Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in June 2008
Page 1 / 2   >   >>
Microsoft Internet Explorer Vulnerability Warning Issued
News  |  6/30/2008  | 
The flaw focuses on IE's inline frames, often used for serving ads, which typically come from a different domain than content that appears on the same Web page.
How to Control Spam Infiltration in the Enterprise
Quick Hits  |  6/27/2008  | 
New report from Forrester outlines the latest anti-spam best practices for businesses
ISPs Join Hands to Battle Botnet-Driven Spam
Quick Hits  |  6/26/2008  | 
Messaging Anti-Abuse Working Group (MAAWG) maps out best practices for nailing spam without accidentally blocking legitimate email
Another Security Threat Aimed At Macs Found On The Web
News  |  6/25/2008  | 
Security vendor Intego said the latest malware masquerading as a program for Mac OS X is called "PokerGame."
Startup Promises to Slow Software Tampering
News  |  6/25/2008  | 
Metaforic says its anti-hacking tools aren't invulnerable, but definitely will make software exploits less fun
Sybase Adds To Mobile Security Line
News  |  6/24/2008  | 
Sybase iAnywhere has expanded its mobile security portfolio to include handheld antivirus and firewall capabilities.
Malicious Spam Traffic Triples in One Week
News  |  6/24/2008  | 
Sudden massive bot recruitment campaign by Srizbi botnet drives malicious spam up 9.9%, according to researchers at Marshal
Report: China Hosts Most Malware-Infected Sites
News  |  6/24/2008  | 
StopBadware.org report shines new light on where the world's malware-ridden sites reside
DNS Alerts-as-a-Service
Quick Hits  |  6/24/2008  | 
New DNS alert service lets organizations customize, control notification of DNS problems and vulnerabilities
New Web Threats Imperil OS, Other Apps
News  |  6/23/2008  | 
IBM researchers release proof of concept for new cross-environment hopping (CEH) attack methods
Microsoft Reissues Critical Security Fix For Windows XP
News  |  6/20/2008  | 
The original patch worked on Windows Vista, but failed to accomplish its task in Windows XP SP2 and SP3, the Microsoft Security Response Center said.
Apple Fixes Security Flaw In Windows Version Of Safari
News  |  6/20/2008  | 
The patch changes Safari so it will first seek permission from a user before downloading an application from a Web site to the desktop.
Filling Out Forms: Still a Dangerous Game
News  |  6/20/2008  | 
Despite upgrades and fixes, most browsers are still vulnerable to attacks via Web forms, researcher says
Tech Insight: Finding Security-Sensitive Data - on a Shoestring Budget
News  |  6/20/2008  | 
Thanks to open-source tools, discovering the heart of your data doesn't always mean paying an arm and a leg
New Worm Spawns More Than 8M Spam Messages
Quick Hits  |  6/20/2008  | 
Fake news come-ons lead to infected porn site
Fraud-Fighting Community Launches in US
News  |  6/19/2008  | 
Subscribers share information about fraudulent online transactions in online service
New Crimeware Kit Converts Trojan to a Worm
Quick Hits  |  6/19/2008  | 
Easy-to-execute and spread, worm-borne Trojan attacks could camouflage more sinister targeted hacks
ID Protection Startup Prepares Commercial Push
News  |  6/19/2008  | 
After completing identity theft study and numerous breach response engagements, Debix says it's good to go
Stolen Healthcare, Airline Credentials Found on Servers
News  |  6/18/2008  | 
Researchers at Finjan say cybercriminals are looking beyond stolen credit card accounts
GAO: There Ought to Be a Law
Quick Hits  |  6/18/2008  | 
Government's ability to extract and manipulate personal data is too broad, watchdog agency says
Could a Smartphone Solve the Notebook Security Problem?
News  |  6/18/2008  | 
Maybe instead of looking at them as a new problem, we should consider smartphones as a potential security solution
Encryption: DLP's Newest Ingredient
News  |  6/17/2008  | 
Major vendors increasingly add encryption offerings to their data loss prevention packages
New DNS Trojan Hacks Home Routers
News  |  6/17/2008  | 
Researchers discover new variant of DNSChanger that changes DNS settings in home routers
How Online Fraud Is (& Isn't) Changing Consumer, Retailer Behavior
Quick Hits  |  6/17/2008  | 
New Gartner research shows that few consumers are willing to pay for additional online security - and few retailers actually disclose breaches
High-Profile Hackers Get Their Days in Court
News  |  6/16/2008  | 
And in two cases, that day is followed by a whole bunch of days in the hoosegow
Study: IT Security Isn't as Good as It Thinks
Quick Hits  |  6/16/2008  | 
Many IT and security groups overlook key vulnerabilities, CDW study says
Finjan Finds Health And Business Data Being Auctioned Online
News  |  6/13/2008  | 
More than 500 megabytes of valuable data are being offered to the highest bidder on crimeware servers in Argentina and Malaysia, says security firm Finjan.
