Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in July 2008
Page 1 / 2   >   >>
Most Security Breaches Go Unreported
News  |  7/31/2008  | 
An RSA survey found the e-mail-borne malware and phishing that affected 69% of respondents' companies, may not have led to serious consequences in every instance.
Startup Promises More Accurate Fraud Detection
News  |  7/31/2008  | 
Guardian Analytics's new 'fraud modeling' technology recognizes activity that goes outside user norm
Survey Highlights Telecommuter Troubles
Quick Hits  |  7/31/2008  | 
Telecommuting security, privacy risks often put on the back burner, according to a new survey by Ernst & Young
Phishing Kits Widely Compromised To Steal From Phishers
News  |  7/30/2008  | 
From 21 different distribution sites, the authors of the Usenix Conference paper identified 379 distinct phishing kits, 129 of which contained back doors.
The Real Dirt on Whitelisting
News  |  7/30/2008  | 
The choice for blacklisting versus whitelisting isn't really black and white
Cyber Security for the 44th Presidency Group to Come Out of the Shadows at Black Hat
Quick Hits  |  7/30/2008  | 
A presidential 'playbook' for cyberware is among the issues under discussion by the group
Oracle Issues Alert For WebLogic Plugin Vulnerability
News  |  7/29/2008  | 
The exploit code was released July 17, two days after Oracle issued its second-quarter Critical Patch Update.
Most Malicious Code Launched From Legitimate Web Sites
News  |  7/29/2008  | 
The proliferation of user-generated content on popular Web 2.0 sites has opened the door for hackers to plant malware, says Websense report.
Hacking Without Exploits
News  |  7/29/2008  | 
Black Hat researchers will demonstrate how the bad guys are quietly raking in big bucks without ninja hacking skills, tools, or exploit code
Report: From Bug Disclosure to Exploit in 24 Hours
Quick Hits  |  7/29/2008  | 
New IBM ISS report shows fast and furious nature of Web browser vulnerability finds and attacks
Botnets Behind One Fourth of Click Fraud
Quick Hits  |  7/28/2008  | 
Click Fraud Index reports biggest surge of botnet-generated pay-per-click fraud to date in the second quarter
New Video Surveillance Technology 'Recognizes' Abnormal Activity
News  |  7/28/2008  | 
BRS software can establish 'normal' on-camera activity - and alert security staff when something unusual occurs
When Penetration Testers (Almost) Get Caught
News  |  7/25/2008  | 
Sometimes employees really do learn their physical security lessons
Ad Agency Keeps the Word From Spreading
News  |  7/25/2008  | 
Access control technology helps Arnold Worldwide protect client data, meet compliance requirements
Small & Mid-Sized Enterprises Living in La-La Land, Study Says
Quick Hits  |  7/25/2008  | 
Many smaller firms kid themselves that they're too little to be targets, McAfee study says
'Spam King' Escapes From Prison
News  |  7/24/2008  | 
Eddie Davidson remains at large after walking away from the Colorado prison where he was serving time for his role in spam scams.
San Francisco Computer Tech Set Booby Trap In City Network
News  |  7/24/2008  | 
Prosecutors say Childs set the network to delete numerous files during a scheduled maintenance of the system.
Report: Website Infection Rate Has Tripled Since 2007
Quick Hits  |  7/24/2008  | 
Malicious Web pages now exceed more than 16,000 per day, Sophos says
Details, Exploits of Web-Wide DNS Vulnerability Revealed
News  |  7/24/2008  | 
Kaminsky outlines flaw, says 'we're in serious trouble'; exploit code posted on Metasploit
Apple's iPhone Mail, Safari Apps Vulnerable To Attack
News  |  7/23/2008  | 
Apple's iPhone Mail and Safari apps under the iPhone 1.1.4 and 2.0 firmware are vulnerable to URL spoofing, a security researcher said Wednesday.
S.F. Computer Tech Gives Up Password To City Network
News  |  7/23/2008  | 
Terry Childs has been charged with four felony computer-tampering counts for allegedly locking out system administrators and supervisors from the city's servers.
Red Alert! DNS Flaw Revealed
News  |  7/23/2008  | 
Security researchers warn users to patch immediately, as technical details to exploit a widespread DNS vulnerability were disclosed online.
Researchers Raise Alarm Over New Iteration of Coreflood Botnet
News  |  7/23/2008  | 
Password-stealing Trojan is spreading like a worm - and targeted directly at the enterprise
Web-Wide DNS Vulnerability Leaked
Quick Hits  |  7/23/2008  | 
'Accidental' posting by researchers briefed on the flaw may lead to exploits today
Microsoft Releases Windows Home Server, Power Pack 1
News  |  7/22/2008  | 
The bug can corrupt files, such as applications, music tracks or digital photos, if they're transferred to a Windows Home Server unit equipped with two or more hard drives.
Online Safety, Privacy Tops Parents' Concerns
News  |  7/22/2008  | 
The survey of 1,035 adults, as well as 260 pairs of parents and teens, highlighted how little parents know about their teens' activities online.
