Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in May 2008
Page 1 / 2   >   >>
Comcast Outage Traced to Teenage Hackers
News  |  5/30/2008  | 
DNS attack left service provider down for five hours
Man Arraigned for Setting Up 58,000 Brokerage Accounts
Quick Hits  |  5/30/2008  | 
Comic book and cartoon characters got their own portfolios
Stanford Medical School's Rx: Anomaly Detection
News  |  5/30/2008  | 
Appliance helps minimize bot, malware infections
Revision3 Denial Of Service Attack Traced To Anti-Piracy Company
News  |  5/29/2008  | 
Company CEO Jim Louderback says the FBI is investigating, and he is critical of MediaDefender's vigilante approach to fighting copyright piracy.
Gartner Forecasts the Next Big Threats
News  |  5/29/2008  | 
A peek at some of the types of attacks on the horizon that Gartner will reveal at next week's Security Summit
Gas Station ATM/Card Reader Likely Rigged in New ID Theft Case
Quick Hits  |  5/29/2008  | 
California's South Bay area is reeling from yet another wave of ID theft from ATM/card reader machines
Societe Generale Offers Findings on Breach Investigation
News  |  5/28/2008  | 
Trader's creativity, lack of proper controls combined to create perfect storm that lost the company $7 billion
New SQL Injection Attacks Exploit Adobe Flash Flaw
News  |  5/28/2008  | 
And it's not just online gamers who are at risk
Identity Fraudsters Improve Aim on the Wealthy
Quick Hits  |  5/28/2008  | 
UK study shows that those who make more than $100,000 are almost three times more likely to be victims
Yahoo Sues 'Lottery Spammers'
News  |  5/27/2008  | 
The suit accuses the defendants of sending spam e-mails trying to trick people into divulging personal information by claiming they had won a prize from Yahoo.
Deutsche Telecom Spied on Employees, Journalists
News  |  5/27/2008  | 
Major German service provider violated privacy laws by analyzing phone records in an attempt to stop leaks to the press
New Smart Phone Hack Could Expose Cell Network
News  |  5/27/2008  | 
Researchers to release hacking tool that gathers information about the cellular network to which a smart phone is connected
Hackers Take Down Russian Nuclear Power Websites
Quick Hits  |  5/27/2008  | 
Attacks play off of rumors of nuclear accident and prevent customers from checking online radiation reports in their area
Vulnerabilities Found In IBM Lotus Sametime And Cisco Gear
News  |  5/23/2008  | 
Cisco alerted users to vulnerabilities in several of its products while IBM says it has a patch ready for its software.
Tech Insight: Debian Linux Flaw Threatens SSL Encryption
News  |  5/23/2008  | 
Vulnerability in Debian OpenSSL could allow attackers to decrypt 'secure' Web sessions
Power Company Slammed For Weak Cyber Security
News  |  5/22/2008  | 
Almost all of the workstations and servers that GAO examined on the TVA's corporate network lacked key security patches or had inadequate security settings.
Apple's iCal Vulnerable To Hackers
News  |  5/22/2008  | 
In order for an attacker to exploit these vulnerabilities, he or she would have to convince an iCal user to open an .ics file sent via e-mail or hosted on a Web server.
New Google Service Helps Infected Websites Clean Up
News  |  5/22/2008  | 
Diagnostic page details nature of sites flagged as dangerous by Google
Microsoft Wins Patent on Proactive Anti-Malware Technology
Quick Hits  |  5/22/2008  | 
New scheme creates virtual environment where malware can be detected by its behavior
Regulatory Holes Could Leave US Power Grid Open to Attack
News  |  5/21/2008  | 
Utility commissions tell Congress they don't have the authority to quickly respond to cyber threats
'Hack-and-Pier' Phishing on the Rise
News  |  5/21/2008  | 
More and more phishers are hacking legitimate Websites, reports say
Reports Question Vista's Security
Quick Hits  |  5/21/2008  | 
Security vendor PC Tools engages Microsoft in running battle of reports
US-CERT Warns About Phishers Scamming Disaster Donors
News  |  5/20/2008  | 
Since the earthquake in China last week and the cyclone in Myanmar, cyber criminals have been trying to capitalize on the tragedies, officials say.
SQL Injection Attack Helps Hack OS
News  |  5/20/2008  | 
Multi-step hack using SQL injection provides interactive, GUI access to OS
Hospital Security Programs Ailing, Study Says
News  |  5/20/2008  | 
Patient data at risk due to lack of attention to policies, regulations
International Cybercrime Ring Busted
News  |  5/19/2008  | 
Officials from the United States and Romania announced that 38 individuals in the two countries have been charged with computer and credit card fraud.
