Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in June 2008
Page 1 / 2   >   >>
Microsoft Internet Explorer Vulnerability Warning Issued
News  |  6/30/2008  | 
The flaw focuses on IE's inline frames, often used for serving ads, which typically come from a different domain than content that appears on the same Web page.
How to Control Spam Infiltration in the Enterprise
Quick Hits  |  6/27/2008  | 
New report from Forrester outlines the latest anti-spam best practices for businesses
ISPs Join Hands to Battle Botnet-Driven Spam
Quick Hits  |  6/26/2008  | 
Messaging Anti-Abuse Working Group (MAAWG) maps out best practices for nailing spam without accidentally blocking legitimate email
Another Security Threat Aimed At Macs Found On The Web
News  |  6/25/2008  | 
Security vendor Intego said the latest malware masquerading as a program for Mac OS X is called "PokerGame."
Startup Promises to Slow Software Tampering
News  |  6/25/2008  | 
Metaforic says its anti-hacking tools aren't invulnerable, but definitely will make software exploits less fun
Sybase Adds To Mobile Security Line
News  |  6/24/2008  | 
Sybase iAnywhere has expanded its mobile security portfolio to include handheld antivirus and firewall capabilities.
Malicious Spam Traffic Triples in One Week
News  |  6/24/2008  | 
Sudden massive bot recruitment campaign by Srizbi botnet drives malicious spam up 9.9%, according to researchers at Marshal
Report: China Hosts Most Malware-Infected Sites
News  |  6/24/2008  | 
StopBadware.org report shines new light on where the world's malware-ridden sites reside
DNS Alerts-as-a-Service
Quick Hits  |  6/24/2008  | 
New DNS alert service lets organizations customize, control notification of DNS problems and vulnerabilities
New Web Threats Imperil OS, Other Apps
News  |  6/23/2008  | 
IBM researchers release proof of concept for new cross-environment hopping (CEH) attack methods
Microsoft Reissues Critical Security Fix For Windows XP
News  |  6/20/2008  | 
The original patch worked on Windows Vista, but failed to accomplish its task in Windows XP SP2 and SP3, the Microsoft Security Response Center said.
Apple Fixes Security Flaw In Windows Version Of Safari
News  |  6/20/2008  | 
The patch changes Safari so it will first seek permission from a user before downloading an application from a Web site to the desktop.
Filling Out Forms: Still a Dangerous Game
News  |  6/20/2008  | 
Despite upgrades and fixes, most browsers are still vulnerable to attacks via Web forms, researcher says
Tech Insight: Finding Security-Sensitive Data - on a Shoestring Budget
News  |  6/20/2008  | 
Thanks to open-source tools, discovering the heart of your data doesn't always mean paying an arm and a leg
New Worm Spawns More Than 8M Spam Messages
Quick Hits  |  6/20/2008  | 
Fake news come-ons lead to infected porn site
Fraud-Fighting Community Launches in US
News  |  6/19/2008  | 
Subscribers share information about fraudulent online transactions in online service
New Crimeware Kit Converts Trojan to a Worm
Quick Hits  |  6/19/2008  | 
Easy-to-execute and spread, worm-borne Trojan attacks could camouflage more sinister targeted hacks
ID Protection Startup Prepares Commercial Push
News  |  6/19/2008  | 
After completing identity theft study and numerous breach response engagements, Debix says it's good to go
Stolen Healthcare, Airline Credentials Found on Servers
News  |  6/18/2008  | 
Researchers at Finjan say cybercriminals are looking beyond stolen credit card accounts
GAO: There Ought to Be a Law
Quick Hits  |  6/18/2008  | 
Government's ability to extract and manipulate personal data is too broad, watchdog agency says
Could a Smartphone Solve the Notebook Security Problem?
News  |  6/18/2008  | 
Maybe instead of looking at them as a new problem, we should consider smartphones as a potential security solution
Encryption: DLP's Newest Ingredient
News  |  6/17/2008  | 
Major vendors increasingly add encryption offerings to their data loss prevention packages
New DNS Trojan Hacks Home Routers
News  |  6/17/2008  | 
Researchers discover new variant of DNSChanger that changes DNS settings in home routers
How Online Fraud Is (& Isn't) Changing Consumer, Retailer Behavior
Quick Hits  |  6/17/2008  | 
New Gartner research shows that few consumers are willing to pay for additional online security - and few retailers actually disclose breaches
High-Profile Hackers Get Their Days in Court
News  |  6/16/2008  | 
And in two cases, that day is followed by a whole bunch of days in the hoosegow
Study: IT Security Isn't as Good as It Thinks
Quick Hits  |  6/16/2008  | 
Many IT and security groups overlook key vulnerabilities, CDW study says
Finjan Finds Health And Business Data Being Auctioned Online
News  |  6/13/2008  | 
More than 500 megabytes of valuable data are being offered to the highest bidder on crimeware servers in Argentina and Malaysia, says security firm Finjan.
