Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in August 2011
Page 1 / 2   >   >>
14 Enterprise Security Tips From Anonymous Hacker
News  |  8/31/2011  | 
Former Anonymous member "SparkyBlaze" advises companies on how to avoid massive data breaches.
New Windows Worm Wriggling Through Networks
News  |  8/30/2011  | 
'Morto' targets weak passwords, usernames and spreads via the Remote Desktop Protocol.
Gmail Attack Highlights Web Insecurity
News  |  8/29/2011  | 
A man-in-the-middle attack that relied on an unauthorized Google SSL certificate has revived concern over whether any Web communication is really secure.
Insulin Pump Hack Controversy Grows
News  |  8/26/2011  | 
Security researcher--and pump user--who found the flaw takes medical device manufacturer Medtronic to task for its response to the security vulnerability.
Apache Issues Workarounds For 'Killer' Attack
News  |  8/26/2011  | 
Development team spells out mitigation strategies for DDoS threat in advance of patch release.
Google Gives Up $500M In Revenue From Canadian Online Pharmacies
Quick Hits  |  8/24/2011  | 
Search engine giant should not have sold ads to unauthorized pharmacies, Department of Justice says
Chinese Military Documentary Reveals Alleged Attack Software
News  |  8/23/2011  | 
Government-run TV channel program accidentally reveals what appears to be software designed for cyber warfare.
Google Patches Critical Chrome Bug
News  |  8/23/2011  | 
Chrome browser update includes patches for 11 vulnerabilities, including several discovered by Google bug bounty winners.
Hacked Medical Device Sparks Congressional Inquiry
News  |  8/23/2011  | 
Legislators demand answers after a security researcher remotely controlled his own insulin pump using a $20 radio frequency transmitter at Black Hat.
McAfee Blew Shady RAT Analysis, Kaspersky Says
News  |  8/22/2011  | 
Security expert Eugene Kaspersky dismissed the seriousness of the Shady RAT botnet and suggested McAfee was purposefully alarmist in its report.
Facebook Offers Security Guide
News  |  8/19/2011  | 
Faceboook tries to explain the many security issues that have arisen for users of social networking and give tips for keeping accounts secure.
Microsoft Disables Supercookies On MSN
News  |  8/19/2011  | 
The online user tracking technique is drawing fire, and numerous businesses are stepping away from the firms that practice it.
Google Reports How Web Attackers Evade Malware Detection
News  |  8/19/2011  | 
Data gathered from Google's Safe Browsing API service reveals drive-by infections most common, with IP cloaking on the rise.
7 Ways To Stop Insider Hack Attacks
News  |  8/18/2011  | 
A former IT staffer invaded his pharmaceutical employer's network and deleted virtual machines, causing about $800,000 in losses. Here's how to prevent such trouble.
Google Disputes Socially Engineered Malware Study
News  |  8/18/2011  | 
After IE9 beat Chrome on security in a report, Google says social engineering accounts for only 2% of malware found on the Web.
Citigroup Case Spotlights Insider Threat Dangers
News  |  8/18/2011  | 
Case of Citigroup, fined for missing suspicious behavior of employee who bilked customers of $750,000, shows IT must be backed by supervisory control.
3 Security Lessons From BART's Anonymous Breach
Commentary  |  8/18/2011  | 
As BART continues to face attacks from the hacker group Anonymous, its security weak points have become painfully obvious. Here's what your IT staff can learn from BART's mistakes.
DOD Expanding Contractor Cybersecurity Program
News  |  8/17/2011  | 
Pilot program that shares threat information with defense contractors, network providers has stopped hundreds of intrusions, DOD says.
Scotland Yard Read Encrypted BlackBerry Messages During Riots
News  |  8/17/2011  | 
British police officials said they used confiscated BlackBerry smartphones to "break into" encrypted communications.
Botnets And Google Dorks: New Recipe For Hacking
News  |  8/17/2011  | 
Attackers finding new ways to automate the hunt for vulnerabilities, Imperva researchers say.
Botnets And Google Dorks: A New Recipe For Hacking
News  |  8/16/2011  | 
Attackers finding new ways to automate the hunt for vulnerabilities, Imperva researchers say
Internet Explorer 9 Best At Catching Socially Engineered Malware
News  |  8/16/2011  | 
Microsoft's newest browser outperforms Chrome, Firefox, Safari, and Opera in lab test for detecting malware-laden links
Microsoft IE9 Blocks Malware Best
News  |  8/16/2011  | 
Report finds that IE9's ability to block malicious URLs, malware, and phishing attacks far surpasses that of Chrome, Safari, Firefox, or Opera.
SpyEye Trojan Source Code Published
News  |  8/16/2011  | 
Once costly code for data-stealing Trojan is now available to the masses; exploits expected to rise, Damballa reports.
Slide Show: Sights And Sounds Of Black Hat USA 2011
Slideshows  |  8/15/2011  | 
Zombies, robots, 'war-flying' drones, PWN phones -- and scary, real-world SCADA hacks were among the mix of lighthearted and deadly serious demonstrations and presentations at this year's Black Hat USA in Las Vegas
BART Braces For More Attacks From Anonymous
News  |  8/15/2011  | 
The SF Bay area's transit agency expects more website disruptions after an attack over the weekend.
