Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in August 2008
Page 1 / 2   >   >>
Who Infected the International Space Station?
Quick Hits  |  8/29/2008  | 
W32.Gammima.AG found on orbiting network, but nobody's saying how it got there
Bank's Lost Backup Tapes Contained IDs of 12 Million Clients
News  |  8/29/2008  | 
Headcount for Bank of New York Mellon's lost backup tapes rises from 4.2 million to 12 million personal identities
Best Western CIO Scott Gibson On The Data Breach That Wasn't
News  |  8/28/2008  | 
Gibson has been dealing with a small data breach that somehow snowballed into eight million records stolen and tagged as "one of the most audacious cyber-crimes ever."
Report: Email Address Dictates Spam Volume
News  |  8/28/2008  | 
The first letter of your email address is one factor in your spam risk, a researcher says
Feds Shift Gears & Mandate DNSSEC for All Agencies
Quick Hits  |  8/28/2008  | 
US government takes a harder line on securing DNS infrastructure, but DNSSEC still hotly debated
NASA Security Badge Poses Safety Risk
News  |  8/27/2008  | 
The badge's metal clasps, if installed backwards, will become a projectile when the badge is opened creating a potential eye injury hazard.
Virus Found On Computer In Space Station
News  |  8/27/2008  | 
Citing security policies, NASA would not disclose details about how the virus got on a laptop on the International Space Station.
Spammers Use 'Hijacked' Babies To Lure Victims
News  |  8/27/2008  | 
The social engineering campaign includes an attached file, purportedly a photo of the recipient's child, but which is, of course, malware.
The 'Poor Man's Traffic Intercept'
News  |  8/27/2008  | 
A weakness in the Border Gateway Protocol makes the Internet's core infrastructure look about as watertight as a screen door.
Report: Popular Web Attacks Go Stealth
News  |  8/27/2008  | 
Attackers are increasingly using encoding to sneak their SQL injection, cross-site scripting attacks past Web security
Hack Lets Researchers Silently Eavesdrop on IP Networks
Quick Hits  |  8/27/2008  | 
New twist on an old BGP routing vulnerability could change the face of data theft, researchers say
FAA Computer Glitch Causes National Flight Delays
News  |  8/26/2008  | 
The problems began when an Atlanta facility that processes flight plan information went down due to a software malfunction, FAA officials said.
Online Pharmacy Risks Rising, Report Finds
News  |  8/26/2008  | 
Criminals are trying to take advantage of consumer interest in low-cost medicines by offering counterfeit drugs and spamming to drive sales at online pharmacies.
The Seven Deadliest Social Networking Hacks
News  |  8/26/2008  | 
Think you know who your real online friends are? You could be just a few hops away from a cybercriminal in today's social networks
User Buys Millions of Bank Records (& a PC) on eBay
Quick Hits  |  8/26/2008  | 
Used computer reveals sensitive customer data that should have been wiped clean, eBay buyer says
This Year's Data Breaches Surpass 2007 Totals
News  |  8/25/2008  | 
The rising number of reported data breaches in the last eight months may just mean corporate security auditors are better at finding compromised systems, ITRC researchers suggest.
8 Million-Record Data Breach Claim 'Grossly Unsubstantiated,' Says Best Western
News  |  8/25/2008  | 
The hotel chain says that only 13 customer records may have been exposed, not the millions that a Scotland newspaper reported.
Best Western Denies Report of Massive Data Breach
News  |  8/25/2008  | 
Scottish newspaper says flaw exposed personal records of 8M hotel chain customers since 2007; Best Western says report is 'grossly unsubstantiated'
Fedora, Red Hat Servers Compromised
Quick Hits  |  8/25/2008  | 
Popular Linux implementation will require changes in signing keys
Memory Stick With 84,000 Prisoner Records Lost In U.K.
News  |  8/22/2008  | 
U.K. Home Secretary Jacqui Smith blames PA Consulting, a contractor that stored the data on the memory stick in violation of its contract.
Life Insurer Takes New Approach to Two-Factor Authentication
News  |  8/22/2008  | 
Cryptocard technology helps Kansas City Life get the handle on a thorny access problem
ID Theft Ringleader Gets Three Days in Jail
Quick Hits  |  8/22/2008  | 
Man convicted of leading Canada's largest identity theft conspiracy is virtually sentenced to time served
FEMA's Phone System Hacked
News  |  8/21/2008  | 
Someone with unauthorized access placed over 400 calls through FEMA's National Emergency Training Center in Emmitsburg, Md. to several countries in the Middle East.
DNS Flaw Used To Poison Chinese ISP's Server
News  |  8/21/2008  | 
China Netcom subscribers who mistype a Web address are redirected to a page with malicious code.
Is This the End of the Pre-Recorded Telemarketing Call?
