Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in May 2008
Page 1 / 2   >   >>
Comcast Outage Traced to Teenage Hackers
News  |  5/30/2008  | 
DNS attack left service provider down for five hours
Man Arraigned for Setting Up 58,000 Brokerage Accounts
Quick Hits  |  5/30/2008  | 
Comic book and cartoon characters got their own portfolios
Stanford Medical School's Rx: Anomaly Detection
News  |  5/30/2008  | 
Appliance helps minimize bot, malware infections
Revision3 Denial Of Service Attack Traced To Anti-Piracy Company
News  |  5/29/2008  | 
Company CEO Jim Louderback says the FBI is investigating, and he is critical of MediaDefender's vigilante approach to fighting copyright piracy.
Gartner Forecasts the Next Big Threats
News  |  5/29/2008  | 
A peek at some of the types of attacks on the horizon that Gartner will reveal at next week's Security Summit
Gas Station ATM/Card Reader Likely Rigged in New ID Theft Case
Quick Hits  |  5/29/2008  | 
California's South Bay area is reeling from yet another wave of ID theft from ATM/card reader machines
Societe Generale Offers Findings on Breach Investigation
News  |  5/28/2008  | 
Trader's creativity, lack of proper controls combined to create perfect storm that lost the company $7 billion
New SQL Injection Attacks Exploit Adobe Flash Flaw
News  |  5/28/2008  | 
And it's not just online gamers who are at risk
Identity Fraudsters Improve Aim on the Wealthy
Quick Hits  |  5/28/2008  | 
UK study shows that those who make more than $100,000 are almost three times more likely to be victims
Yahoo Sues 'Lottery Spammers'
News  |  5/27/2008  | 
The suit accuses the defendants of sending spam e-mails trying to trick people into divulging personal information by claiming they had won a prize from Yahoo.
Deutsche Telecom Spied on Employees, Journalists
News  |  5/27/2008  | 
Major German service provider violated privacy laws by analyzing phone records in an attempt to stop leaks to the press
New Smart Phone Hack Could Expose Cell Network
News  |  5/27/2008  | 
Researchers to release hacking tool that gathers information about the cellular network to which a smart phone is connected
Hackers Take Down Russian Nuclear Power Websites
Quick Hits  |  5/27/2008  | 
Attacks play off of rumors of nuclear accident and prevent customers from checking online radiation reports in their area
Vulnerabilities Found In IBM Lotus Sametime And Cisco Gear
News  |  5/23/2008  | 
Cisco alerted users to vulnerabilities in several of its products while IBM says it has a patch ready for its software.
Tech Insight: Debian Linux Flaw Threatens SSL Encryption
News  |  5/23/2008  | 
Vulnerability in Debian OpenSSL could allow attackers to decrypt 'secure' Web sessions
Power Company Slammed For Weak Cyber Security
News  |  5/22/2008  | 
Almost all of the workstations and servers that GAO examined on the TVA's corporate network lacked key security patches or had inadequate security settings.
Apple's iCal Vulnerable To Hackers
News  |  5/22/2008  | 
In order for an attacker to exploit these vulnerabilities, he or she would have to convince an iCal user to open an .ics file sent via e-mail or hosted on a Web server.
New Google Service Helps Infected Websites Clean Up
News  |  5/22/2008  | 
Diagnostic page details nature of sites flagged as dangerous by Google
Microsoft Wins Patent on Proactive Anti-Malware Technology
Quick Hits  |  5/22/2008  | 
New scheme creates virtual environment where malware can be detected by its behavior
Regulatory Holes Could Leave US Power Grid Open to Attack
News  |  5/21/2008  | 
Utility commissions tell Congress they don't have the authority to quickly respond to cyber threats
'Hack-and-Pier' Phishing on the Rise
News  |  5/21/2008  | 
More and more phishers are hacking legitimate Websites, reports say
Reports Question Vista's Security
Quick Hits  |  5/21/2008  | 
Security vendor PC Tools engages Microsoft in running battle of reports
US-CERT Warns About Phishers Scamming Disaster Donors
News  |  5/20/2008  | 
Since the earthquake in China last week and the cyclone in Myanmar, cyber criminals have been trying to capitalize on the tragedies, officials say.
SQL Injection Attack Helps Hack OS
News  |  5/20/2008  | 
Multi-step hack using SQL injection provides interactive, GUI access to OS
Hospital Security Programs Ailing, Study Says
News  |  5/20/2008  | 
Patient data at risk due to lack of attention to policies, regulations
International Cybercrime Ring Busted
News  |  5/19/2008  | 
Officials from the United States and Romania announced that 38 individuals in the two countries have been charged with computer and credit card fraud.