Kaminsky to Give More Info on Super-Secret DNS Flaw
Quick Hits  |  7/22/2008  | 
Webinar on Thursday sets stage for comment on Halvar Flake's 'guess' on Web-wide vulnerability
'PhishMe' Tool Lets Businesses Spear-Phish Themselves
News  |  7/22/2008  | 
Web-based service generates self-inflicted targeted attacks to enlighten users, assess risk
Phish Your Colleagues With PhishMe
News  |  7/21/2008  | 
The software lets IT departments identify the most gullible message recipients so that they can be made to understand the error of their ways.
Bank Back On Hook For Data Theft At BJ's Wholesale
News  |  7/21/2008  | 
An appeals court reversed a lower court ruling absolving Fifth Third Bancorp from paying damages associated with replacing credit cards.
Report: Vulnerabilities Abound in Open-Source Environments
News  |  7/21/2008  | 
Enterprises should take care in adopting open-source technology, Fortify study says
President of Georgia's Site Under Attack
Quick Hits  |  7/21/2008  | 
Former Soviet republic could follow Estonia and Lithuania as the next target of Russian cyber attacks
RIM Fixes BlackBerry Enterprise Server Vulnerability
News  |  7/18/2008  | 
The flaw could let malicious PDFs cause problems with the BlackBerry Enterprise Server.
Suspect In Hijacking Of San Francisco Computer Network 'Willing To Cooperate'
News  |  7/18/2008  | 
The lawyer for Terry Childs, who has pleaded not guilty, said his client is willing to hand over the password to the city's computer network.
Researcher Offers Malware Analysis Tool
News  |  7/18/2008  | 
Proof-of-concept tool is more difficult for hackers to detect and evade than current malware analyzers
SF Net Hijacker Gives Up Passwords
Quick Hits  |  7/18/2008  | 
Former IT administrator says he's ready to give the keys back to the city
Microsoft Office Security Team Enlists Bots, Pen Tests
News  |  7/17/2008  | 
Office security gurus Tom Gallagher and David LeBlanc talk fuzzing, in-house hacking, Clippy, and why they'll miss XP (or not)
Report: Web-Borne Malware Up 278% This Year
Quick Hits  |  7/17/2008  | 
SQL injection attacks dominate first half of '08, and cross-site scripting (XSS) doesn't even make the list
Firefox 2 And 3 Get Security Fixes
News  |  7/16/2008  | 
One vulnerability could be used to execute remote code on a Firefox 2 user's machine and is considered critical.
San Francisco Computer System Hijacker Has Criminal Record
News  |  7/16/2008  | 
The computer engineer remains in jail, refusing to divulge the password he created to lock up the city government's computer system.
Report: Outsider Attacks Down, Insider Attacks Up
Quick Hits  |  7/16/2008  | 
Annual CA security report indicates fundamental shift in the nature of enterprise threats
Vulnerabilities Could Expose Broad Range of Java Apps
News  |  7/16/2008  | 
Newly discovered flaws in open-source framework could allow attackers to alter data or hijack Web applications
Jailed City Worker Allegedly Hijacks San Francisco's Computer System
News  |  7/15/2008  | 
The computer network administrator has been charged with computer tampering for allegedly creating a password that gave him exclusive access to the city's new wide area network.
Cybercrime, Cosa Nostra-Style
News  |  7/15/2008  | 
Finjan report paints insider picture of today's cybercrime organization
New Tool Provides 'Virtual' Database Patches
Quick Hits  |  7/15/2008  | 
Software buys database administrators time between vulnerability disclosure and patching
Google Search Security Mistaken For Censorship
News  |  7/14/2008  | 
By warning users of a hack on a net neutrality opponent's Web site, Google was accused of trying to silence critics of a policy it supports.
Europe Grants First Privacy Certification
News  |  7/14/2008  | 
EuroPriSe seal tells Web surfers that sites won't break rules regarding the use and storage of personal data or online behavior
Academic Portal Platform Fails Penetration Test
News  |  7/14/2008  | 
Researchers find vulnerabilities in popular open-source Moodle software that can lead to stolen tests, altered grades, or complete site takeover
Major Spanish Security Vendor Comes to America
News  |  7/11/2008  | 
Optenet's content security gateway to go up against Fortinet, Juniper, Websense, others
Texas Bank Dumps Antivirus for Whitelisting
News  |  7/11/2008  | 
Tired of AV and malware, First National Bank of Bosque County adopts application whitelisting instead
Page 1 / 2   >   >>


AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at Zscaler,  9/10/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-4147
PUBLISHED: 2019-09-16
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 158413.
CVE-2019-5481
PUBLISHED: 2019-09-16
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
CVE-2019-5482
PUBLISHED: 2019-09-16
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
CVE-2019-15741
PUBLISHED: 2019-09-16
An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsafe interaction with logrotate could result in a privilege escalation
CVE-2019-16370
PUBLISHED: 2019-09-16
The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.