Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in June 2009
Zeus Trojan Variant Steals FTP Login Details
News  |  6/30/2009  | 
A new variant of the particularly malicious Zeus family of Trojans has surfaced and is compromising computers at an alarming rate.
China Delays 'Green Dam' Mandate
News  |  6/30/2009  | 
China has pushed back its deadline requiring all PCs sold in the country to include Web filtering software known as Green Dam. No new deadline has been set.
Sony Begins Shipping PCs With Green Dam Filter
News  |  6/29/2009  | 
Company beats Chinese government's July 1 deadline, but Sony disclaims responsibility for any damage caused by the Web filtering software.
Most PC Users Have A Dozen Dangerous Apps
News  |  6/26/2009  | 
The average PC user has a dozen unpatched applications installed.
Booming Underground Economy Makes Spam A Hot Commodity, Expert Says
News  |  6/25/2009  | 
$10 might be enough to reach 1 million users, MessageLabs researcher warns
Defense Secretary Orders Cyberspace Command
News  |  6/23/2009  | 
Initiative aims to unify offense and defense in cyberspace under U.S. military command and enable responses "in Internet time rather than bureaucratic time."
Microsoft Security Essentials Beta Now Available
News  |  6/23/2009  | 
Once known as "Morro," Microsoft Security Essentials is the anti-malware component of Microsoft's subscription security service, Windows Live OneCare.
Maltego: Going On The Offensive *And* Defensive To Defend Against Social Networks
Commentary  |  6/22/2009  | 
You know the military's ol' mantra about "loose lips sink ships"? Well, it's being redefined by sites like Twitter, Flickr, and Facebook, according to a great article from Federal Computer Week that discusses the threats social networks pose to operational security.
Parking Meters: The Next Big Hack?
Quick Hits  |  6/22/2009  | 
Security researcher prepares to outline vulnerabilities at upcoming Black Hat conference
Data Leakage Through Nontraditional Networks
Commentary  |  6/19/2009  | 
Securing our company's data is our job. We build up layers of defense to protect it when it is housed within our corporate network and corporate computer systems. Firewalls, VPNs, encryption, and data leakage prevention all help in some way to protect the data that we don't want anyone else to have. Sometimes, however, we are stuck in the situation where we don't control the network or systems that portions of our data ends up on.
Relaunched Google Search Service Fingers Malware-Spreading Advertisers
News  |  6/19/2009  | 
'Anti-Malvertising' lets Website owners perform background checks on potential online advertisers
Microsoft Security Essentials Beta Coming Tuesday
News  |  6/18/2009  | 
Previously code-named "Morro," the free software will replace Windows Live OneCare, which included both security and utility services for $49.95 per year.
Microsoft To Launch Free Antivirus Product Next Week
News  |  6/18/2009  | 
Public beta of the much-anticipated 'Morro' tool debuts June 23, replacing OneCare Live for consumers
Database Servers: Candy For Hackers
News  |  6/18/2009  | 
Sensitive information and poor security administration make tempting targets.
1 In 5 Companies Cutting IT Security Spending, Our Survey Finds
News  |  6/18/2009  | 
Budget woes, increased regulation, and new challenges for sensitive data are on the menu for risk managers.
The Biggest Threat? It May Be You
News  |  6/18/2009  | 
When it comes to virtual server security, you might just be the weak link. Or, more precisely, your lack of planning, maintenance, and governance of that VM server farm.
China Making Green Dam Internet Filter Optional
News  |  6/16/2009  | 
The government's edict prompted widespread derision from Chinese bloggers, objections from Chinese academics and lawyers, and criticism from security experts.
Former Google Employees Launch Web Malware Startup
News  |  6/15/2009  | 
The company will address changing malware distribution patterns and to provide a way to respond to Web security threats using automated techniques.
Twitter Security Heating Up In July
News  |  6/15/2009  | 
In an effort to raise awareness of browser security flaws, one researcher wants to post a vulnerability every day that shows the soft underside of the Fail Whale.
China's Green Dam Software May Pose Legal Risk To U.S. Computer Makers
News  |  6/15/2009  | 
A research report indicates that the Web-filtering software mandated by the Chinese government contains unauthorized, proprietary code from a Green Dam competitor.
China 'Green Dam' Censorware Called Security Risk
News  |  6/12/2009  | 
Chinese authorities claim the software is necessary to protect people from pornography, but the software has been found to block politically sensitive terms.
Mac Users Warned Of Porn Malware Threat
News  |  6/11/2009  | 
Trojan software presents visitors to certain porn sites with a pop-up message to download a Video ActiveX Object; the download carries Mac malware.
Microsoft To Launch Morro Antivirus 'Soon'
News  |  6/11/2009  | 
The free offering will replace subscription Windows Live OneCare service.
Rollout: How Much Is Bot Detection Worth To You?
News  |  6/11/2009  | 
Damballa's appliance shows promise, but it still has a lot of ground to cover.
Researcher: Popular Internal IP Addressing Scheme Could Leave Enterprises Vulnerable
News  |  6/9/2009  | 
Flaws in RFC 1918 could be exploited to gain access to enterprise networks, says Robert "RSnake" Hansen
Black Hat Founder Tapped To Advise Homeland Security
News  |  6/8/2009  | 
Jeff Moss, founder of the Black Hat and Defcon security conferences, is one of 16 people appointed to the Department of Homeland Security Advisory Council, as the government casts a wide net for perspectives on cybersecurity.
Alleged T-Mobile Data Offered To Highest Bidder
News  |  6/8/2009  | 
A note offering the data for sale says that the company's databases, confidential documents, and financial documents were stolen.
RIM Issues Patch For BlackBerry Vulnerability
News  |  6/4/2009  | 
Enterprise BlackBerry smartphone users could be at risk if they open a maliciously crafted PDF, Research In Motion says.
Wisconsin-Based Healthcare Provider Chooses Symantec Solution For HIPAA Compliance
News  |  6/4/2009  | 
Aspirus implements Symantec backup and recovery, endpoint managemen,t and endpoint security software products
Report: Cybercrime Riches Are Hard To Come By
News  |  6/3/2009  | 
Researchers from Microsoft say stolen goods offered for sale in IRC channels are tough to monetize, and industry estimates of underground profits are "exaggerated"


Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: How do you like our new spear phishing email solution?
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprise
Assessing Cybersecurity Risk in Today's Enterprise
Security leaders are struggling to understand their organizations risk exposure. While many are confident in their security strategies and processes, theyre also more concerned than ever about getting breached. Download this report today and get insights on how today's enterprises assess and perceive the risks they face in 2019!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18881
PUBLISHED: 2019-11-12
WSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in the dashboard user profile.
CVE-2019-18882
PUBLISHED: 2019-11-12
WSO2 IS as Key Manager 5.7.0 allows stored XSS in download-userinfo.jag because Content-Type is mishandled.
CVE-2019-18873
PUBLISHED: 2019-11-12
FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the pa...
CVE-2019-18874
PUBLISHED: 2019-11-12
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
CVE-2019-18862
PUBLISHED: 2019-11-11
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.