Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in June 2011
<<   <   Page 2 / 2
Adobe Issues Patch For Flash Player Flaw
News  |  6/6/2011  | 
Bug involves a cross-site scripting vulnerability
LulzSec Hackers Hit Nintendo, FBI Affiliate Websites
News  |  6/6/2011  | 
Sony's developer network source code was also released by the group, which allegedly attempted to extort a security researcher for botnet information.
Adobe Patches Flash Zero Day Attack Bug
News  |  6/6/2011  | 
Adobe Flash player users should beware the newest in a string of attacks using cookie-based authentication credentials. IE and LinkedIn users have been warned of similar risks in the last month.
Tech Insight: Playing 'Capture The Flag' To Hone Your IT, Security Teams' Skills
News  |  6/3/2011  | 
Alternative security training exercises are cheaper and help foster team-building
Skype Protocol Cracked
News  |  6/3/2011  | 
Security researcher publishes reverse engineered source code in the wake of reports that Middle Eastern governments have Skype-eavesdropping tools.
Sony Hacked Again, 1 Million Passwords Exposed
News  |  6/3/2011  | 
Hacker group LulzSec releases 150,000 Sony Pictures records, including usernames and passwords, in latest setback for consumer electronics giant.
Java Vulnerabilities Dominate Malware-Infected PCs: Microsoft
News  |  6/3/2011  | 
Seven of top 10 threats are files containing exploits for Java vulnerabilities, according to findings by a free Microsoft scanning tool
FBI Investigating Gmail Attacks Attributed To China
News  |  6/2/2011  | 
U.S. Secretary of State Hilary Clinton called the phishing campaign "very serious," while Chinese officials say it's unacceptable to blame China.
Verizon Enhances Security Programs For Healthcare Organizations
News  |  6/2/2011  | 
The Verizon Security Management Program-Healthcare online dashboard gets a new module based on the Health Information Trust Alliance Common Security Framework.
Google Says Hundreds Of Gmail Accounts Hijacked
News  |  6/1/2011  | 
An attack from China has affected hundreds of users, including senor U.S. government officials, Chinese political activists, officials in several Asian countries such as South Korea, military personnel, and journalists.
Schwartz On Security: Your Medical Records At Risk
Commentary  |  6/1/2011  | 
The current, voluntary approach to HIPAA data security rules hasn't resulted in adequate security for electronic protected health information.
Google Removes Malware Apps From Android Market
News  |  6/1/2011  | 
Twenty-six applications containing DroidDreamLight were deleted from the Android Market, and Google suspended six developer accounts for hosting apps with the malware.
Honda Data Breach Triggers Lawsuit
News  |  6/1/2011  | 
The class action suit accuses Honda of putting 283,000 customers at risk, in part by waiting two months to inform them of the data exposure.
Microsoft Finds 5% Of PCs Running Malware
News  |  6/1/2011  | 
Java exploits predominate, including some still successfully targeting bugs from 2008.
<<   <   Page 2 / 2


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-6555
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in ver...
CVE-2016-6556
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This iss...
CVE-2021-40654
PUBLISHED: 2021-09-24
An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page
CVE-2021-40655
PUBLISHED: 2021-09-24
An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page
CVE-2021-41503
PUBLISHED: 2021-09-24
** UNSUPPORTED WHEN ASSIGNED ** DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to acce...