TD Ameritrade Settlement Hits Snag
Quick Hits  |  6/13/2008  | 
Court delays decision on class action case after plaintiff goes maverick
Email Surveillance Switch Pays Off at Brokerage
News  |  6/13/2008  | 
Frustrated by high rate of false positives, Scott and Stringfellow moves to Orchestria
Network Engineer Gets Five Years For Destroying Former Employer's Data
News  |  6/12/2008  | 
The sentence is one of the longest imposed to date in the United States for computer hacking, federal officials said.
IT Execs: Our Breaches Are None of Your Business
Quick Hits  |  6/12/2008  | 
More than 60% don't even want to tell the cops, much less the public
Verizon Study Links External Hacks to Internal Mistakes
News  |  6/12/2008  | 
Most breaches come from outside the company, but they are often triggered by unfound errors on the inside
U.S. Rep. Wolf Says Chinese Hackers Targeted Him For Criticizing China
News  |  6/11/2008  | 
The legislator says four computers in his office had been compromised and that computers used by other members of Congress and by the House Foreign Affairs Committee had also been hacked.
Cybercrime Outranks Other Crimes on Europeans' Worry List
Quick Hits  |  6/11/2008  | 
Almost half of German PC users believe they will eventually fall victim
Researchers Link Storm Botnet to Illegal Pharmaceutical Sales
News  |  6/11/2008  | 
Prescription drug spammers are bankrolling botnet's growth, IronPort study says
Data Breaches Made Possible By Incompetence, Carelessness
News  |  6/10/2008  | 
Still, installing software patches as soon as they're made available will significantly reduce the chance of a data breach, according to a Verizon Business Security survey.
Microsoft Patch Tuesday Brings Seven Fixes
News  |  6/10/2008  | 
The DirectX and IE vulnerabilities are noteworthy because they could be exploited using proven methods of social engineering, security researchers point out.
American Airlines Warns of Phishing Scheme
Quick Hits  |  6/10/2008  | 
If you get a message from the airline promising $50 to answer a survey, don't answer it
Major Security Vendors' Sites Could Be Launchpads for Phishing Attacks
News  |  6/10/2008  | 
McAfee, Symantec, and VeriSign sites all found to contain cross-site scripting flaws
Microsoft Plans Seven Security Fixes Next Week
News  |  6/6/2008  | 
The "important" flaws affect Windows Internet Name Service, Active Directory, and Pragmatic General Multicast.
New Virus Lets Attackers Hold Data for Ransom
Quick Hits  |  6/6/2008  | 
Gpcode variant encrypts many file types with strong key; attackers ask for a bounty to decrypt
Tech Insight: Securing Wireless Communications
News  |  6/6/2008  | 
Wireless security often means protecting users from themselves
Google Warns Against Weak Passwords
News  |  6/5/2008  | 
A Google engineer's blog post offers tips on protecting personal online records and information with strong passwords.
A New Spin on Adaptive Security
News  |  6/5/2008  | 
Gartner's next-generation security model has its roots in other efforts
Report: Worldwide Spam Hits Highest Rate in 15 Months
Quick Hits  |  6/5/2008  | 
Spammers shift from email attachments to exploiting free hosted services, according to new MessageLabs research
McAfee Names The Most Dangerous Domains
News  |  6/4/2008  | 
The top five domains ranked in terms of the prevalence of dangerous downloads are .info; .ro; .ws; .biz; and .cn.
Yahoo Widget Unlocks Private Paris Hilton, Lindsay Lohan MySpace Photos
News  |  6/4/2008  | 
The photos surfaced after a security researcher discovered that a MySpace widget in Yahoo's Widget Galley could be used to bypass MySpace privacy controls.
Adware Pops to Top of May Threat List
Quick Hits  |  6/4/2008  | 
Trojan.Clicker.CM lets attackers bypass Norton popup blocker
Metasploit Hacking Tool Site Hacked But Not 'Owned'
News  |  6/4/2008  | 
Man-in-the middle attack redirects visitors to hacker's page
Gartner Details Real-Time 'Adaptive' Security Infrastructure
News  |  6/3/2008  | 
Future security model addresses arrival of multiple perimeters, mobile users
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41154
PUBLISHED: 2021-10-18
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions an attacker with read access to a "SVN core" repository could execute arbitrary SQL queries. The following versions contain the fix: Tuleap Community Edition 11.1...
CVE-2021-41155
PUBLISHED: 2021-10-18
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following versions contain the fix...
CVE-2021-41152
PUBLISHED: 2021-10-18
OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere on t...
CVE-2021-41153
PUBLISHED: 2021-10-18
The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. Thi...
CVE-2021-41156
PUBLISHED: 2021-10-18
anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browser_today hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions prior to 1.19.30.5601, it was possible to craft ...