Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in July 2008
<<   <   Page 2 / 2
National 'Do Not Call' Registry Is Working, FTC Says
News  |  7/10/2008  | 
Commission pats itself on the back, but marketers and consumers are still holding the phone
Trojan Attacks Multimedia Files Stored on Hard Drives
News  |  7/10/2008  | 
Infected audio and video files show no signs of malware, but are lethal when shared with other users
'Blue Screen of Death' Masks Spyware Invasion
Quick Hits  |  7/10/2008  | 
Attack uses fake blue screen of death as cover to inject malware
New App Lets IT Find Porn on Users' PCs
Quick Hits  |  7/10/2008  | 
Thumb drive detector could also be used by police, parents
File Sharing Exposes Supreme Court Justice's Personal Information
News  |  7/9/2008  | 
An employee at an investment firm shared some files using LimeWire and exposed personal data associated with some 2,000 of the firm's clients, including Supreme Court Justice Stephen Breyer.
Security Community Cooperates To Fix 'DNS Poisoning'
News  |  7/9/2008  | 
Armed with knowledge of DNS transaction IDs, an attacker could reroute requests for certain Web sites to Web sites of his or her choosing or hijack e-mail.
Microsoft DNS Security Fix Knocks ZoneAlarm Users Offline
News  |  7/9/2008  | 
The vulnerability is widespread and affects products made by numerous networking and software vendors beyond Microsoft.
Congress Opens Debate on Behavioral Advertising
News  |  7/9/2008  | 
Businesses say tracking users' online behavior is a benefit; privacy advocates say it's a threat
FasTrak Toll Hacked, Exposing Privacy Dangers
News  |  7/9/2008  | 
Researcher finds electronic toll tag vulnerabilities in Black Hat 'Highway to Hell' research
P2P Hack Exposes Info on Top Judge
Quick Hits  |  7/9/2008  | 
Supreme Court justice is among 2,000 investment firm clients whose personal data was exposed via Limewire
Microsoft Patch Tuesday Brings Four Bulletins For Nine Flaws
News  |  7/8/2008  | 
Though a month without "critical" vulnerabilities and a low number of bulletins might suggest there's not much to worry about, researchers say Microsoft is downplaying the potential risks.
Shock Bracelet Considered For Airline Passengers, Border Control
News  |  7/8/2008  | 
The Department of Homeland Security has solicited a proposal from a Canadian security company to develop a stun bracelet.
Google's Gmail Blocks Phishers Sending Forged eBay, PayPal E-Mail
News  |  7/8/2008  | 
The free e-mail service says Gmail users who receive mail from the two heavily phished domains can feel confident that the messages are authentic.
iDefense Revamps Bucks for Bugs Contest
News  |  7/8/2008  | 
Changes aimed at making vulnerability research 'sexy' again, iDefense says
Vendors Issue Massive Simultaneous Patch for Common Internet Flaw
News  |  7/8/2008  | 
Design flaw in DNS protocols could have been used to redirect traffic across the Internet
Over 10M Bots Active Worldwide in Q2
Quick Hits  |  7/8/2008  | 
New report from Commtouch finds US bot count decreases, but Verizon is among the top 10 domains used for hosting zombies
Hackers to Face Off in Black Hat 'Iron Chef' Contest
News  |  7/7/2008  | 
Black hat stars don chefs' hats in hacking challenge
Russians Organizing 'Political Hack Force'
Quick Hits  |  7/7/2008  | 
Lithuanian attacks could be signal of actions to come
IBM Develops Audio Masking Technology To Protect Call Center Recordings
News  |  7/3/2008  | 
Using speech analytics, the technology identifies and masks credit card numbers and other sensitive information in audio recordings.
Privacy-Conscious Consumers Fight Back
Quick Hits  |  7/3/2008  | 
Many consumers are now resisting companies' requests for personal information, Canadian study says
iPhone Smackdown: Security vs. Consumerization
News  |  7/3/2008  | 
It's time to accept the fact that our consumer and business technology worlds are converging
Sony Confirms Pulling PS3 Firmware Update
News  |  7/2/2008  | 
The company released firmware 2.40 Tuesday, and reports of problems started flowing in soon after on the official PlayStation 3 message board.
California Expands Identity Theft Prosecution
News  |  7/2/2008  | 
State law now allows identity thieves to be tried in the victims' jurisdictions, rather than only in the places the crimes occur.
Sony PlayStation Site Hacked With 'Scareware'
News  |  7/2/2008  | 
The site runs a script that pretends to do an online security scan of your computer and presents a bogus warning message that your PC is infected with malware, researchers said.
Laptop Losses Total 12,000 Per Week at US Airports
News  |  7/2/2008  | 
Nearly 70% are never recovered; many go unreported
Insider Threat Doubles; New Program Offers Assessments
News  |  7/2/2008  | 
New data shows rapid growth of insider incidents; researchers launch pilot to assess an organization's insider threat risk
Citibank PIN Hack: Deja Vu
Quick Hits  |  7/2/2008  | 
Hack keeps coming back to haunt banking giant
U.S. Army Seeks Help Watching The Internet
News  |  7/1/2008  | 
The job involves monitoring and analyzing Web pages, blogs, chat rooms, and the like for possible threats to U.S. interests and forces.
PCI Standards Expanded to Include Unattended Devices
News  |  7/1/2008  | 
New specs respond to emerging threats posed at kiosks, ATM devices
New DLP Startup Performs 'DNA Sequencing' of Data
News  |  7/1/2008  | 
nexTier Networks promises more automated, simplified approach to data leak prevention
McAfee's Great Spam Experiment, Unplugged
Quick Hits  |  7/1/2008  | 
Many spam messages sent to participants in the study were phishing emails or contained malware or links to malware-ridden sites
<<   <   Page 2 / 2


For Cybersecurity to Be Proactive, Terrains Must Be Mapped
Craig Harber, Chief Technology Officer at Fidelis Cybersecurity,  10/8/2019
A Realistic Threat Model for the Masses
Lysa Myers, Security Researcher, ESET,  10/9/2019
USB Drive Security Still Lags
Dark Reading Staff 10/9/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-17537
PUBLISHED: 2019-10-13
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&amp;name=../ substring.
CVE-2019-17538
PUBLISHED: 2019-10-13
Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&amp;name=../ substring.
CVE-2019-17535
PUBLISHED: 2019-10-13
Gila CMS through 1.11.4 allows blog-list.php XSS, in both the gila-blog and gila-mag themes, via the search parameter, a related issue to CVE-2019-9647.
CVE-2019-17536
PUBLISHED: 2019-10-13
Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the moveAction function in core/controllers/fm.php. The attacker needs to use admin/media_upload and fm/move.
CVE-2019-17533
PUBLISHED: 2019-10-13
Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.