TD Ameritrade Settlement Hits Snag
Quick Hits  |  6/13/2008  | 
Court delays decision on class action case after plaintiff goes maverick
Email Surveillance Switch Pays Off at Brokerage
News  |  6/13/2008  | 
Frustrated by high rate of false positives, Scott and Stringfellow moves to Orchestria
Network Engineer Gets Five Years For Destroying Former Employer's Data
News  |  6/12/2008  | 
The sentence is one of the longest imposed to date in the United States for computer hacking, federal officials said.
IT Execs: Our Breaches Are None of Your Business
Quick Hits  |  6/12/2008  | 
More than 60% don't even want to tell the cops, much less the public
Verizon Study Links External Hacks to Internal Mistakes
News  |  6/12/2008  | 
Most breaches come from outside the company, but they are often triggered by unfound errors on the inside
U.S. Rep. Wolf Says Chinese Hackers Targeted Him For Criticizing China
News  |  6/11/2008  | 
The legislator says four computers in his office had been compromised and that computers used by other members of Congress and by the House Foreign Affairs Committee had also been hacked.
Cybercrime Outranks Other Crimes on Europeans' Worry List
Quick Hits  |  6/11/2008  | 
Almost half of German PC users believe they will eventually fall victim
Researchers Link Storm Botnet to Illegal Pharmaceutical Sales
News  |  6/11/2008  | 
Prescription drug spammers are bankrolling botnet's growth, IronPort study says
Data Breaches Made Possible By Incompetence, Carelessness
News  |  6/10/2008  | 
Still, installing software patches as soon as they're made available will significantly reduce the chance of a data breach, according to a Verizon Business Security survey.
Microsoft Patch Tuesday Brings Seven Fixes
News  |  6/10/2008  | 
The DirectX and IE vulnerabilities are noteworthy because they could be exploited using proven methods of social engineering, security researchers point out.
American Airlines Warns of Phishing Scheme
Quick Hits  |  6/10/2008  | 
If you get a message from the airline promising $50 to answer a survey, don't answer it
Major Security Vendors' Sites Could Be Launchpads for Phishing Attacks
News  |  6/10/2008  | 
McAfee, Symantec, and VeriSign sites all found to contain cross-site scripting flaws
Microsoft Plans Seven Security Fixes Next Week
News  |  6/6/2008  | 
The "important" flaws affect Windows Internet Name Service, Active Directory, and Pragmatic General Multicast.
New Virus Lets Attackers Hold Data for Ransom
Quick Hits  |  6/6/2008  | 
Gpcode variant encrypts many file types with strong key; attackers ask for a bounty to decrypt
Tech Insight: Securing Wireless Communications
News  |  6/6/2008  | 
Wireless security often means protecting users from themselves
Google Warns Against Weak Passwords
News  |  6/5/2008  | 
A Google engineer's blog post offers tips on protecting personal online records and information with strong passwords.
A New Spin on Adaptive Security
News  |  6/5/2008  | 
Gartner's next-generation security model has its roots in other efforts
Report: Worldwide Spam Hits Highest Rate in 15 Months
Quick Hits  |  6/5/2008  | 
Spammers shift from email attachments to exploiting free hosted services, according to new MessageLabs research
McAfee Names The Most Dangerous Domains
News  |  6/4/2008  | 
The top five domains ranked in terms of the prevalence of dangerous downloads are .info; .ro; .ws; .biz; and .cn.
Yahoo Widget Unlocks Private Paris Hilton, Lindsay Lohan MySpace Photos
News  |  6/4/2008  | 
The photos surfaced after a security researcher discovered that a MySpace widget in Yahoo's Widget Galley could be used to bypass MySpace privacy controls.
Adware Pops to Top of May Threat List
Quick Hits  |  6/4/2008  | 
Trojan.Clicker.CM lets attackers bypass Norton popup blocker
Metasploit Hacking Tool Site Hacked But Not 'Owned'
News  |  6/4/2008  | 
Man-in-the middle attack redirects visitors to hacker's page
Gartner Details Real-Time 'Adaptive' Security Infrastructure
News  |  6/3/2008  | 
Future security model addresses arrival of multiple perimeters, mobile users
Page 1 / 2   >   >>


US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He's too shy to invite me out face to face!"
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-9405
PUBLISHED: 2019-09-20
The wp-piwik plugin before 1.0.5 for WordPress has XSS.
CVE-2015-9407
PUBLISHED: 2019-09-20
The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS.
CVE-2015-9408
PUBLISHED: 2019-09-20
The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options-general.php CSRF with resultant XSS.
CVE-2019-16533
PUBLISHED: 2019-09-20
On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product.
CVE-2019-16534
PUBLISHED: 2019-09-20
On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product.