Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in February 2008
Page 1 / 2   >   >>
'Phone Flu' Could Infect Mobile Devices
Quick Hits  |  2/29/2008  | 
Researchers demonstrate ability of wireless devices to pass viruses through close proximity
Tech Insight: Hacking Your Encryption Options
News  |  2/29/2008  | 
Choosing the right encryption solution isn't always easy
Researchers Name Top Six Spamming Botnets
News  |  2/28/2008  | 
Marshal researchers say six botnets are sending 85% of the world's spam
Study: Consumers Don't Use Anti-Phishing Defenses
News  |  2/27/2008  | 
Much-ballyhooed 'green bar' is lost on most end consumers
Stolen FTP Credentials Offered for Sale: Major Firms at Risk
News  |  2/27/2008  | 
Nearly 9,000 stolen FTP server admin credentials offered with an automated crimeware kit, Finjan says
Hacker Steals Data on 18M Auction Customers in South Korea
News  |  2/26/2008  | 
Chinese attacker asks for ransom on data, reports say
SNMP Joins Dark Side in New XSS Attack
News  |  2/26/2008  | 
Researchers show how the Simple Network Management Protocol can be abused for cross-site scripting attacks
New Tool Protects You From Antivirus Gone Wild
Quick Hits  |  2/26/2008  | 
German security firm releases product to plug little-known but dangerous holes in AV and email security
Agencies Fall Short on Protecting User Data
News  |  2/25/2008  | 
Government Accountability Office says many agencies still haven't met guidelines
Critical VMware Bug Breaks 'Barrier'
News  |  2/25/2008  | 
Core Security discovers VMware desktop software vulnerability with Shared Folders feature
Critics: Microsoft's 'Friendly Worm' Is a Dumb Idea
Quick Hits  |  2/22/2008  | 
Proposed method of deploying patches is swatted by industry experts
At Del Monte, New Apps Open a Can of Worms for Remote Access
News  |  2/22/2008  | 
Package of Cisco products helps food giant resolve security conundrum
'Live' VMs at Risk While in Transit
News  |  2/21/2008  | 
Black Hat researcher demonstrates how an attacker could gain control of a hypervisor when a VM is moved from one machine to another
Canadian Police Bust Huge Botnet Ring
News  |  2/21/2008  | 
Botnet enslaved a million PCs in 100 countries, authorities say
The Social Engineer's Toolbox
News  |  2/20/2008  | 
These are a few of our favorite things to bring along for a social engineering exploit
Black Hat Researcher Hacks Credit Cards
News  |  2/20/2008  | 
Newly released tool grabs credit card account ID data off magnetic strips, RFID chips
Mega-Spammer Nabbed in Japan
Quick Hits  |  2/20/2008  | 
Twenty-five-year-old may be responsible for as many as 2.2B messages, authorities say
Feds Wrestle With Security Threats
News  |  2/20/2008  | 
In Black Hat DC keynote, current and former government officials discuss emerging Internet threats
Harvard Site Hacked, Posted to BitTorrent
News  |  2/19/2008  | 
Site is brought down, sensitive data posted on Web
Free Web Filtering Service Taps User Input
News  |  2/19/2008  | 
OpenDNS to launch new Web filtering service modeled after its PhishTank community site
Botnet Hunters Reveal New Spin on Old Tricks
News  |  2/15/2008  | 
Damballa researchers share some techniques for getting a better picture of botnets - and targeted attacks
Clinton Video Is Bait in Spam Scam
Quick Hits  |  2/15/2008  | 
Attackers play on recipients' interest in presidential campaign
Tech Insight: Analyze This Malware
News  |  2/15/2008  | 
When you want to know what it is and where it came from, you've got a range of choices
GFI Cuts Prices for SMBs up to 45%
News  |  2/14/2008  | 
Reductions reflect GFI's belief in providing quality solutions at unbeatable prices
Health Care Firms Increasingly Feeling 'the Love' as Targets of Attack
Quick Hits  |  2/14/2008  | 
Recent inside job by health care employee and increase in attempted hacks shine light on risks to patient data
Report: Zero-Days Are Now Attackers' Second Choice
News  |  2/13/2008  | 
Bad guys are increasingly exploiting known bugs, researchers say, but don't dismiss zero-days
Bell Canada Finds Stolen Data on 3.4M Customers
News  |  2/13/2008  | 
Suspect is arrested, but no one is sure how he got the data, telecom provider says
Do You Know What Your Kids Are Doing Online?