Public Schools Improve Physical Security, But Cybersecurity Declines
News  |  5/19/2008  | 
CDW-Government's annual School Safety Index found that public schools have improved physical safety, but cybersafety scores dropped by 25% since last year.
Permanent Denial-of-Service Attack Sabotages Hardware
News  |  5/19/2008  | 
Researcher to demonstrate a permanent denial-of-service (PDOS) attack that remotely wipes out hardware via flash firmware updates
Excessive Secrecy Harms National Cyber Defenses, Report Says
News  |  5/16/2008  | 
The Senate Armed Services Committee believes the government's new National Cyber Security Initiative is too secret to have much value as deterrence.
Can You Pass This Privacy Quiz?
News  |  5/16/2008  | 
Most Californians couldn't, according to newly released research
'Treasure Hunt' Leads to Release of Zero-Day Attack
Quick Hits  |  5/16/2008  | 
Researcher unleashes Internet Explorer proof-of-concept attack after holding a contest for readers to find the code on his blog page
Zero-Day Internet Explorer Vulnerability Published
News  |  5/15/2008  | 
The potential exploit relates to the Microsoft Web browser's "Print Table of Links" feature.
Hackers Sniff Their Way Into Data From Restaurant Chain
News  |  5/14/2008  | 
Thieves collected 5,000 credit cards - and hundreds of thousands of dollars - from 11 Dave & Buster's locations
Bots Use SQL Injection Tool in New Web Attack
News  |  5/14/2008  | 
Phishing botnet Asprox uses zombies to infect Websites, recruit more bots
NATO Members Form Cyber Defense Center
Quick Hits  |  5/14/2008  | 
Estonia will serve as headquarters for new effort; US not joining yet
Brute-Force SSH Server Attacks Surge
News  |  5/13/2008  | 
If such an attack succeeds, the attacker may be able to view, copy, or delete important files on the accessed server or execute malicious code.
Microsoft Patch Tuesday: Six Vulnerabilities Fixed In Four Bulletins
News  |  5/13/2008  | 
Researchers warn the buffer-overflow bug affecting the Jet Database Engine is especially critical to fix since there is evidence of hackers already exploiting the vulnerability.
Men Accused Of Hacking Restaurant Credit Card System
News  |  5/13/2008  | 
The U.S. Attorney's office says the men installed packet sniffers to capture credit card data as it flowed through the restaurant chain's computer systems.
Third Wave of Web Attacks Not the Last
Quick Hits  |  5/13/2008  | 
The latest round of SQL injection Website attacks is stealthier - and from multiple regions
New Tests Show Rootkits Still Evade AV
News  |  5/13/2008  | 
AV-Test.org tests rootkit detection and removal on XP, Vista
Check Point Offers Consumers 'New Level' of Security
News  |  5/13/2008  | 
'Browser virtualization' sandboxes OS, constitutes new category of products, firewall giant says
FBI Fears Counterfeit Networking Equipment Could Compromise Security
News  |  5/12/2008  | 
A sensitive agency PowerPoint presentation indicates that the U.S. military purchased counterfeit gear, which could threaten the security of its systems.
Mac Notebook Catches Suspects In Laptop Theft
News  |  5/12/2008  | 
A burglary victim helped police catch suspected thieves by logging on to her Mac remotely and snapping photos with its Webcam.
New Intrusion Tolerance Technology Treats Attacks as Inevitable
News  |  5/12/2008  | 
Sun Microsystems is helping fund new startup dedicated to minimizing - rather than detecting or preventing - attacks
Internet Users Help Nab Accused Child Predator
News  |  5/9/2008  | 
Interpol credits Internet users with helping to identify and locate a suspected child predator, who was arrested in New Jersey.
Hackers Attack Epilepsy Site
Quick Hits  |  5/9/2008  | 
Sick joke adds flashing lights to site, which can provoke seizures
Tech Insight: Finding & Prioritizing Web Application Vulnerabilities
News  |  5/9/2008  | 
Web app flaws are rapidly becoming the most serious threat to your data. Do you know how to identify them - and which ones to fix first?
Hacker's Choice: Top Six Database Attacks
News  |  5/8/2008  | 
It doesn't take a database expert to break into one
Srizbi Botnet Sending Over 60 Billion Spams a Day
Quick Hits  |  5/8/2008  | 
Marshal TRACE team says Srizbi sends more spam than all other botnets combined
Page 1 / 2   >   >>

COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-10-23
A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticat...
PUBLISHED: 2020-10-23
FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
PUBLISHED: 2020-10-23
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.