News  |  8/21/2008  | 
New FTC rules redefine consumers' privacy rights
Device Shields Implant Patients From 'Body Hacking'
Quick Hits  |  8/21/2008  | 
Cloaking device can prevent pacemakers from remote tampering, hacking
Security Researcher Defends Plan To Release Gmail Hacking Tool
News  |  8/20/2008  | 
The software could affect many SSL-secured Web sites, including Amazon, Facebook, Gmail, addons.mozilla.org, most Drupal sites, and many online merchants and banks.
Judge Lifts Gag Order On Student Subway Hackers
News  |  8/20/2008  | 
Massachusetts Bay Transit Authority had tried to prevent MIT students from discussing security flaws in Boston's transit fare card system.
Rival Botnets Share a Common Bond, Researchers Find
News  |  8/20/2008  | 
But world's biggest botnets Rustock and Srizbi remain autonomous
Linux Users Speculate Over Fedora Outage
Quick Hits  |  8/20/2008  | 
Could the popular Red Hat Linux implementation have been breached? Fedora's architects aren't telling
Princeton Review Security Flaw Outed By Competitor
News  |  8/19/2008  | 
One file reportedly contained information about 34,000 students and another contained names and birth dates of 74,000 students.
Free Spear-Phishing Tool on Tap
News  |  8/19/2008  | 
Open source tool aimed at penetration testers lets them customize phishing attacks on their organizations
Princeton Review Exposes Data on More Than 100,000 Students
News  |  8/19/2008  | 
Website configuration error left data accessible for seven weeks
Online Crime Map 'UCrime' Illustrates Campus Incidents
News  |  8/18/2008  | 
The Baltimore startup provides real-time data about the date, time, location, and type of crime on campuses.
Attacks Continue on Retail Stores, Restaurants
News  |  8/18/2008  | 
Criminals exploit wireless vulnerabilities, social engineering to collect large volumes of customer data
Spear Phishing Attack Unleashes 1.5M Spam Messages
Quick Hits  |  8/18/2008  | 
New Zealand university is exploited after convincing ruse fools four staffers
Hat World Tops Off EVDO Rollout With Security
News  |  8/15/2008  | 
Retailer initially found EVDO security solutions few and far between
LA Street Gangs Add ID Theft to Turf
Quick Hits  |  8/15/2008  | 
California sees surge in 'Crips,' 'Mexican Mafia,' and other gangs going into the identity theft business
New Tool Hacks the Psyche
News  |  8/14/2008  | 
Microsoft Blue Hat summit to feature proof-of-concept for extrapolating a user's emotional state based on his or her online postings
'Surf Jacking' Threatens Secure Browser Sessions
Quick Hits  |  8/14/2008  | 
Researcher launches proof of concept to show vulnerability in HTTPS
Is Wireless Really Worth It?
News  |  8/14/2008  | 
Wireless technology may be convenient, but it also introduces significant hassles - and risks
Startup Of The Week: Zscaler
News  |  8/13/2008  | 
Promising to replace a hodgepodge of security applications and appliances, entrepreneur Jay Chaudhry's new company offers security as a service.
Air Force Suspends 'Cyber Command' Program
News  |  8/13/2008  | 
The delay in the program does not necessarily mean the Cyber Command at Barksdale Air Force Base will not be created, but that could be one option, officials said.
VMware Issues Patch For Hypervisor Bug
News  |  8/13/2008  | 
CEO Paul Maritz apologized to customers and said VMware was determined to get to the bottom of the problem that caused virtual machines to refuse to start.
At Countrywide, One Overlooked PC Led to Loss of 2M Records
News  |  8/13/2008  | 
Insider used the one machine that hadn't been 'fixed' to prevent use of external storage devices
Stolen Wells Fargo Access Codes Threaten 7,000
Quick Hits  |  8/13/2008  | 
Thieves may have used credit reporting system to steal personal data
Amid Controversy, Outed Steroid Sites Still Online
News  |  8/13/2008  | 
Anti-fraud groups, US Internet registrars at odds over takedown of 'roid sites
Microsoft Stages 'Mammoth Patch Tuesday'
News  |  8/12/2008  | 
Counting vulnerabilities rather than bulletins, 17 of 26 are critical, the most since August 2006, according to Symantec researchers.
Researcher Wants To Charge Nokia, Sun For Phone Vulnerability
News  |  8/12/2008  | 
Polish researcher Adam Gowdiak said he's discovered 14 security issues with J2ME on Nokia handsets, but he's charging the vendors for full details.
Google Says Infected Spam Is Getting Worse
News  |  8/12/2008  | 
The company's Postini corporate e-mail security service reported that the volume of e-mail virus attacks peaked at almost 10 million on a single day.
Page 1 / 2   >   >>

COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/21/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-09-23
** UNSUPPORTED WHEN ASSIGNED ** peg-markdown 0.4.14 has a NULL pointer dereference in process_raw_blocks in markdown_lib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
PUBLISHED: 2020-09-23
A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP re...
PUBLISHED: 2020-09-23
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An attacker could exploit t...
PUBLISHED: 2020-09-23
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (UCM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based...
PUBLISHED: 2020-09-23
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because th...