Can Data Breaches Kill?
News  |  8/15/2011  | 
When data is sensitive enough, its exposure has the potential to be fatal.
Researchers Claim Flaws In Facebook; Facebook Calls Them 'Best Practices'
Quick Hits  |  8/12/2011  | 
Short passwords, non-SSL-encrypted forms are criticized by Cenzic
AntiSec Data Dump IDs Thousands Of Cops, Informants
News  |  8/12/2011  | 
Hacker group's release includes social security numbers, credit card data, and passwords for thousands of officers and informants.
Visa Pushes PIN Requirement With Credit Card Purchases
News  |  8/11/2011  | 
European consumers are used to this drill, but now Visa is putting its muscle behind increased security measures in the United States.
Shady RAT No China Smoking Gun
Commentary  |  8/11/2011  | 
Kudos to McAfee for discovering attacks that go undiscovered too often, but questions about attack severity, sophistication, or nation-state backing remain.
Encrypt Early, Encrypt Often
News  |  8/11/2011  | 
You can't rely on cloud providers for data security.
Anonymous Threats To Kill Facebook: Another Hoax?
News  |  8/10/2011  | 
Security experts question whether the plot against Facebook is real, noting odd Twitter accounts used to launch the campaign.
Tween Hacker's Time-Travel Trick
Commentary  |  8/10/2011  | 
DefCon Kid discovers new class of vulns
RIM's London Riot Fallout Increases: BlackBerry Blog Hacked
News  |  8/10/2011  | 
Hackers take issue with RIM's cooperation with London Police. Multiple people arrested on charges of inciting others to violence via Facebook.
Google Researcher Dissects Sophos Antivirus Software
News  |  8/10/2011  | 
AV product vendors don't provide sufficient technical details on how their products work, researcher says at Black Hat USA.
70 Percent Of Infected Consumer Machines Hit With Multiple Malware Types
Quick Hits  |  8/9/2011  | 
New Sourcefire Immunet and ClamAV data provides snapshot of consumer malware threats
Don't Blame RIM, Twitter For London Riots
Commentary  |  8/9/2011  | 
You may dislike social networking or smartphones all you want--but remember they're just tools used by people.
U.K. Police Seek BlackBerry Messages Following Riots
News  |  8/9/2011  | 
BlackBerry maker Research In Motion has offered to help the police with their investigation, but has not specified what data will be shared.
State Department, Auditors Clash On IT Security Monitoring
News  |  8/9/2011  | 
GAO says the department's iPost risk-scoring program doesn't handle non-Windows systems or sufficiently detail vulnerabilities, and fails to reflect the impact and likelihood of threats.
Google Researcher Dissects Sophos Antivirus Software
News  |  8/9/2011  | 
AV product vendors don't provide sufficient technical details on how their products work, researcher says at Black Hat USA
SSL Certificates May Offer False Sense Of Trust
News  |  8/9/2011  | 
Researcher points to fundamental problems in SSL and DNSSEC, and says it's time for users to take control of trust.
How USB Sticks Cause Data Breach, Malware Woes
News  |  8/8/2011  | 
Half of businesses have lost sensitive or confidential information due to USB memory sticks, with many incidents involving those infected with malware.
Anonymous Cracks Cops Data Again
News  |  8/8/2011  | 
The "hacktivist" Anonymous operation known as AntiSec released a 7.4 GB file with emails and personal information from 56 different law enforcement agencies.
Siemens Joins SCADA Hack Demo At Black Hat
News  |  8/8/2011  | 
NSS Labs researcher Dillon Beresford shows holes in Siemens programmable logic controllers that could lead to attacks.
Siemens Shows Up For Black Hat Demo Of SCADA Hack
News  |  8/5/2011  | 
NSS Labs researcher Dillon Beresford shows holes in Siemens programmable logic controllers (PLCs) that could lead to attacks
Getting Root On The Human Body
News  |  8/5/2011  | 
Black Hat researcher shows it is possible to remotely control a diabetic's insulin pump without person's knowledge
Wardriving Evolves Into Warflying
News  |  8/5/2011  | 
Researchers release specs for a DIY radio-controlled plane that hacks systems by air.
iPad Credit Card Reader Hacked As Skimmer
News  |  8/5/2011  | 
The Square reader for iPhone and iPad converts credit card numbers into plain audio, enabling criminals to convert stolen cards into cash.
The Week In Security: 4 Big Stories
Commentary  |  8/5/2011  | 
Cyber threats as part of future wars, Android malware, and Shady Rats made news. Don't miss the week's key security stories.
Page 1 / 2   >   >>


AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at Zscaler,  9/10/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-4147
PUBLISHED: 2019-09-16
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 158413.
CVE-2019-5481
PUBLISHED: 2019-09-16
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
CVE-2019-5482
PUBLISHED: 2019-09-16
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
CVE-2019-15741
PUBLISHED: 2019-09-16
An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsafe interaction with logrotate could result in a privilege escalation
CVE-2019-16370
PUBLISHED: 2019-09-16
The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.