Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in April 2008
Page 1 / 2   >   >>
Google Warns Users About Phishing
News  |  4/30/2008  | 
In advising users to be wary of clicking on links in e-mail messages or responding to requests for personal information, Google is trying to protect its own business.
Large Businesses Wrestle With Web 2.0
News  |  4/30/2008  | 
New capabilities turn security policies and practices on end, panelists say
Software Lets Enterprises Encrypt, Restrict Use of CD/DVD Media
Quick Hits  |  4/30/2008  | 
New technology from Lumension encrypts data on CDs, prevents reading and writing without network authorization
When Bots Don't Care - Or Don't Know Enough to
News  |  4/30/2008  | 
Misguided apathy among consumers could be contributing to botnet proliferation
Webroot to Launch Enterprise Web Filtering Service
News  |  4/29/2008  | 
Content filtering will be marketed alongside email management service
Microsoft Adds Two to Forefront Family
News  |  4/29/2008  | 
Remote access, edge security products now under Forefront umbrella
'USB Hacksaw' Still Sharp, Expert Says
Quick Hits  |  4/29/2008  | 
Exploit allows hackers to dump data from thumb drives and email it to a remote location
Avoiding a Mesh Mess
News  |  4/29/2008  | 
Factor in security with Microsoft's new Live Mesh
Microsoft Blames Poor Coding Practices For Massive SQL Injection Attack
News  |  4/28/2008  | 
U.S. CERT recommends disabling JavaScript and ActiveX because of attacks that have compromised legitimate Web sites using Microsoft IIS Web Server and Microsoft SQL Server.
Wireless Vulnerabilities Present Enterprise-Wide Threats, Expert Says
News  |  4/28/2008  | 
Wireless is the greatest threat to corporate networks since the emergence of the Internet, AirPatrol CEO says
'Long-Term' Phishing Attack Underway
News  |  4/28/2008  | 
New phishing exploit doesn't bother asking for passwords, and its stealthy malware hides out on victim's machine
Societe Generale Goat Gets IT Consulting Job
Quick Hits  |  4/28/2008  | 
Man who singlehandedly cost financial services firm more than $7B is now giving advice
Zero-Day Vulnerability Reported in Apple's QuickTime for Windows XP and Vista
News  |  4/25/2008  | 
Security consultancy GNUCitizen says an attacker could exploit the vulnerability by constructing a specially crafted QuickTime supported media file that allows remote code execution.
Tech Insight: DIY Penetration Testing
News  |  4/25/2008  | 
When to conduct your own penetration test or to farm it out to a third party
Men More Likely Than Women to Fall for Internet Fraud
Quick Hits  |  4/25/2008  | 
Guys lose $1.67 to every $1 lost by gals, ICCC says
Small And Midsize Businesses' IT Security Budgets 'Recession-Proof'
News  |  4/24/2008  | 
Despite overall economic difficulties, survey respondents say they still plan to invest in technology this year.
Securing the Internet's DNS
News  |  4/24/2008  | 
Internet's .arpa, .org, and .uk domains soon to adopt DNSSEC
Companies May Be Held Liable for Deals With Terrorists, ID Thieves
News  |  4/23/2008  | 
New and little-known regulations could mean fines, or even jail time, for companies that do business with bad guys
Researchers Infiltrate and 'Pollute' Storm Botnet
News  |  4/23/2008  | 
European botnet experts devise a method that disrupts stubborn peer-to-peer botnets like Storm
JavaScript Injection Attack Infects 'Hundreds of Thousands' of Websites
Quick Hits  |  4/23/2008  | 
United Nations, UK government sites are among the victims
Market's Message to Security Pros: Adapt or Die
News  |  4/23/2008  | 
Shifts in economy, business are forcing re-prioritization in the IT security department, studies say
Security Vulnerabilities Reported At Obama, Clinton Web Sites
News  |  4/22/2008  | 
Researchers said cross-site scripting problems found on the sites could result in anything from a harmless pop-up window to exposure to malicious software.
Infected Web Pages Nearly Triple
News  |  4/22/2008  | 
Sophos says that it discovered a new infected Web page every 5 seconds. In 2007, the company says, it saw new infected Web pages every 14 seconds.
