Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in December 2007
Page 1 / 3   >   >>
FTC Ups the Ante on Fighting Spam, Phishing
Quick Hits  |  12/31/2007  | 
Federal Trade Commission report calls for authenticated email, reputation services, and better consumer anti-spam reporting tools
Secure Resolutions
News  |  12/31/2007  | 
Skip the diet and spend more time in the lab
The Five Coolest Hacks of 2007
News  |  12/31/2007  | 
Nothing was sacred - not cars, not truckers, not even the stock exchange
Hackers Take the Holidays
News  |  12/30/2007  | 
Christmas, New Year's, or St. Swithin's Day, attackers always seem to be in a holiday mood
The Prank That Could Kill You
News  |  12/30/2007  | 
'Swatting' is becoming increasingly popular - with potentially dangerous consequences
US-Based Chinese News Site Gets DDOSed
Quick Hits  |  12/28/2007  | 
Attack knocks out 2,000 Chinese dissident blogs hosted on the site
Security's Biggest Train Wrecks of 2007
News  |  12/27/2007  | 
We've seen a boxcar o' breaches and break-ins this year, but these were the most grisly - and the hardest to take our eyes from
Emerging Threats Could Help Security Pros
Quick Hits  |  12/26/2007  | 
New Website aims to make security data more useful and available
Storm Darkens Christmas, Takes Aim at New Year's
News  |  12/26/2007  | 
Botnet takes a holiday on users' computers
The Gifts That Keep on Giving
News  |  12/26/2007  | 
Holiday gifts of gadgets and storage devices can create nightmares for IT
IT Consultant Hacks Former Client
Quick Hits  |  12/26/2007  | 
Angered over business deal, consultant wipes out former client's customer database
Tech Insight: Microsoft's IPSec
News  |  12/21/2007  | 
Windows' built-in security capabilities offer endpoint alternative to NAP/NAC
Privacy Goes Public
News  |  12/21/2007  | 
While end users remain confused about online privacy issues, enterprises - and vendors - now make it their business
Cisco Broadens Threat Picture With New Report
News  |  12/20/2007  | 
First-time annual study offers insights on human, physical aspects of security as well as attacks and vulnerabilities
Alleged Phishing 'Mules' Arrested
News  |  12/20/2007  | 
Fourteen ABN AMRO customers were recruited by cybercriminals to launder stolen bank account funds
BitDefender Unveils 2008 Predictions
News  |  12/20/2007  | 
Mobile devices expected to be major target for cyber criminals
'Super Spam Me'
Quick Hits  |  12/20/2007  | 
McAfee studies effects of replying to unwanted email
Navigating the 'C' of Network Discovery
News  |  12/19/2007  | 
10:12 AM -- You have to find it before you can secure it
Amid Confusion, Market for ID Theft Services Grows
News  |  12/19/2007  | 
Baffled by conflicting information, consumers increasingly drawn into web of 'theft prevention' offerings
Google's Orkut Social Network Hacked
News  |  12/19/2007  | 
Hundreds of thousands of users infected by XSS worm hidden in messages from 'friends'
Data Loss Is Top Concern in Microsoft Poll
Quick Hits  |  12/19/2007  | 
Software giant sees sharp decline in worries about malware
Pen Testing Goes Reality TV
News  |  12/19/2007  | 
New CourtTV documentary 'Tiger Team' will follow real pen testers hired to hack businesses
Putting Up Your Cyber Defenses
News  |  12/19/2007  | 
It's time to start thinking about protecting your systems - and your employees - in the event of attacks from foreign entities
Klocwork to Support Symbian OS
News  |  12/18/2007  | 
Klocwork joins Symbian Platinum Program
Hacking a New DNS Attack
News  |  12/18/2007  | 
DNS expert disputes Georgia Tech and Google research that points to malicious deployment of certain types of DNS servers
Internet Privacy: No Big Deal?
