Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in May 2011
Page 1 / 2   >   >>
'APT' Among Top Three Security Worries In 2011
Quick Hits  |  5/31/2011  | 
nCircle survey finds wider understanding of risks, less financial support for security projects
A Tale Of Two Hacks
Commentary  |  5/31/2011  | 
The similarities and differences in the Lockheed and RSA attacks
DOD Says Cyber Attacks May Mean War
News  |  5/31/2011  | 
The Pentagon's forthcoming cyber strategy will formalize the possibility of a physical response to a virtual attack, according to published reports.
Product Watch: New Service Aims To Improved Botnet Detection Among Service Providers
News  |  5/27/2011  | 
Damballa CSP 1.6 automates subscriber notification and remediation of botnet infections
35 Million Google Profiles Captured In Database
News  |  5/27/2011  | 
A security researcher was able to collect information from Google Profiles and save millions of files in a SQL database in about a month.
DNS Filtering Legislation Would Derail DNSSEC, Experts Contend
News  |  5/26/2011  | 
Senate bill that aims to protect copyright infringement online could backfire security-wise, according to a who's who of Internet infrastructure and security experts
DHS Advances Einstein Cybersecurity Deployment
News  |  5/26/2011  | 
The Department of Homeland Security plans to hire IT experts who can support Einstein and other security technologies.
Cookiejacking Attack Steals Website Access Credentials
News  |  5/26/2011  | 
All Internet Explorer users on all versions of Windows are at risk from zero-day attack that can steal any website cookie, allowing an attacker to impersonate their victim.
Google Fixes Authentication Flaw
News  |  5/26/2011  | 
Vulnerability leaves Android smartphones open to sidejacking
Freebie Black Hole Exploit Kit Limited By Encoding
News  |  5/25/2011  | 
Obfuscated and encoded code prevents easy customization and creation of new versions
Apple Promises MacDefender Fix
News  |  5/25/2011  | 
The impact of rogue security software attacks like MacDefender has prompted Apple to issue advice about the malware and to commit to issuing a software fix.
Attackers Step Away From Mainstream, Target Lesser-Known Apps
News  |  5/25/2011  | 
Attackers Step Away From Mainstream, Target Lesser-Known Apps.
Scareware Is Evolving
Commentary  |  5/24/2011  | 
That's right -- scareware is still proving an effective way for threat actors to make quick cash on the Internet
Siemens To Issue Patches For SCADA Products 'In Next Few Weeks'
News  |  5/24/2011  | 
Says attacks would only affect plants without IT security systems
Researcher Challenges Siemens' Public Reaction To New SCADA Flaws
News  |  5/24/2011  | 
Initial solution suggested by Siemens to remedy the critical vulnerabilities failed.
Audio Captchas Easy To Defeat
News  |  5/24/2011  | 
Security researchers have designed automated software that regularly defeats most audio challenge-and-response systems on websites.
LinkedIn Faces Cookie Vulnerabilities
News  |  5/24/2011  | 
The social networking site is set to reduce the length of time before cookies expire and add HTTPS across its site.
Qakbot Malware Infections Spike
News  |  5/23/2011  | 
Worm that targets financial information infected 1,500 Massachusetts state PCs, potentially exposing 250,000 residents' personal details.
Researcher Challenges Siemens' Public Reaction To New SCADA Flaws
News  |  5/23/2011  | 
Initial solution suggested by Siemens to remedy the critical vulnerabilities failed
Sony Data Breach Cleanup To Cost $171 Million
News  |  5/23/2011  | 
If identify theft or credit card fraud takes place, the company said its actual costs could rise substantially.
Hacker Exposes NASA Security Hole
News  |  5/20/2011  | 
A Goddard Space Flight Center FTP server was breached by a Romanian whitehat hacker known as TinKode, who cracked a European Space Agency network a month ago.
Researchers Decide Not To Give SCADA Vulnerability Talk
News  |  5/19/2011  | 
Last-minute change in plans spurred by Siemens, government officials
Microsoft Claims IE9 Stops Most Social Engineering Threats
News  |  5/18/2011  | 
Application reputation feature in the browser blocks more than 20 million malware infections per month by white-listing applications from approved publishers, the software maker says.
Schwartz On Security: Developers Battle Piracy Channels
Commentary  |  5/18/2011  | 
Business Software Alliance report finds widespread software piracy, but experts say market pressures are to blame.
Cybercriminals Target Online Banking Culture In Latin America
News  |  5/17/2011  | 
Botnets and malware creation are on the rise in the region, which also could host first big wave of smartphone malware writers
Reduce Your Android Security Risks
Commentary  |  5/17/2011  | 
Threats against Google's mobile platform have increased 400% in the last year, but common sense will protect users against many of the attacks.
SMBs At Risk For Financial Fraud
News  |  5/16/2011  | 
Small and midsize businesses are at greater risk than consumers and need to improve identification and response, according to Javelin Strategy & Research.