Microsoft Report: Physical Data Theft, Trojans Up; Bug Disclosure Down
News  |  4/22/2008  | 
Trojan attacks jump by 300 percent, but publicly disclosed vulnerabilities reach three-year ebb
New Tool Lets Enterprises Manage Security on Multiple Linux Servers
News  |  4/21/2008  | 
Trusted Computer Solutions readies software that can 'lock down' servers running Red Hat, CentOS, or Oracle Enterprise Linux
Server Theft Exposes Data on 700,000 Consumers
Quick Hits  |  4/21/2008  | 
Break-in at debt collection company puts Indiana citizens' personal information at risk
'Provider-in-the-Middle Attacks' Put Major Websites, Users at Risk
News  |  4/21/2008  | 
Researchers discover that ad servers from over 70 ISPs, such as Earthlink and Comcast, put trademarked sites - and users who visit them - at risk of cross-site scripting, other attacks
2008 Could Be Record Year for Breaches
Quick Hits  |  4/18/2008  | 
More than 8 million Americans' data has been exposed so far this year, first-quarter study says
An Rx for Doctors Suffering From Spam Attacks
News  |  4/18/2008  | 
Health Care Notification Network (HCNN) for physicians aims to streamline alerts, as well as protect doctors from spam and other attacks
Enterprises Slow Fight Against Malicious Code
News  |  4/18/2008  | 
Most organizations believe they are more secure than a year ago, BT study finds
24 Digital Spy Tools To Capture, Protect, And Secure Data
News  |  4/17/2008  | 
To catch a data thief, you'll need discreet audio and video recorders, tiny cameras, keystroke loggers, and a trove of other 007-worthy digital security, monitoring, and surveillance devices.
Customers Ticked Off Over Breach Notification
Quick Hits  |  4/17/2008  | 
Majority of customers have had their data exposed more than once, study says
Security, IT Operations, Compliance & Privacy Converge in Data Center
News  |  4/17/2008  | 
Formerly disconnected disciplines find themselves working together
Women More Likely Than Men To Surrender Security For Chocolate
News  |  4/16/2008  | 
The overall percentage of London office workers willing to trade their computer passwords for a few moments of chocolaty goodness was down two-thirds compared to 2007.
Women Are Four Times More Likely to Give Up Passwords for Chocolate
Quick Hits  |  4/16/2008  | 
But overall willingness to give up passwords has dropped sharply since 2007, study finds
Wireless Security Gets Boost From New Round of Products
News  |  4/16/2008  | 
Wireless isn't the problem child it used to be, but authentication and management still challenge enterprises
Spear-Phishing Attack Uses Fake Subpoenas To Steal From CEOs
News  |  4/15/2008  | 
iDefense estimates that the attack went out to about 15,000 to 20,000 executives, resulting in about 1,800 confirmed malware victims.
PayPal Outlines Strategy to Slow Phishing
News  |  4/15/2008  | 
Web's biggest phishing target published multi-layered plan to reduce delivery of fake emails and warn users of phishing sites
Startup Launches Tool That Analyzes & Maps Network Architecture for Risk
Quick Hits  |  4/15/2008  | 
Athena Security goes public and shows off its new tool for determining the risks posed by network configurations
Oracle Plans 41 Patches For Tuesday
News  |  4/14/2008  | 
The number of published proof-of-concept exploits for Oracle products last year supports research noting an increase in attacks on applications.
CA Exec: Security Pros Need to Be Unburied From the Org Chart
News  |  4/14/2008  | 
To succeed, IT security must raise its profile in the business, says former CIO
New York Hospital Worker Arrested for Stealing 50,000 Patient Records
Quick Hits  |  4/14/2008  | 
Theft was discovered by police, not hospital IT staff
Study Finds 'Alarming' Ignorance About Cybercrime
News  |  4/11/2008  | 
"Consumers' unsecured computers play a major role in helping cybercriminals conduct cybercrimes," the National Cyber Security Alliance warns.
Panel: DLP Outlook Hopeful, But No Silver Bullet
News  |  4/11/2008  | 
Data loss protection technology is getting real, experts say, but it won't stop determined insiders by itself
Tech Insight: Virtualization Gets Personal
News  |  4/11/2008  | 
As tools open up avenues for desktop virtualization, enterprises must choose the right security path
Al Gore Bans Press at RSA
Quick Hits  |  4/11/2008  | 
Keynote on green technologies makes reporters see red
Down To Business: It's Past Time To Elevate The Infosec Conversation
Commentary  |  4/10/2008  | 
At the RSA conference, the security discussion was about helping customers innovate and deliver business value.
RSA: The Case For Code Testing
News  |  4/10/2008  | 
Automated security tools are the best way to reduce application-layer vulnerabilities, said cybersecurity veteran Howard Schmidt.
IBM: The Security Business 'Has No Future'
News  |  4/10/2008  | 
IBM executive tells RSA attendees that the security business is dead - and sustainable business is the future
AirPatrol Keeps Tabs on Illicit Mobiles
Quick Hits  |  4/10/2008  | 
Networked sensors detect and locate mobile phones and WiFi-connected laptops
Page 1 / 2   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Practical Network Security Approaches for a Multicloud, Hybrid IT World
The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-05-09
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
PUBLISHED: 2022-05-09
In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to tra...
PUBLISHED: 2022-05-08
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
PUBLISHED: 2022-05-08
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
PUBLISHED: 2022-05-08
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.