Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in April 2008
Page 1 / 2   >   >>
Google Warns Users About Phishing
News  |  4/30/2008  | 
In advising users to be wary of clicking on links in e-mail messages or responding to requests for personal information, Google is trying to protect its own business.
Large Businesses Wrestle With Web 2.0
News  |  4/30/2008  | 
New capabilities turn security policies and practices on end, panelists say
Software Lets Enterprises Encrypt, Restrict Use of CD/DVD Media
Quick Hits  |  4/30/2008  | 
New technology from Lumension encrypts data on CDs, prevents reading and writing without network authorization
When Bots Don't Care - Or Don't Know Enough to
News  |  4/30/2008  | 
Misguided apathy among consumers could be contributing to botnet proliferation
Webroot to Launch Enterprise Web Filtering Service
News  |  4/29/2008  | 
Content filtering will be marketed alongside email management service
Microsoft Adds Two to Forefront Family
News  |  4/29/2008  | 
Remote access, edge security products now under Forefront umbrella
'USB Hacksaw' Still Sharp, Expert Says
Quick Hits  |  4/29/2008  | 
Exploit allows hackers to dump data from thumb drives and email it to a remote location
Avoiding a Mesh Mess
News  |  4/29/2008  | 
Factor in security with Microsoft's new Live Mesh
Microsoft Blames Poor Coding Practices For Massive SQL Injection Attack
News  |  4/28/2008  | 
U.S. CERT recommends disabling JavaScript and ActiveX because of attacks that have compromised legitimate Web sites using Microsoft IIS Web Server and Microsoft SQL Server.
Wireless Vulnerabilities Present Enterprise-Wide Threats, Expert Says
News  |  4/28/2008  | 
Wireless is the greatest threat to corporate networks since the emergence of the Internet, AirPatrol CEO says
'Long-Term' Phishing Attack Underway
News  |  4/28/2008  | 
New phishing exploit doesn't bother asking for passwords, and its stealthy malware hides out on victim's machine
Societe Generale Goat Gets IT Consulting Job
Quick Hits  |  4/28/2008  | 
Man who singlehandedly cost financial services firm more than $7B is now giving advice
Zero-Day Vulnerability Reported in Apple's QuickTime for Windows XP and Vista
News  |  4/25/2008  | 
Security consultancy GNUCitizen says an attacker could exploit the vulnerability by constructing a specially crafted QuickTime supported media file that allows remote code execution.
Tech Insight: DIY Penetration Testing
News  |  4/25/2008  | 
When to conduct your own penetration test or to farm it out to a third party
Men More Likely Than Women to Fall for Internet Fraud
Quick Hits  |  4/25/2008  | 
Guys lose $1.67 to every $1 lost by gals, ICCC says
Small And Midsize Businesses' IT Security Budgets 'Recession-Proof'
News  |  4/24/2008  | 
Despite overall economic difficulties, survey respondents say they still plan to invest in technology this year.
Securing the Internet's DNS
News  |  4/24/2008  | 
Internet's .arpa, .org, and .uk domains soon to adopt DNSSEC
Companies May Be Held Liable for Deals With Terrorists, ID Thieves
News  |  4/23/2008  | 
New and little-known regulations could mean fines, or even jail time, for companies that do business with bad guys
Researchers Infiltrate and 'Pollute' Storm Botnet
News  |  4/23/2008  | 
European botnet experts devise a method that disrupts stubborn peer-to-peer botnets like Storm
JavaScript Injection Attack Infects 'Hundreds of Thousands' of Websites
Quick Hits  |  4/23/2008  | 
United Nations, UK government sites are among the victims
Market's Message to Security Pros: Adapt or Die
News  |  4/23/2008  | 
Shifts in economy, business are forcing re-prioritization in the IT security department, studies say
Security Vulnerabilities Reported At Obama, Clinton Web Sites
News  |  4/22/2008  | 
Researchers said cross-site scripting problems found on the sites could result in anything from a harmless pop-up window to exposure to malicious software.
Infected Web Pages Nearly Triple
News  |  4/22/2008  | 
Sophos says that it discovered a new infected Web page every 5 seconds. In 2007, the company says, it saw new infected Web pages every 14 seconds.
Microsoft Report: Physical Data Theft, Trojans Up; Bug Disclosure Down
News  |  4/22/2008  | 
Trojan attacks jump by 300 percent, but publicly disclosed vulnerabilities reach three-year ebb
New Tool Lets Enterprises Manage Security on Multiple Linux Servers
News  |  4/21/2008  | 
Trusted Computer Solutions readies software that can 'lock down' servers running Red Hat, CentOS, or Oracle Enterprise Linux
Server Theft Exposes Data on 700,000 Consumers
Quick Hits  |  4/21/2008  | 
Break-in at debt collection company puts Indiana citizens' personal information at risk
'Provider-in-the-Middle Attacks' Put Major Websites, Users at Risk
News  |  4/21/2008  | 
Researchers discover that ad servers from over 70 ISPs, such as Earthlink and Comcast, put trademarked sites - and users who visit them - at risk of cross-site scripting, other attacks
2008 Could Be Record Year for Breaches
Quick Hits  |  4/18/2008  | 
More than 8 million Americans' data has been exposed so far this year, first-quarter study says
An Rx for Doctors Suffering From Spam Attacks
News  |  4/18/2008  | 
Health Care Notification Network (HCNN) for physicians aims to streamline alerts, as well as protect doctors from spam and other attacks
Enterprises Slow Fight Against Malicious Code
News  |  4/18/2008  | 
Most organizations believe they are more secure than a year ago, BT study finds
24 Digital Spy Tools To Capture, Protect, And Secure Data
News  |  4/17/2008  | 
To catch a data thief, you'll need discreet audio and video recorders, tiny cameras, keystroke loggers, and a trove of other 007-worthy digital security, monitoring, and surveillance devices.
