Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in August 2008
Page 1 / 2   >   >>
Who Infected the International Space Station?
Quick Hits  |  8/29/2008  | 
W32.Gammima.AG found on orbiting network, but nobody's saying how it got there
Bank's Lost Backup Tapes Contained IDs of 12 Million Clients
News  |  8/29/2008  | 
Headcount for Bank of New York Mellon's lost backup tapes rises from 4.2 million to 12 million personal identities
Best Western CIO Scott Gibson On The Data Breach That Wasn't
News  |  8/28/2008  | 
Gibson has been dealing with a small data breach that somehow snowballed into eight million records stolen and tagged as "one of the most audacious cyber-crimes ever."
Report: Email Address Dictates Spam Volume
News  |  8/28/2008  | 
The first letter of your email address is one factor in your spam risk, a researcher says
Feds Shift Gears & Mandate DNSSEC for All Agencies
Quick Hits  |  8/28/2008  | 
US government takes a harder line on securing DNS infrastructure, but DNSSEC still hotly debated
NASA Security Badge Poses Safety Risk
News  |  8/27/2008  | 
The badge's metal clasps, if installed backwards, will become a projectile when the badge is opened creating a potential eye injury hazard.
Virus Found On Computer In Space Station
News  |  8/27/2008  | 
Citing security policies, NASA would not disclose details about how the virus got on a laptop on the International Space Station.
Spammers Use 'Hijacked' Babies To Lure Victims
News  |  8/27/2008  | 
The social engineering campaign includes an attached file, purportedly a photo of the recipient's child, but which is, of course, malware.
The 'Poor Man's Traffic Intercept'
News  |  8/27/2008  | 
A weakness in the Border Gateway Protocol makes the Internet's core infrastructure look about as watertight as a screen door.
Report: Popular Web Attacks Go Stealth
News  |  8/27/2008  | 
Attackers are increasingly using encoding to sneak their SQL injection, cross-site scripting attacks past Web security
Hack Lets Researchers Silently Eavesdrop on IP Networks
Quick Hits  |  8/27/2008  | 
New twist on an old BGP routing vulnerability could change the face of data theft, researchers say
FAA Computer Glitch Causes National Flight Delays
News  |  8/26/2008  | 
The problems began when an Atlanta facility that processes flight plan information went down due to a software malfunction, FAA officials said.
Online Pharmacy Risks Rising, Report Finds
News  |  8/26/2008  | 
Criminals are trying to take advantage of consumer interest in low-cost medicines by offering counterfeit drugs and spamming to drive sales at online pharmacies.
The Seven Deadliest Social Networking Hacks
News  |  8/26/2008  | 
Think you know who your real online friends are? You could be just a few hops away from a cybercriminal in today's social networks
User Buys Millions of Bank Records (& a PC) on eBay
Quick Hits  |  8/26/2008  | 
Used computer reveals sensitive customer data that should have been wiped clean, eBay buyer says
This Year's Data Breaches Surpass 2007 Totals
News  |  8/25/2008  | 
The rising number of reported data breaches in the last eight months may just mean corporate security auditors are better at finding compromised systems, ITRC researchers suggest.
8 Million-Record Data Breach Claim 'Grossly Unsubstantiated,' Says Best Western
News  |  8/25/2008  | 
The hotel chain says that only 13 customer records may have been exposed, not the millions that a Scotland newspaper reported.
Best Western Denies Report of Massive Data Breach
News  |  8/25/2008  | 
Scottish newspaper says flaw exposed personal records of 8M hotel chain customers since 2007; Best Western says report is 'grossly unsubstantiated'
Fedora, Red Hat Servers Compromised
Quick Hits  |  8/25/2008  | 
Popular Linux implementation will require changes in signing keys
Memory Stick With 84,000 Prisoner Records Lost In U.K.
News  |  8/22/2008  | 
U.K. Home Secretary Jacqui Smith blames PA Consulting, a contractor that stored the data on the memory stick in violation of its contract.
Life Insurer Takes New Approach to Two-Factor Authentication
News  |  8/22/2008  | 
Cryptocard technology helps Kansas City Life get the handle on a thorny access problem
ID Theft Ringleader Gets Three Days in Jail
Quick Hits  |  8/22/2008  | 
Man convicted of leading Canada's largest identity theft conspiracy is virtually sentenced to time served
FEMA's Phone System Hacked
News  |  8/21/2008  | 
Someone with unauthorized access placed over 400 calls through FEMA's National Emergency Training Center in Emmitsburg, Md. to several countries in the Middle East.
DNS Flaw Used To Poison Chinese ISP's Server
News  |  8/21/2008  | 
China Netcom subscribers who mistype a Web address are redirected to a page with malicious code.
Is This the End of the Pre-Recorded Telemarketing Call?
News  |  8/21/2008  | 
New FTC rules redefine consumers' privacy rights
Device Shields Implant Patients From 'Body Hacking'
Quick Hits  |  8/21/2008  | 
Cloaking device can prevent pacemakers from remote tampering, hacking
Security Researcher Defends Plan To Release Gmail Hacking Tool
News  |  8/20/2008  | 
The software could affect many SSL-secured Web sites, including Amazon, Facebook, Gmail, addons.mozilla.org, most Drupal sites, and many online merchants and banks.