Quick Hits  |  2/13/2008  | 
Even parents who monitor their kids' activities may not know the whole story, study says
Arbor Networks Closes Ellacoya Buy
News  |  2/13/2008  | 
Arbor Networks completes acquisition of Ellacoya Networks
Webroot Extends Channel Program
News  |  2/13/2008  | 
Channel partners now have access to Webroot Email Security SaaS solutions to deliver multi-layered security approach
Cyberoam: Increased Valentine's Day Spam
News  |  2/13/2008  | 
Cyberoam warns emails with Valentine's Day-focused subject lines could be result of massive malware spam campaign
The Truth Behind Code Analysis
News  |  2/13/2008  | 
A true code review involves both scanning and architectural risk analysis
Palamida Joins McAfee Alliance
News  |  2/12/2008  | 
Relationship adds comprehensive open source vulnerability detection to ePolicy Orchestrator
Ten Myths About Identity Fraud
News  |  2/12/2008  | 
Think ID fraud is running amok over the Internet? Are online credit card thieves your worst fear? Here's a dose of reality that may change your mind
BreakingPoint Systems to Upgrade Metasploit-Inspired Tool
News  |  2/12/2008  | 
Version 1.2 of tool BPS-1000 adds direct attacks, support for more apps, and IPv6
FBI Alert: Valentine's Day E-Card Carries Storm
News  |  2/12/2008  | 
If you unexpectedly receive a Valentine's Day e-card, be careful
Weapons of Mass Redirection
News  |  2/12/2008  | 
Protecting your users from malicious DNS servers
BitDefender Offers Free Services
News  |  2/12/2008  | 
BitDefender announces free antivirus and antispyware online services
Klocwork Extends Java Source Code Analysis
News  |  2/12/2008  | 
Solution introduces more comprehensive analysis with greater accuracy while improving support for major Java frameworks and environments
Sophos: Russia Is Spam Superpower
News  |  2/11/2008  | 
Russia emerges as spam superpower, as Asia and Europe overtake North America
IBM Report: Vulnerabilities Decline for First Time in 10 Years
Quick Hits  |  2/11/2008  | 
But the number of high-severity vulnerablities increased by 28% last year, according to the new 2007 X-Force Security report
Keyloggers Aren't Viruses... Are They?
News  |  2/11/2008  | 
Keylogging shouldn't always be flagged as a virus
DNS Inventor Warns of Next Big Threat
News  |  2/11/2008  | 
It's just a matter of time before a big breach occurs from corrupted DNS resolution, says Paul Mockapetris
Hackers Turn Antivirus Site Into Virus Spreader
Quick Hits  |  2/11/2008  | 
AvSoft Technologies's SmartCOP site is hosting malicious code, researcher says
Surge in Male Enhancement Pill Spam in '07
News  |  2/11/2008  | 
Marshal traces a huge surge in sexual enhancement spam in 2007
SkyRecon Intros V5 of Endpoint Security Product
News  |  2/11/2008  | 
SkyRecon announces StormShield 5.0 unified endpoint security
Global Surge in Mobile Messaging Abuse to Come
News  |  2/11/2008  | 
Mobile operators brace for global surge in mobile messaging abuse
Second SaaS Is the Charm for Dairy Queen Franchisee
News  |  2/8/2008  | 
Initial security as a service solution crashed PCs at DQ, so franchisee found another SaaS
DLP-DAM Convergence: Duh!
News  |  2/8/2008  | 
A DAM solution that can't identify sensitive content should get cut from your short list
The Myth of the Risk Manager
News  |  2/8/2008  | 
Why the risk manager position is a dead-end job
Page 1 / 2   >   >>

COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Attacker Dwell Time: Ransomware's Most Important Metric
Ricardo Villadiego, Founder and CEO of Lumu,  9/30/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-09-30
An issue was discovered in MantisBT before 2.24.3. When editing an Issue in a Project where a Custom Field with a crafted Regular Expression property is used, improper escaping of the corresponding form input's pattern attribute allows HTML injection and, if CSP settings permit, execution of arbitra...
PUBLISHED: 2020-09-30
An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly.
PUBLISHED: 2020-09-30
An issue was discovered in MantisBT before 2.24.3. Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when attempting to update said custom field via bug_actiongroup_page.php.
PUBLISHED: 2020-09-30
In Oniguruma 6.9.5_rev1, an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat_opt_exact_str in src/regcomp.c .
PUBLISHED: 2020-09-30
A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.