Public Schools Improve Physical Security, But Cybersecurity Declines
News  |  5/19/2008  | 
CDW-Government's annual School Safety Index found that public schools have improved physical safety, but cybersafety scores dropped by 25% since last year.
Permanent Denial-of-Service Attack Sabotages Hardware
News  |  5/19/2008  | 
Researcher to demonstrate a permanent denial-of-service (PDOS) attack that remotely wipes out hardware via flash firmware updates
Excessive Secrecy Harms National Cyber Defenses, Report Says
News  |  5/16/2008  | 
The Senate Armed Services Committee believes the government's new National Cyber Security Initiative is too secret to have much value as deterrence.
Can You Pass This Privacy Quiz?
News  |  5/16/2008  | 
Most Californians couldn't, according to newly released research
'Treasure Hunt' Leads to Release of Zero-Day Attack
Quick Hits  |  5/16/2008  | 
Researcher unleashes Internet Explorer proof-of-concept attack after holding a contest for readers to find the code on his blog page
Zero-Day Internet Explorer Vulnerability Published
News  |  5/15/2008  | 
The potential exploit relates to the Microsoft Web browser's "Print Table of Links" feature.
Hackers Sniff Their Way Into Data From Restaurant Chain
News  |  5/14/2008  | 
Thieves collected 5,000 credit cards - and hundreds of thousands of dollars - from 11 Dave & Buster's locations
Bots Use SQL Injection Tool in New Web Attack
News  |  5/14/2008  | 
Phishing botnet Asprox uses zombies to infect Websites, recruit more bots
NATO Members Form Cyber Defense Center
Quick Hits  |  5/14/2008  | 
Estonia will serve as headquarters for new effort; US not joining yet
Brute-Force SSH Server Attacks Surge
News  |  5/13/2008  | 
If such an attack succeeds, the attacker may be able to view, copy, or delete important files on the accessed server or execute malicious code.
Microsoft Patch Tuesday: Six Vulnerabilities Fixed In Four Bulletins
News  |  5/13/2008  | 
Researchers warn the buffer-overflow bug affecting the Jet Database Engine is especially critical to fix since there is evidence of hackers already exploiting the vulnerability.
Men Accused Of Hacking Restaurant Credit Card System
News  |  5/13/2008  | 
The U.S. Attorney's office says the men installed packet sniffers to capture credit card data as it flowed through the restaurant chain's computer systems.
Third Wave of Web Attacks Not the Last
Quick Hits  |  5/13/2008  | 
The latest round of SQL injection Website attacks is stealthier - and from multiple regions
New Tests Show Rootkits Still Evade AV
News  |  5/13/2008  | 
AV-Test.org tests rootkit detection and removal on XP, Vista
Check Point Offers Consumers 'New Level' of Security
News  |  5/13/2008  | 
'Browser virtualization' sandboxes OS, constitutes new category of products, firewall giant says
FBI Fears Counterfeit Networking Equipment Could Compromise Security
News  |  5/12/2008  | 
A sensitive agency PowerPoint presentation indicates that the U.S. military purchased counterfeit gear, which could threaten the security of its systems.
Mac Notebook Catches Suspects In Laptop Theft
News  |  5/12/2008  | 
A burglary victim helped police catch suspected thieves by logging on to her Mac remotely and snapping photos with its Webcam.
New Intrusion Tolerance Technology Treats Attacks as Inevitable
News  |  5/12/2008  | 
Sun Microsystems is helping fund new startup dedicated to minimizing - rather than detecting or preventing - attacks
Internet Users Help Nab Accused Child Predator
News  |  5/9/2008  | 
Interpol credits Internet users with helping to identify and locate a suspected child predator, who was arrested in New Jersey.
Hackers Attack Epilepsy Site
Quick Hits  |  5/9/2008  | 
Sick joke adds flashing lights to site, which can provoke seizures
Tech Insight: Finding & Prioritizing Web Application Vulnerabilities
News  |  5/9/2008  | 
Web app flaws are rapidly becoming the most serious threat to your data. Do you know how to identify them - and which ones to fix first?
Hacker's Choice: Top Six Database Attacks
News  |  5/8/2008  | 
It doesn't take a database expert to break into one
Srizbi Botnet Sending Over 60 Billion Spams a Day
Quick Hits  |  5/8/2008  | 
Marshal TRACE team says Srizbi sends more spam than all other botnets combined
Page 1 / 2   >   >>


AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at Zscaler,  9/10/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16317
PUBLISHED: 2019-09-14
In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different vulnerabi...
CVE-2019-16318
PUBLISHED: 2019-09-14
In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317.
CVE-2019-16307
PUBLISHED: 2019-09-14
A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter (webExMeetingLogin.jsp) and meetingKe...
CVE-2019-16294
PUBLISHED: 2019-09-14
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
CVE-2019-16309
PUBLISHED: 2019-09-14
FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.