News  |  12/18/2007  | 
Despite warnings, users continue to post personal information on the Web
BitDefender Detects New Trojan
News  |  12/18/2007  | 
BitDefender detects new Trojan that hijacks Google text advertisements
BitDefender Recaps Top Threats
News  |  12/18/2007  | 
BitDefender also predicts continued growth of political spam in recap of top spam for 2007
Disney, Home Depot Get Poor Privacy Marks
Quick Hits  |  12/18/2007  | 
Ralph Lauren is among the best, public interest group says
Cenzic Reports New Gmail, IE Bugs
News  |  12/17/2007  | 
Cenzic discovers vulnerabilities and potential threats in Google and Microsoft software
Perimeter eSecurity Makes 2008 Resolutions
News  |  12/17/2007  | 
Layered security needed now more than ever to protect against the ongoing flood of external & internal threats
eEye Ship Not 'Sinking,' CEO Says
Quick Hits  |  12/17/2007  | 
Revenues in software and services up 53% over last year, says Kamal Arafeh
Redefining the Perimeter
News  |  12/17/2007  | 
Mobile devices offer great flexibility for users, but be sure you apply the right security rules
Data on 3M UK Drivers 'Lost in Iowa'
News  |  12/17/2007  | 
Misplaced hard drive adds to furor over lost tax data
Veracode Now Scans for Software Backdoors
News  |  12/17/2007  | 
Veracode shines spotlight on software backdoors as an emerging threat
New Service Detects Backdoors in Software
News  |  12/17/2007  | 
Veracode identifies different types of these hidden programs in applications, adds a 'metal detector' for detecting them
Breaches Cause Skittish Attitudes Among Holiday Shoppers
News  |  12/14/2007  | 
Many consumers no longer sure of the security of their transactions, study says
New Plug-ins Help Firefox Find XSS, SQL Injection
News  |  12/14/2007  | 
Powerful tools help identify vulnerabilities, but use them advisedly
Man Uses Toaster to Hack Computer
Quick Hits  |  12/14/2007  | 
And no, we don't mean it the other way around
SkyRecon IDs New Microsoft Vista Vulnerability
News  |  12/14/2007  | 
SkyRecon research team provides information leading to patch of Vista flaw
Spam Reaching Record Volumes, Researchers Say
News  |  12/13/2007  | 
Study says 95% of all email is now spam
Report: Security Becoming Business Tool
News  |  12/13/2007  | 
Compliance, privacy and data protection, and meeting business objectives are top three drivers for security
Quick Website Vulnerability Self-Test
Quick Hits  |  12/13/2007  | 
Breach Security offers simple test you can do on your own to check for Website flaws
Study: Breaches of Personal Data Now Prevalent in Enterprises
News  |  12/12/2007  | 
Eighty-five percent of enterprises have experienced at least one reportable incident in the past 12 months
Careful What You Buy
News  |  12/12/2007  | 
Before you put sign the check, make sure you've covered all the options for solving your security problem
Predicting Peril
News  |  12/12/2007  | 
We may not be able to predict the next big attack, but we can identify the trends that will spawn it
Maiffret Says Bye to eEye
News  |  12/12/2007  | 
eEye co-founder Marc Maiffret, 27, has quietly left the security firm he started at age 17
Untangle Surpasses 100K Users
News  |  12/12/2007  | 
Untangle, the pioneer in open source network gateway platforms, announced that it has surpassed the 100,000 users milestone
'You've Got Cross-Site Scripting'
News  |  12/12/2007  | 
Free email alert service lets customers know when an XSS vulnerability is found on their sites
FTC Charges Payment Processor in Fraud Scam
Quick Hits  |  12/12/2007  | 
Third-party payment services aided Internet scammers in attempting $200M in online fraud, FTC says
Page 1 / 3   >   >>


7 Tips for Infosec Pros Considering A Lateral Career Move
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2020
For Mismanaged SOCs, The Price Is Not Right
Kelly Sheridan, Staff Editor, Dark Reading,  1/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-3154
PUBLISHED: 2020-01-27
CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email.
CVE-2019-17190
PUBLISHED: 2020-01-27
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe (which is running as NT AUTHORITY\SYSTEM) when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, the...
CVE-2014-8161
PUBLISHED: 2020-01-27
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.
CVE-2014-9481
PUBLISHED: 2020-01-27
The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML.
CVE-2015-0241
PUBLISHED: 2020-01-27
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric ...