Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in August 2008
Page 1 / 2   >   >>
Who Infected the International Space Station?
Quick Hits  |  8/29/2008  | 
W32.Gammima.AG found on orbiting network, but nobody's saying how it got there
Bank's Lost Backup Tapes Contained IDs of 12 Million Clients
News  |  8/29/2008  | 
Headcount for Bank of New York Mellon's lost backup tapes rises from 4.2 million to 12 million personal identities
Best Western CIO Scott Gibson On The Data Breach That Wasn't
News  |  8/28/2008  | 
Gibson has been dealing with a small data breach that somehow snowballed into eight million records stolen and tagged as "one of the most audacious cyber-crimes ever."
Report: Email Address Dictates Spam Volume
News  |  8/28/2008  | 
The first letter of your email address is one factor in your spam risk, a researcher says
Feds Shift Gears & Mandate DNSSEC for All Agencies
Quick Hits  |  8/28/2008  | 
US government takes a harder line on securing DNS infrastructure, but DNSSEC still hotly debated
NASA Security Badge Poses Safety Risk
News  |  8/27/2008  | 
The badge's metal clasps, if installed backwards, will become a projectile when the badge is opened creating a potential eye injury hazard.
Virus Found On Computer In Space Station
News  |  8/27/2008  | 
Citing security policies, NASA would not disclose details about how the virus got on a laptop on the International Space Station.
Spammers Use 'Hijacked' Babies To Lure Victims
News  |  8/27/2008  | 
The social engineering campaign includes an attached file, purportedly a photo of the recipient's child, but which is, of course, malware.
The 'Poor Man's Traffic Intercept'
News  |  8/27/2008  | 
A weakness in the Border Gateway Protocol makes the Internet's core infrastructure look about as watertight as a screen door.
Report: Popular Web Attacks Go Stealth
News  |  8/27/2008  | 
Attackers are increasingly using encoding to sneak their SQL injection, cross-site scripting attacks past Web security
Hack Lets Researchers Silently Eavesdrop on IP Networks
Quick Hits  |  8/27/2008  | 
New twist on an old BGP routing vulnerability could change the face of data theft, researchers say
FAA Computer Glitch Causes National Flight Delays
News  |  8/26/2008  | 
The problems began when an Atlanta facility that processes flight plan information went down due to a software malfunction, FAA officials said.
Online Pharmacy Risks Rising, Report Finds
News  |  8/26/2008  | 
Criminals are trying to take advantage of consumer interest in low-cost medicines by offering counterfeit drugs and spamming to drive sales at online pharmacies.
The Seven Deadliest Social Networking Hacks
News  |  8/26/2008  | 
Think you know who your real online friends are? You could be just a few hops away from a cybercriminal in today's social networks
User Buys Millions of Bank Records (& a PC) on eBay
Quick Hits  |  8/26/2008  | 
Used computer reveals sensitive customer data that should have been wiped clean, eBay buyer says
This Year's Data Breaches Surpass 2007 Totals
News  |  8/25/2008  | 
The rising number of reported data breaches in the last eight months may just mean corporate security auditors are better at finding compromised systems, ITRC researchers suggest.
8 Million-Record Data Breach Claim 'Grossly Unsubstantiated,' Says Best Western
News  |  8/25/2008  | 
The hotel chain says that only 13 customer records may have been exposed, not the millions that a Scotland newspaper reported.
Best Western Denies Report of Massive Data Breach
News  |  8/25/2008  | 
Scottish newspaper says flaw exposed personal records of 8M hotel chain customers since 2007; Best Western says report is 'grossly unsubstantiated'
Fedora, Red Hat Servers Compromised
Quick Hits  |  8/25/2008  | 
Popular Linux implementation will require changes in signing keys
Memory Stick With 84,000 Prisoner Records Lost In U.K.
News  |  8/22/2008  | 
U.K. Home Secretary Jacqui Smith blames PA Consulting, a contractor that stored the data on the memory stick in violation of its contract.
Life Insurer Takes New Approach to Two-Factor Authentication
News  |  8/22/2008  | 
Cryptocard technology helps Kansas City Life get the handle on a thorny access problem
ID Theft Ringleader Gets Three Days in Jail
Quick Hits  |  8/22/2008  | 
Man convicted of leading Canada's largest identity theft conspiracy is virtually sentenced to time served
FEMA's Phone System Hacked
News  |  8/21/2008  | 
Someone with unauthorized access placed over 400 calls through FEMA's National Emergency Training Center in Emmitsburg, Md. to several countries in the Middle East.
DNS Flaw Used To Poison Chinese ISP's Server
News  |  8/21/2008  | 
China Netcom subscribers who mistype a Web address are redirected to a page with malicious code.
Is This the End of the Pre-Recorded Telemarketing Call?
News  |  8/21/2008  | 
New FTC rules redefine consumers' privacy rights
Device Shields Implant Patients From 'Body Hacking'
Quick Hits  |  8/21/2008  | 
Cloaking device can prevent pacemakers from remote tampering, hacking
Security Researcher Defends Plan To Release Gmail Hacking Tool
News  |  8/20/2008  | 
The software could affect many SSL-secured Web sites, including Amazon, Facebook, Gmail, addons.mozilla.org, most Drupal sites, and many online merchants and banks.
Judge Lifts Gag Order On Student Subway Hackers
News  |  8/20/2008  | 
Massachusetts Bay Transit Authority had tried to prevent MIT students from discussing security flaws in Boston's transit fare card system.
Rival Botnets Share a Common Bond, Researchers Find
News  |  8/20/2008  | 
But world's biggest botnets Rustock and Srizbi remain autonomous
Linux Users Speculate Over Fedora Outage
Quick Hits  |  8/20/2008  | 
Could the popular Red Hat Linux implementation have been breached? Fedora's architects aren't telling
Princeton Review Security Flaw Outed By Competitor
News  |  8/19/2008  | 
One file reportedly contained information about 34,000 students and another contained names and birth dates of 74,000 students.
Free Spear-Phishing Tool on Tap
News  |  8/19/2008  | 
Open source tool aimed at penetration testers lets them customize phishing attacks on their organizations
Princeton Review Exposes Data on More Than 100,000 Students
News  |  8/19/2008  | 
Website configuration error left data accessible for seven weeks
Online Crime Map 'UCrime' Illustrates Campus Incidents
News  |  8/18/2008  | 
The Baltimore startup provides real-time data about the date, time, location, and type of crime on campuses.
Attacks Continue on Retail Stores, Restaurants
News  |  8/18/2008  | 
Criminals exploit wireless vulnerabilities, social engineering to collect large volumes of customer data
Spear Phishing Attack Unleashes 1.5M Spam Messages
Quick Hits  |  8/18/2008  | 
New Zealand university is exploited after convincing ruse fools four staffers
Hat World Tops Off EVDO Rollout With Security
News  |  8/15/2008  | 
Retailer initially found EVDO security solutions few and far between
LA Street Gangs Add ID Theft to Turf
Quick Hits  |  8/15/2008  | 
California sees surge in 'Crips,' 'Mexican Mafia,' and other gangs going into the identity theft business
New Tool Hacks the Psyche
News  |  8/14/2008  | 
Microsoft Blue Hat summit to feature proof-of-concept for extrapolating a user's emotional state based on his or her online postings
'Surf Jacking' Threatens Secure Browser Sessions
Quick Hits  |  8/14/2008  | 
Researcher launches proof of concept to show vulnerability in HTTPS
Is Wireless Really Worth It?
News  |  8/14/2008  | 
Wireless technology may be convenient, but it also introduces significant hassles - and risks
Startup Of The Week: Zscaler
News  |  8/13/2008  | 
Promising to replace a hodgepodge of security applications and appliances, entrepreneur Jay Chaudhry's new company offers security as a service.
Air Force Suspends 'Cyber Command' Program
News  |  8/13/2008  | 
The delay in the program does not necessarily mean the Cyber Command at Barksdale Air Force Base will not be created, but that could be one option, officials said.
VMware Issues Patch For Hypervisor Bug
News  |  8/13/2008  | 
CEO Paul Maritz apologized to customers and said VMware was determined to get to the bottom of the problem that caused virtual machines to refuse to start.
At Countrywide, One Overlooked PC Led to Loss of 2M Records
News  |  8/13/2008  | 
Insider used the one machine that hadn't been 'fixed' to prevent use of external storage devices
Stolen Wells Fargo Access Codes Threaten 7,000
Quick Hits  |  8/13/2008  | 
Thieves may have used credit reporting system to steal personal data
Amid Controversy, Outed Steroid Sites Still Online
News  |  8/13/2008  | 
Anti-fraud groups, US Internet registrars at odds over takedown of 'roid sites
Microsoft Stages 'Mammoth Patch Tuesday'
News  |  8/12/2008  | 
Counting vulnerabilities rather than bulletins, 17 of 26 are critical, the most since August 2006, according to Symantec researchers.
Researcher Wants To Charge Nokia, Sun For Phone Vulnerability
News  |  8/12/2008  | 
Polish researcher Adam Gowdiak said he's discovered 14 security issues with J2ME on Nokia handsets, but he's charging the vendors for full details.
Google Says Infected Spam Is Getting Worse
News  |  8/12/2008  | 
The company's Postini corporate e-mail security service reported that the volume of e-mail virus attacks peaked at almost 10 million on a single day.
Page 1 / 2   >   >>


Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Breaches Are Inevitable, So Embrace the Chaos
Ariel Zeitlin, Chief Technology Officer & Co-Founder, Guardicore,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16761
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0...
CVE-2019-16762
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any...
CVE-2019-13581
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary ...
CVE-2019-13582
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.
CVE-2019-6659
PUBLISHED: 2019-11-15
On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enabled may experience a denial of service due to undisclosed incoming messages.