mac OS X did in their first years
Most Malware Now Comes From Legitimate Sites
Quick Hits  |  1/23/2008  | 
Biggest danger is no longer purpose-built malicious sites, but legit sites that are unwittingly distributing dangerous code
Keeping an Eye on the Weakest Link
News  |  1/23/2008  | 
Beware the vulnerabilities you create when you merge new units or acquisitions into your corporate network
Packet Analytics Launches Net/FSE
News  |  1/22/2008  | 
Packet Analytics launches Net/FSE, free downloadable network forensic search engine
BullGuard Offers Free Spam Filter
News  |  1/22/2008  | 
BullGuard declares war on spam with free Spamfilter
'Drive-By Pharming' Now a Reality, Researchers Say
News  |  1/22/2008  | 
Theoretical exploit that allows attackers to hijack DNS servers and routers has been spotted in the wild, Symantec says
FireEye Appoints 2 Execs
News  |  1/22/2008  | 
FireEye attracts 2 of the industry's most renowned security experts and technologists
New VOIP 'Call-Jacking' Hack Unleashed
News  |  1/22/2008  | 
Researchers release proof-of-concept for advanced phishing and stealing VOIP calls
SonicWall Aventail E-Class Gets Enhanced AV
News  |  1/22/2008  | 
SonicWall Aventail E Class remote access solution to offer enhanced integration with antivirus protection
Hacking Wireless Headsets
News  |  1/22/2008  | 
Those cool wireless headsets keep your hands free - and give hackers the ability to eavesdrop on your conversations
V.i. Labs Enhances CodeArmor
News  |  1/22/2008  | 
V.i. Labs unveils enhancements to CodeArmor for enterprise organizations and software vendors
Fortinet Warns Mobile Users of Worm
News  |  1/22/2008  | 
The FortiGuard Global Security Research Team discovered a new SymbianOS Worm actively spreading on various mobile phone networks
Criminal Gangs Hit Macs for 1st Time
News  |  1/21/2008  | 
New Sophos security report reveals cybercriminals moving beyond Microsoft
Panda Security Rolls Out Anti-Fraud Service
News  |  1/21/2008  | 
Panda Security uses 'collective intelligence' to stop online frauds with availability of Panda Security for internet transactions
A 'Swift' Kick to the Secure Development Process
News  |  1/18/2008  | 
New system makes it easier to write secure, robust, and high-performance Web applications
Tech Insight: Incident Response
News  |  1/18/2008  | 
IR tools speed up response time to a security breach and help minimize the damage
Los Alamos Labs Vets Launch Forensics Company
News  |  1/18/2008  | 
Startup Packet Analytics, founded by former DOE lab security analysts, to launch company, product on Tuesday
Page 1 / 3   >   >>


The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
The State of Email Security and Protection
Mike Flouton, Vice President of Email Security at Barracuda Networks,  11/5/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprise
Assessing Cybersecurity Risk in Today's Enterprise
Security leaders are struggling to understand their organizations risk exposure. While many are confident in their security strategies and processes, theyre also more concerned than ever about getting breached. Download this report today and get insights on how today's enterprises assess and perceive the risks they face in 2019!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18881
PUBLISHED: 2019-11-12
WSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in the dashboard user profile.
CVE-2019-18882
PUBLISHED: 2019-11-12
WSO2 IS as Key Manager 5.7.0 allows stored XSS in download-userinfo.jag because Content-Type is mishandled.
CVE-2019-18873
PUBLISHED: 2019-11-12
FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the pa...
CVE-2019-18874
PUBLISHED: 2019-11-12
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
CVE-2019-18862
PUBLISHED: 2019-11-11
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.