Customers Ticked Off Over Breach Notification
Quick Hits  |  4/17/2008  | 
Majority of customers have had their data exposed more than once, study says
Security, IT Operations, Compliance & Privacy Converge in Data Center
News  |  4/17/2008  | 
Formerly disconnected disciplines find themselves working together
Women More Likely Than Men To Surrender Security For Chocolate
News  |  4/16/2008  | 
The overall percentage of London office workers willing to trade their computer passwords for a few moments of chocolaty goodness was down two-thirds compared to 2007.
Women Are Four Times More Likely to Give Up Passwords for Chocolate
Quick Hits  |  4/16/2008  | 
But overall willingness to give up passwords has dropped sharply since 2007, study finds
Wireless Security Gets Boost From New Round of Products
News  |  4/16/2008  | 
Wireless isn't the problem child it used to be, but authentication and management still challenge enterprises
Spear-Phishing Attack Uses Fake Subpoenas To Steal From CEOs
News  |  4/15/2008  | 
iDefense estimates that the attack went out to about 15,000 to 20,000 executives, resulting in about 1,800 confirmed malware victims.
PayPal Outlines Strategy to Slow Phishing
News  |  4/15/2008  | 
Web's biggest phishing target published multi-layered plan to reduce delivery of fake emails and warn users of phishing sites
Startup Launches Tool That Analyzes & Maps Network Architecture for Risk
Quick Hits  |  4/15/2008  | 
Athena Security goes public and shows off its new tool for determining the risks posed by network configurations
Oracle Plans 41 Patches For Tuesday
News  |  4/14/2008  | 
The number of published proof-of-concept exploits for Oracle products last year supports research noting an increase in attacks on applications.
CA Exec: Security Pros Need to Be Unburied From the Org Chart
News  |  4/14/2008  | 
To succeed, IT security must raise its profile in the business, says former CIO
New York Hospital Worker Arrested for Stealing 50,000 Patient Records
Quick Hits  |  4/14/2008  | 
Theft was discovered by police, not hospital IT staff
Study Finds 'Alarming' Ignorance About Cybercrime
News  |  4/11/2008  | 
"Consumers' unsecured computers play a major role in helping cybercriminals conduct cybercrimes," the National Cyber Security Alliance warns.
Panel: DLP Outlook Hopeful, But No Silver Bullet
News  |  4/11/2008  | 
Data loss protection technology is getting real, experts say, but it won't stop determined insiders by itself
Tech Insight: Virtualization Gets Personal
News  |  4/11/2008  | 
As tools open up avenues for desktop virtualization, enterprises must choose the right security path
Al Gore Bans Press at RSA
Quick Hits  |  4/11/2008  | 
Keynote on green technologies makes reporters see red
Down To Business: It's Past Time To Elevate The Infosec Conversation
Commentary  |  4/10/2008  | 
At the RSA conference, the security discussion was about helping customers innovate and deliver business value.
RSA: The Case For Code Testing
News  |  4/10/2008  | 
Automated security tools are the best way to reduce application-layer vulnerabilities, said cybersecurity veteran Howard Schmidt.
IBM: The Security Business 'Has No Future'
News  |  4/10/2008  | 
IBM executive tells RSA attendees that the security business is dead - and sustainable business is the future
AirPatrol Keeps Tabs on Illicit Mobiles
Quick Hits  |  4/10/2008  | 
Networked sensors detect and locate mobile phones and WiFi-connected laptops
Page 1 / 2   >   >>


DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Human Nature vs. AI: A False Dichotomy?
John McClurg, Sr. VP & CISO, BlackBerry,  11/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: -when I told you that our cyber-defense was from another age
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15073
PUBLISHED: 2019-11-20
An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. This vulnerability affects many mail system of governments, organizations, companies and universities.
CVE-2019-15072
PUBLISHED: 2019-11-20
The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via any parameter. This vulnerability affects many mail system of governments, organizations, companies and universities.
CVE-2019-15071
PUBLISHED: 2019-11-20
The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code via ACTION parameter without authentication. The code can executed for any user accessing the page. This vulnerability affects many mail syste...
CVE-2019-6176
PUBLISHED: 2019-11-20
A potential vulnerability reported in ThinkPad USB-C Dock Firmware version 3.7.2 may allow a denial of service.
CVE-2019-6184
PUBLISHED: 2019-11-20
A potential vulnerability in the discontinued Customer Engagement Service (CCSDK) software version 2.0.21.1 may allow local privilege escalation.