Judge Lifts Gag Order On Student Subway Hackers
News  |  8/20/2008  | 
Massachusetts Bay Transit Authority had tried to prevent MIT students from discussing security flaws in Boston's transit fare card system.
Rival Botnets Share a Common Bond, Researchers Find
News  |  8/20/2008  | 
But world's biggest botnets Rustock and Srizbi remain autonomous
Linux Users Speculate Over Fedora Outage
Quick Hits  |  8/20/2008  | 
Could the popular Red Hat Linux implementation have been breached? Fedora's architects aren't telling
Princeton Review Security Flaw Outed By Competitor
News  |  8/19/2008  | 
One file reportedly contained information about 34,000 students and another contained names and birth dates of 74,000 students.
Free Spear-Phishing Tool on Tap
News  |  8/19/2008  | 
Open source tool aimed at penetration testers lets them customize phishing attacks on their organizations
Princeton Review Exposes Data on More Than 100,000 Students
News  |  8/19/2008  | 
Website configuration error left data accessible for seven weeks
Online Crime Map 'UCrime' Illustrates Campus Incidents
News  |  8/18/2008  | 
The Baltimore startup provides real-time data about the date, time, location, and type of crime on campuses.
Attacks Continue on Retail Stores, Restaurants
News  |  8/18/2008  | 
Criminals exploit wireless vulnerabilities, social engineering to collect large volumes of customer data
Spear Phishing Attack Unleashes 1.5M Spam Messages
Quick Hits  |  8/18/2008  | 
New Zealand university is exploited after convincing ruse fools four staffers
Hat World Tops Off EVDO Rollout With Security
News  |  8/15/2008  | 
Retailer initially found EVDO security solutions few and far between
LA Street Gangs Add ID Theft to Turf
Quick Hits  |  8/15/2008  | 
California sees surge in 'Crips,' 'Mexican Mafia,' and other gangs going into the identity theft business
New Tool Hacks the Psyche
News  |  8/14/2008  | 
Microsoft Blue Hat summit to feature proof-of-concept for extrapolating a user's emotional state based on his or her online postings
'Surf Jacking' Threatens Secure Browser Sessions
Quick Hits  |  8/14/2008  | 
Researcher launches proof of concept to show vulnerability in HTTPS
Is Wireless Really Worth It?
News  |  8/14/2008  | 
Wireless technology may be convenient, but it also introduces significant hassles - and risks
Startup Of The Week: Zscaler
News  |  8/13/2008  | 
Promising to replace a hodgepodge of security applications and appliances, entrepreneur Jay Chaudhry's new company offers security as a service.
Air Force Suspends 'Cyber Command' Program
News  |  8/13/2008  | 
The delay in the program does not necessarily mean the Cyber Command at Barksdale Air Force Base will not be created, but that could be one option, officials said.
VMware Issues Patch For Hypervisor Bug
News  |  8/13/2008  | 
CEO Paul Maritz apologized to customers and said VMware was determined to get to the bottom of the problem that caused virtual machines to refuse to start.
At Countrywide, One Overlooked PC Led to Loss of 2M Records
News  |  8/13/2008  | 
Insider used the one machine that hadn't been 'fixed' to prevent use of external storage devices
Stolen Wells Fargo Access Codes Threaten 7,000
Quick Hits  |  8/13/2008  | 
Thieves may have used credit reporting system to steal personal data
Amid Controversy, Outed Steroid Sites Still Online
News  |  8/13/2008  | 
Anti-fraud groups, US Internet registrars at odds over takedown of 'roid sites
Microsoft Stages 'Mammoth Patch Tuesday'
News  |  8/12/2008  | 
Counting vulnerabilities rather than bulletins, 17 of 26 are critical, the most since August 2006, according to Symantec researchers.
Researcher Wants To Charge Nokia, Sun For Phone Vulnerability
News  |  8/12/2008  | 
Polish researcher Adam Gowdiak said he's discovered 14 security issues with J2ME on Nokia handsets, but he's charging the vendors for full details.
Google Says Infected Spam Is Getting Worse
News  |  8/12/2008  | 
The company's Postini corporate e-mail security service reported that the volume of e-mail virus attacks peaked at almost 10 million on a single day.
Page 1 / 2   >   >>

Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-18
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an attac...
PUBLISHED: 2021-06-18
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In verions prior to 4.6, an attacker can perform a denial-of-service attack by triggering an infinite loop in the processing of IPv6 neighbor solicitation (NS) messages. This type of attack can effectively ...
PUBLISHED: 2021-06-18
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. It is possible to cause an out-of-bounds write in versions of Contiki-NG prior to 4.6 when transmitting a 6LoWPAN packet with a chain of extension headers. Unfortunately, the written header is not checked t...
PUBLISHED: 2021-06-18
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions prior to 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet with a data offse...
PUBLISHED: 2021-06-18
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function (<code>uncompress_hdr_iphc</code>) does not pe...