Success, Failure And The Advanced Threat
Commentary  |  5/16/2011  | 
You can't judge the sophistication of an attack by its success or failure
Sony Strengthens Security, Restores Some PlayStation Services
News  |  5/16/2011  | 
Online services get stronger encryption, more firewalls, and an early detection system to try to prevent future attacks; users are required to update gaming console's firmware and password before going online.
Adobe Adds Flash Privacy Controls
News  |  5/13/2011  | 
Flash Player and Google Chrome get patches against attacks currently seen in the wild.
Microsoft: Cybercrime Falling Into Two Distinct Camps
News  |  5/12/2011  | 
New Microsoft Security Intelligence Report outlines 'marketing campaign' strategies being employed by one group, and related rise in phishing and rogue antivirus software.
Graphics Cards Face Internet-Borne Threats
News  |  5/12/2011  | 
The WebGL 3-D graphics specification implemented in Firefox and Chrome, and included in Safari, is subject to denial of service attacks.
Schwartz On Security: Sony Must Do More
Commentary  |  5/12/2011  | 
Forget free ID theft monitoring. Sony should release its police reports, so that 101 million people can obtain a free credit freeze to proactively battle ID thieves.
McAfee, Intel Launch Cloud Security Platform
News  |  5/12/2011  | 
The security service uses data loss prevention policies to stop leakage of sensitive data via mobile devices, end users, social networks, and private cloud applications.
Microsoft: Cybercrime Falling Into Two Distinct Camps
News  |  5/12/2011  | 
New Microsoft Security Intelligence Report outlines 'marketing campaign' strategies being employed by one group, and related rise in phishing and rogue antivirus software
Java Bot Software Could Signal New Vector For Malware Authors
News  |  5/11/2011  | 
Flexible programming language offers some advantages for cybercriminals, researchers say.
Google, VUPEN Spar Over Chrome Hack
News  |  5/11/2011  | 
If bypass of Chrome's sandbox indeed used a new Flash vulnerability in the browser, then it's both a Flash bug and a Chrome hack, says security researcher Dan Kaminksy
Facebook Patches Access Token Leak
News  |  5/11/2011  | 
Users should change their passwords to mitigate threats posed by the accidental leak of perhaps millions of account identity details.
Microsoft Patches Critical Windows Vulnerability
News  |  5/11/2011  | 
The software maker also tweaked its exploitability index, which predicts the likelihood that vulnerabilities will soon be compromised.
Zeus Trojan's Source Code Leaked In The Wild
Quick Hits  |  5/10/2011  | 
'Open source' Zeus could result in widespread infections
Hackers Subvert Google Chrome Sandbox
News  |  5/10/2011  | 
Vulnerability research firm Vupen said it's found a way to execute arbitrary code in the browser.
DDoS Attacks Evolve And Spread
News  |  5/10/2011  | 
Nearly two-thirds of organizations have been DDoS'ed in the past year--even smaller organizations, new VeriSign report finds.
OpenID Warns Of Serious Bug
News  |  5/9/2011  | 
Facebook, Google, and Yahoo are among the millions of websites that use the single sign-on technology.
Tech Insight: Spear Phishing A Tough Catch
News  |  5/6/2011  | 
But there are technical and training strategies that can help lessen the chances that users will fall for these socially engineered email-based attacks
Disabling Features Make Some Microsoft Bugs Unexploitable
Quick Hits  |  5/5/2011  | 
eEye study finds that disabling two well-known features in Microsoft products would prevent attackers from exploiting 12 percent of vulnerabilities
Sony Brings In Forensic Experts On Data Breaches
News  |  5/5/2011  | 
Data Forte, Guidance Software, and Protiviti will investigate who hacked into Sony's servers and how they cracked the company's defenses.
Bin Laden Death Triggers Cyber Scams
News  |  5/4/2011  | 
Homeland Security warns about rogueware and phishing attacks masquerading as news about the Al Qaeda leader.
Apache Web Server Under Stealth Attack
News  |  5/4/2011  | 
Malicious code uses Apache's own filter capabilities to transform the server module into a malware platform.
Apple Macs Targetted By Crimeware Toolkit
News  |  5/3/2011  | 
The OSX operating system now faces botnet software as well as a fake antivirus campaign launched via Google image searches on Osama Bin Laden.
Sony Reports 24.5 Million More Accounts Hacked
News  |  5/3/2011  | 
After a second breach, the company suspends all Sony Online Entertainment multiplayer games as the number of compromised user accounts exceeds 100 million.
Page 1 / 2   >   >>


US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He's too shy to invite me out face to face!"
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-9405
PUBLISHED: 2019-09-20
The wp-piwik plugin before 1.0.5 for WordPress has XSS.
CVE-2015-9407
PUBLISHED: 2019-09-20
The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS.
CVE-2015-9408
PUBLISHED: 2019-09-20
The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options-general.php CSRF with resultant XSS.
CVE-2019-16533
PUBLISHED: 2019-09-20
On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product.
CVE-2019-16534
PUBLISHED: 2019-09-20
On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product.