Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in June 2011
<<   <   Page 2 / 2
Adobe Issues Patch For Flash Player Flaw
News  |  6/6/2011  | 
Bug involves a cross-site scripting vulnerability
LulzSec Hackers Hit Nintendo, FBI Affiliate Websites
News  |  6/6/2011  | 
Sony's developer network source code was also released by the group, which allegedly attempted to extort a security researcher for botnet information.
Adobe Patches Flash Zero Day Attack Bug
News  |  6/6/2011  | 
Adobe Flash player users should beware the newest in a string of attacks using cookie-based authentication credentials. IE and LinkedIn users have been warned of similar risks in the last month.
Tech Insight: Playing 'Capture The Flag' To Hone Your IT, Security Teams' Skills
News  |  6/3/2011  | 
Alternative security training exercises are cheaper and help foster team-building
Skype Protocol Cracked
News  |  6/3/2011  | 
Security researcher publishes reverse engineered source code in the wake of reports that Middle Eastern governments have Skype-eavesdropping tools.
Sony Hacked Again, 1 Million Passwords Exposed
News  |  6/3/2011  | 
Hacker group LulzSec releases 150,000 Sony Pictures records, including usernames and passwords, in latest setback for consumer electronics giant.
Java Vulnerabilities Dominate Malware-Infected PCs: Microsoft
News  |  6/3/2011  | 
Seven of top 10 threats are files containing exploits for Java vulnerabilities, according to findings by a free Microsoft scanning tool
FBI Investigating Gmail Attacks Attributed To China
News  |  6/2/2011  | 
U.S. Secretary of State Hilary Clinton called the phishing campaign "very serious," while Chinese officials say it's unacceptable to blame China.
Verizon Enhances Security Programs For Healthcare Organizations
News  |  6/2/2011  | 
The Verizon Security Management Program-Healthcare online dashboard gets a new module based on the Health Information Trust Alliance Common Security Framework.
Google Says Hundreds Of Gmail Accounts Hijacked
News  |  6/1/2011  | 
An attack from China has affected hundreds of users, including senor U.S. government officials, Chinese political activists, officials in several Asian countries such as South Korea, military personnel, and journalists.
Schwartz On Security: Your Medical Records At Risk
Commentary  |  6/1/2011  | 
The current, voluntary approach to HIPAA data security rules hasn't resulted in adequate security for electronic protected health information.
Google Removes Malware Apps From Android Market
News  |  6/1/2011  | 
Twenty-six applications containing DroidDreamLight were deleted from the Android Market, and Google suspended six developer accounts for hosting apps with the malware.
Honda Data Breach Triggers Lawsuit
News  |  6/1/2011  | 
The class action suit accuses Honda of putting 283,000 customers at risk, in part by waiting two months to inform them of the data exposure.
Microsoft Finds 5% Of PCs Running Malware
News  |  6/1/2011  | 
Java exploits predominate, including some still successfully targeting bugs from 2008.
<<   <   Page 2 / 2


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15570
PUBLISHED: 2020-07-06
The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.
CVE-2020-15569
PUBLISHED: 2020-07-06
PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.
CVE-2020-7690
PUBLISHED: 2020-07-06
It's possible to inject JavaScript code via the html method.
CVE-2020-7691
PUBLISHED: 2020-07-06
It's possible to use &lt;&lt;script&gt;script&gt; in order to go over the filtering regex.
CVE-2020-15562
PUBLISHED: 2020-07-06
An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.