Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in February 2008
Page 1 / 2   >   >>
'Phone Flu' Could Infect Mobile Devices
Quick Hits  |  2/29/2008  | 
Researchers demonstrate ability of wireless devices to pass viruses through close proximity
Tech Insight: Hacking Your Encryption Options
News  |  2/29/2008  | 
Choosing the right encryption solution isn't always easy
Researchers Name Top Six Spamming Botnets
News  |  2/28/2008  | 
Marshal researchers say six botnets are sending 85% of the world's spam
Study: Consumers Don't Use Anti-Phishing Defenses
News  |  2/27/2008  | 
Much-ballyhooed 'green bar' is lost on most end consumers
Stolen FTP Credentials Offered for Sale: Major Firms at Risk
News  |  2/27/2008  | 
Nearly 9,000 stolen FTP server admin credentials offered with an automated crimeware kit, Finjan says
Hacker Steals Data on 18M Auction Customers in South Korea
News  |  2/26/2008  | 
Chinese attacker asks for ransom on data, reports say
SNMP Joins Dark Side in New XSS Attack
News  |  2/26/2008  | 
Researchers show how the Simple Network Management Protocol can be abused for cross-site scripting attacks
New Tool Protects You From Antivirus Gone Wild
Quick Hits  |  2/26/2008  | 
German security firm releases product to plug little-known but dangerous holes in AV and email security
Agencies Fall Short on Protecting User Data
News  |  2/25/2008  | 
Government Accountability Office says many agencies still haven't met guidelines
Critical VMware Bug Breaks 'Barrier'
News  |  2/25/2008  | 
Core Security discovers VMware desktop software vulnerability with Shared Folders feature
Critics: Microsoft's 'Friendly Worm' Is a Dumb Idea
Quick Hits  |  2/22/2008  | 
Proposed method of deploying patches is swatted by industry experts
At Del Monte, New Apps Open a Can of Worms for Remote Access
News  |  2/22/2008  | 
Package of Cisco products helps food giant resolve security conundrum
'Live' VMs at Risk While in Transit
News  |  2/21/2008  | 
Black Hat researcher demonstrates how an attacker could gain control of a hypervisor when a VM is moved from one machine to another
Canadian Police Bust Huge Botnet Ring
News  |  2/21/2008  | 
Botnet enslaved a million PCs in 100 countries, authorities say
The Social Engineer's Toolbox
News  |  2/20/2008  | 
These are a few of our favorite things to bring along for a social engineering exploit
Black Hat Researcher Hacks Credit Cards
News  |  2/20/2008  | 
Newly released tool grabs credit card account ID data off magnetic strips, RFID chips
Mega-Spammer Nabbed in Japan
Quick Hits  |  2/20/2008  | 
Twenty-five-year-old may be responsible for as many as 2.2B messages, authorities say
Feds Wrestle With Security Threats
News  |  2/20/2008  | 
In Black Hat DC keynote, current and former government officials discuss emerging Internet threats
Harvard Site Hacked, Posted to BitTorrent
News  |  2/19/2008  | 
Site is brought down, sensitive data posted on Web
Free Web Filtering Service Taps User Input
News  |  2/19/2008  | 
OpenDNS to launch new Web filtering service modeled after its PhishTank community site
Botnet Hunters Reveal New Spin on Old Tricks
News  |  2/15/2008  | 
Damballa researchers share some techniques for getting a better picture of botnets - and targeted attacks
Clinton Video Is Bait in Spam Scam
Quick Hits  |  2/15/2008  | 
Attackers play on recipients' interest in presidential campaign
Tech Insight: Analyze This Malware
News  |  2/15/2008  | 
When you want to know what it is and where it came from, you've got a range of choices
GFI Cuts Prices for SMBs up to 45%
News  |  2/14/2008  | 
Reductions reflect GFI's belief in providing quality solutions at unbeatable prices
Health Care Firms Increasingly Feeling 'the Love' as Targets of Attack
Quick Hits  |  2/14/2008  | 
Recent inside job by health care employee and increase in attempted hacks shine light on risks to patient data
Report: Zero-Days Are Now Attackers' Second Choice
News  |  2/13/2008  | 
Bad guys are increasingly exploiting known bugs, researchers say, but don't dismiss zero-days
Bell Canada Finds Stolen Data on 3.4M Customers
News  |  2/13/2008  | 
Suspect is arrested, but no one is sure how he got the data, telecom provider says
Do You Know What Your Kids Are Doing Online?
