Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in July 2008
<<   <   Page 2 / 2
National 'Do Not Call' Registry Is Working, FTC Says
News  |  7/10/2008  | 
Commission pats itself on the back, but marketers and consumers are still holding the phone
Trojan Attacks Multimedia Files Stored on Hard Drives
News  |  7/10/2008  | 
Infected audio and video files show no signs of malware, but are lethal when shared with other users
'Blue Screen of Death' Masks Spyware Invasion
Quick Hits  |  7/10/2008  | 
Attack uses fake blue screen of death as cover to inject malware
New App Lets IT Find Porn on Users' PCs
Quick Hits  |  7/10/2008  | 
Thumb drive detector could also be used by police, parents
File Sharing Exposes Supreme Court Justice's Personal Information
News  |  7/9/2008  | 
An employee at an investment firm shared some files using LimeWire and exposed personal data associated with some 2,000 of the firm's clients, including Supreme Court Justice Stephen Breyer.
Security Community Cooperates To Fix 'DNS Poisoning'
News  |  7/9/2008  | 
Armed with knowledge of DNS transaction IDs, an attacker could reroute requests for certain Web sites to Web sites of his or her choosing or hijack e-mail.
Microsoft DNS Security Fix Knocks ZoneAlarm Users Offline
News  |  7/9/2008  | 
The vulnerability is widespread and affects products made by numerous networking and software vendors beyond Microsoft.
Congress Opens Debate on Behavioral Advertising
News  |  7/9/2008  | 
Businesses say tracking users' online behavior is a benefit; privacy advocates say it's a threat
FasTrak Toll Hacked, Exposing Privacy Dangers
News  |  7/9/2008  | 
Researcher finds electronic toll tag vulnerabilities in Black Hat 'Highway to Hell' research
P2P Hack Exposes Info on Top Judge
Quick Hits  |  7/9/2008  | 
Supreme Court justice is among 2,000 investment firm clients whose personal data was exposed via Limewire
Microsoft Patch Tuesday Brings Four Bulletins For Nine Flaws
News  |  7/8/2008  | 
Though a month without "critical" vulnerabilities and a low number of bulletins might suggest there's not much to worry about, researchers say Microsoft is downplaying the potential risks.
Shock Bracelet Considered For Airline Passengers, Border Control
News  |  7/8/2008  | 
The Department of Homeland Security has solicited a proposal from a Canadian security company to develop a stun bracelet.
Google's Gmail Blocks Phishers Sending Forged eBay, PayPal E-Mail
News  |  7/8/2008  | 
The free e-mail service says Gmail users who receive mail from the two heavily phished domains can feel confident that the messages are authentic.
iDefense Revamps Bucks for Bugs Contest
News  |  7/8/2008  | 
Changes aimed at making vulnerability research 'sexy' again, iDefense says
Vendors Issue Massive Simultaneous Patch for Common Internet Flaw
News  |  7/8/2008  | 
Design flaw in DNS protocols could have been used to redirect traffic across the Internet
Over 10M Bots Active Worldwide in Q2
Quick Hits  |  7/8/2008  | 
New report from Commtouch finds US bot count decreases, but Verizon is among the top 10 domains used for hosting zombies
Hackers to Face Off in Black Hat 'Iron Chef' Contest
News  |  7/7/2008  | 
Black hat stars don chefs' hats in hacking challenge
Russians Organizing 'Political Hack Force'
Quick Hits  |  7/7/2008  | 
Lithuanian attacks could be signal of actions to come
IBM Develops Audio Masking Technology To Protect Call Center Recordings
News  |  7/3/2008  | 
Using speech analytics, the technology identifies and masks credit card numbers and other sensitive information in audio recordings.
Privacy-Conscious Consumers Fight Back
Quick Hits  |  7/3/2008  | 
Many consumers are now resisting companies' requests for personal information, Canadian study says
iPhone Smackdown: Security vs. Consumerization
News  |  7/3/2008  | 
It's time to accept the fact that our consumer and business technology worlds are converging
Sony Confirms Pulling PS3 Firmware Update
News  |  7/2/2008  | 
The company released firmware 2.40 Tuesday, and reports of problems started flowing in soon after on the official PlayStation 3 message board.
California Expands Identity Theft Prosecution
News  |  7/2/2008  | 
State law now allows identity thieves to be tried in the victims' jurisdictions, rather than only in the places the crimes occur.
Sony PlayStation Site Hacked With 'Scareware'
News  |  7/2/2008  | 
The site runs a script that pretends to do an online security scan of your computer and presents a bogus warning message that your PC is infected with malware, researchers said.
Laptop Losses Total 12,000 Per Week at US Airports
News  |  7/2/2008  | 
Nearly 70% are never recovered; many go unreported
Insider Threat Doubles; New Program Offers Assessments
News  |  7/2/2008  | 
New data shows rapid growth of insider incidents; researchers launch pilot to assess an organization's insider threat risk
Citibank PIN Hack: Deja Vu
Quick Hits  |  7/2/2008  | 
Hack keeps coming back to haunt banking giant
U.S. Army Seeks Help Watching The Internet
News  |  7/1/2008  | 
The job involves monitoring and analyzing Web pages, blogs, chat rooms, and the like for possible threats to U.S. interests and forces.
PCI Standards Expanded to Include Unattended Devices
News  |  7/1/2008  | 
New specs respond to emerging threats posed at kiosks, ATM devices
New DLP Startup Performs 'DNA Sequencing' of Data
News  |  7/1/2008  | 
nexTier Networks promises more automated, simplified approach to data leak prevention
McAfee's Great Spam Experiment, Unplugged
Quick Hits  |  7/1/2008  | 
Many spam messages sent to participants in the study were phishing emails or contained malware or links to malware-ridden sites
<<   <   Page 2 / 2


Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19642
PUBLISHED: 2019-12-08
On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareNa...
CVE-2019-19637
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c.
CVE-2019-19638
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.
CVE-2019-19635
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function sixel_decode_raw_impl at fromsixel.c.
CVE-2019-19636
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c.