Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in May 2009
Report Identifies The Most Dangerous -- And Safest -- Search Terms
Quick Hits  |  5/29/2009  | 
"Viagra" is surprisingly safe, but "screensaver" is a dangerous search, McAfee report says
Cybersecurity Review Finds U.S. Networks 'Not Secure'
News  |  5/29/2009  | 
The report dovetails with President Obama's call for the creation of a cybersecurity coordinator who will orchestrate and integrate federal cybersecurity policies and agendas.
Microsoft Warns Of 'Browse-And-Get-Owned' DirectX Flaw
News  |  5/28/2009  | 
The flaw could allow a remote attacker to execute malicious code by convincing or duping a user to open a specially crafted QuickTime media file.
Security Experts Raise Alarm Over Insider Threats
News  |  5/26/2009  | 
Economic troubles raising the stakes on potential threats, FIRST members say
Microsoft Issues IIS Security Advisory
News  |  5/19/2009  | 
An exploit of the vulnerability could give an attacker access to a directory that normally requires authentication.
Schools' Cybersecurity Needs Improvement
News  |  5/18/2009  | 
While more than half of surveyed schools reported a breach last year, 75% say their security infrastructure is adequate.
Tech Insight: Keeping Server Virtualization Secure
News  |  5/15/2009  | 
Don't let security worries stop you from virtualizing your servers -- but know the risks and ways to protect your systems and data
'Kramer' Is In The Building
Commentary  |  5/15/2009  | 
My firm, Secure Network Technologies, was recently hired by a large healthcare provider to perform a security assessment. As part of the job, my partner, Bob Clary, posed as an employee, similar to the "Seinfeld" episode in which Kramer shows up and works at a company where he was never actually hired.
DHS Disaster Recovery Plans Lacking, Report Finds
News  |  5/14/2009  | 
Eight of the Department of Homeland Security's 27 critical systems don't have an identified alternate processing site.
Microsoft Patches PowerPoint Flaws, But Not For Mac
News  |  5/12/2009  | 
One of the 14 Patch Tuesday bulletins is rated "critical" and the rest are rated "important." All of them could lead to remote code execution.
Report: Zeus Flips Kill Switch On More Than 100,000 PCs
Quick Hits  |  5/11/2009  | 
Botnet reportedly triggered a little-used capability called "Kill OS," rendering a blue screen on 100,000-plus PCs and making them difficult to reboot
Air Traffic Control System Repeatedly Hacked
News  |  5/7/2009  | 
A security audit finds a total of 763 high-risk, 504 medium-risk, and 2,590 low-risk vulnerabilities, such as weak passwords and unprotected folders.
Mass. Criminal Database Deemed Public Safety Risk
News  |  5/7/2009  | 
The 25-year-old system cannot reconcile arrests with court dispositions or use fingerprints to verify criminal history, state auditor Joe DeNucci finds.
Data Loss Prevention Rolling Review: Safend Safeguards At The Endpoint
News  |  5/7/2009  | 
Low-cost endpoint specialist gets the job done -- most of the time.
Google Chrome Update Scheme Beats Firefox, Safari, Opera
News  |  5/6/2009  | 
By automatically updating the browser every five hours, Google Chrome provides greater security than its competitors, according to a new study.
Viral Art: A Gallery Of Security Threats
News  |  5/5/2009  | 
Visually, online threats such as viruses, worms, and Trojans can be as beautiful as they are menacing to individual PC users, enterprises, and IT security professionals.
McAfee Report: Bot Infections Jump 50 Percent Over Last Year
Quick Hits  |  5/5/2009  | 
Botnets have added nearly 12 million new IP addresses since January, with Conficker malware representing only around 1 percent of all infections
NoScript Developer Apologizes For Meddling With AdBlock
News  |  5/4/2009  | 
His methods caused a furor in the Mozilla community over the weekend because he did not provide clear notification about what his software was doing.
Virginia Health Data Potentially Held Hostage
News  |  5/4/2009  | 
An extortion demand seeks $10 million to return more than 8 million patient records allegedly stolen from Virginia Department of Health Professions.


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVE-2020-12525
PUBLISHED: 2021-01-22
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVE-2020-12511
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.