Quick Hits  |  2/13/2008  | 
Even parents who monitor their kids' activities may not know the whole story, study says
Arbor Networks Closes Ellacoya Buy
News  |  2/13/2008  | 
Arbor Networks completes acquisition of Ellacoya Networks
Webroot Extends Channel Program
News  |  2/13/2008  | 
Channel partners now have access to Webroot Email Security SaaS solutions to deliver multi-layered security approach
Cyberoam: Increased Valentine's Day Spam
News  |  2/13/2008  | 
Cyberoam warns emails with Valentine's Day-focused subject lines could be result of massive malware spam campaign
The Truth Behind Code Analysis
News  |  2/13/2008  | 
A true code review involves both scanning and architectural risk analysis
Palamida Joins McAfee Alliance
News  |  2/12/2008  | 
Relationship adds comprehensive open source vulnerability detection to ePolicy Orchestrator
Ten Myths About Identity Fraud
News  |  2/12/2008  | 
Think ID fraud is running amok over the Internet? Are online credit card thieves your worst fear? Here's a dose of reality that may change your mind
BreakingPoint Systems to Upgrade Metasploit-Inspired Tool
News  |  2/12/2008  | 
Version 1.2 of tool BPS-1000 adds direct attacks, support for more apps, and IPv6
FBI Alert: Valentine's Day E-Card Carries Storm
News  |  2/12/2008  | 
If you unexpectedly receive a Valentine's Day e-card, be careful
Weapons of Mass Redirection
News  |  2/12/2008  | 
Protecting your users from malicious DNS servers
BitDefender Offers Free Services
News  |  2/12/2008  | 
BitDefender announces free antivirus and antispyware online services
Klocwork Extends Java Source Code Analysis
News  |  2/12/2008  | 
Solution introduces more comprehensive analysis with greater accuracy while improving support for major Java frameworks and environments
Sophos: Russia Is Spam Superpower
News  |  2/11/2008  | 
Russia emerges as spam superpower, as Asia and Europe overtake North America
IBM Report: Vulnerabilities Decline for First Time in 10 Years
Quick Hits  |  2/11/2008  | 
But the number of high-severity vulnerablities increased by 28% last year, according to the new 2007 X-Force Security report
Keyloggers Aren't Viruses... Are They?
News  |  2/11/2008  | 
Keylogging shouldn't always be flagged as a virus
DNS Inventor Warns of Next Big Threat
News  |  2/11/2008  | 
It's just a matter of time before a big breach occurs from corrupted DNS resolution, says Paul Mockapetris
Hackers Turn Antivirus Site Into Virus Spreader
Quick Hits  |  2/11/2008  | 
AvSoft Technologies's SmartCOP site is hosting malicious code, researcher says
Surge in Male Enhancement Pill Spam in '07
News  |  2/11/2008  | 
Marshal traces a huge surge in sexual enhancement spam in 2007
SkyRecon Intros V5 of Endpoint Security Product
News  |  2/11/2008  | 
SkyRecon announces StormShield 5.0 unified endpoint security
Global Surge in Mobile Messaging Abuse to Come
News  |  2/11/2008  | 
Mobile operators brace for global surge in mobile messaging abuse
Second SaaS Is the Charm for Dairy Queen Franchisee
News  |  2/8/2008  | 
Initial security as a service solution crashed PCs at DQ, so franchisee found another SaaS
DLP-DAM Convergence: Duh!
News  |  2/8/2008  | 
A DAM solution that can't identify sensitive content should get cut from your short list
The Myth of the Risk Manager
News  |  2/8/2008  | 
Why the risk manager position is a dead-end job
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15504
PUBLISHED: 2020-07-10
A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 (named MR-1-Build396) and the v17.5 MR13 release. All other version...
CVE-2020-8190
PUBLISHED: 2020-07-10
Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.
CVE-2020-8191
PUBLISHED: 2020-07-10
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Scripting (XSS).
CVE-2020-8193
PUBLISHED: 2020-07-10
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.
CVE-2020-8194
PUBLISHED: 2020-07-10
Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download.