Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in September 2007
Page 1 / 3   >   >>
Attackers Kill Anti-Fraud Site
News  |  9/28/2007  | 
Fraudwatchers.org buckles, collapses under weight of month-long denial-of-service attack
iHack With an iPhone
News  |  9/28/2007  | 
Your iPhone isn't just hot-looking - it's also a potential hacking weapon
Retail Security: No Sale
News  |  9/28/2007  | 
Despite harsh lessons at TJX and redoubled efforts by credit card companies to push PCI, customer data remains at risk
Bradford Networks' NAC Secures 1M Users
News  |  9/28/2007  | 
Bradford Networks' NAC secures 1M users during back-to-school rush
Akonix Publishes September IM Threat Report
News  |  9/28/2007  | 
Akonix's Threat Center tracks 33 IM attacks
CyberDefender Adds Remote Support
News  |  9/28/2007  | 
CyberDefender debuts new Internet security suites
Your Health Is None of Your Damn Business
Quick Hits  |  9/28/2007  | 
Workers at Wyoming hospital reprimanded for breaking HIPAA rules to look at their own health records
Microsofties Check Out Vulnerability Auction Site at Blue Hat
News  |  9/28/2007  | 
WabiSabiLabi participates in closed-door Microsoft summit of security researchers and Microsoft staff
Hackers Exploit Crisis in Burma
News  |  9/28/2007  | 
Email links to Dalai Lama's genuine Website, but attachment is malicious
Startup Wins License for Secure Biometrics Token
News  |  9/27/2007  | 
Technology promises to protect privacy of user whose biometric data is stolen or copied
Comodo Unveils Free Security Tools
News  |  9/27/2007  | 
Comodo helps consumers stay safe online with new Website visual trust indicator and free desktop security tools
Cybercriminals on Your Doorstep
News  |  9/27/2007  | 
Latest scams range from legit-looking auction sites to looking you in the eye while they steal your money
Malware Plays Defense
News  |  9/27/2007  | 
New exploits can tell when they're being sandboxed for analysis
Ounce Adds Classic ASP Support
News  |  9/27/2007  | 
Ounce Labs extends analysis capabilities with support for classic ASP
Virus, Phishing Rise in Sept.
News  |  9/27/2007  | 
2nd wave of C-Level targeted attacks with increased sophistication
Video Shows Hack of US Power Grid
Quick Hits  |  9/27/2007  | 
A graphic dramatization made for the Department of Homeland Security simulates potential impact of a cyberterrorist attack on utility grids
Many Retailers Will Not Make PCI Compliance Deadline
News  |  9/26/2007  | 
Problems with applications, access management leave credit card processors facing fines - and vulnerabilities
Metasploit Adds iPhone Hacking Tools
News  |  9/26/2007  | 
Popular pen-test tool now comes with Apple iPhone payloads
Trend Micro Unveils TM Internet Security 2008
News  |  9/26/2007  | 
New Trend Micro Internet Security products strengthen personal information protection and deliver enhanced performance
Hackers Post Names, Credit Card Info on eBay
Quick Hits  |  9/26/2007  | 
Auction site says incident is a hack, not a leak
Watson SCS Offers Free IT Security Assessment
News  |  9/26/2007  | 
IBM partner Watson SCS offers complimentary IT security assessment
Peter Tippett to Keynote Tradeshow
News  |  9/26/2007  | 
Security pioneer from Verizon Business to keynote at virtual security tradeshow
Blue Lane Adds Support for VMware
News  |  9/26/2007  | 
Blue Lane delivers unmatched protection and network flow visibility for VMware Infrastructure 3 environments
Canadian Government Sheds Light On TJX Breach
News  |  9/25/2007  | 
Attack was conducted via wireless links at two Miami Marshall's stores, investigation reveals
Virtual Civil Disobedience
News  |  9/25/2007  | 
Now that n.runs has opened the floodgates by putting its hacking tool back online, who'll step up next?
VeriSign Flexes DNS Security Muscle
News  |  9/25/2007  | 
Internet DNS server host upgrades its infrastructure as DNS attacks continue to hammer the Net
TJX Proposes to Settle Customer Lawsuit for $6.5M
News  |  9/24/2007  | 
Customers promised a $30 voucher and a three-day discount sale
Shavlik Launches Free Google Gadget
News  |  9/24/2007  | 
Individual users can download free Google gadget for on demand patch assessment and remediation from Shavlik
Breach Security Adds App Defect Detection
News  |  9/24/2007  | 
New version of Breach Security's WebDefend Web application firewall adds passive vulnerability detection
Secure Computing Intros New WebWasher
News  |  9/24/2007  | 
Secure Computing releases next generation Web gateway security solution
Lessons From a Security Breach
News  |  9/24/2007  | 
A hack at Vertical Web Media helps show what to do in the event of a breach - and what not to do
P2P Leads to Major Leak at Citigroup Unit
Quick Hits  |  9/24/2007  | 
ABN Amro employee exposes personal data on 5,000 mortgagees by installing BearShare
FireEye Fans Anti-Botnet Flame
News  |  9/24/2007  | 
FireEye today is rolling out the latest in a series of anti-botnet offerings from security vendors
Security's School of Hard Knocks
News  |  9/21/2007  | 
Security pros share five of the toughest lessons they've ever learned, and they've got the scars to prove them
Researcher Raises Alarm Over PDFs
News  |  9/21/2007  | 
Adobe files could soon become attackers' favorite medium for malware delivery, experts say
Running the IR Gauntlet
News  |  9/21/2007  | 
There are lots of tools available for incident response, but they have flaws too
Signal Turns to Data Leak Protection
News  |  9/21/2007  | 
Signal Financial Credit Union's DLP architecture protects sensitive data - sometimes a little too well
TD Ameritrade Gambles and Loses
News  |  9/21/2007  | 
Brokerage company had all the warning signs of a breach last year, but held off disclosure in hopes of fixing the problem
Hackers Get the Lingo
Quick Hits  |  9/21/2007  | 
Lingo, a New Zealand VOIP service provider, accidentally sends out the email addresses of more than 14,000 customers
Five Signs That You're Under a Targeted Attack
News  |  9/20/2007  | 
Clues that your organization is in the bull's eye might be right under your nose
Security Problems Linger at VA
News  |  9/20/2007  | 
Despite highly publicized breach, Veterans Affairs' IT efforts still coming up short, according to GAO report
Cyber Law Cuts Two Ways
News  |  9/20/2007  | 
Regional laws - such as Minnesota's credit card data legislation - create both benefits and hardships
Radware Adds Protection Against Trojan
News  |  9/20/2007  | 
Radware issues immediate protection against the 'Gangsta.exe' trojan horse
Secure Elements, Grant Thornton LLP Team
News  |  9/20/2007  | 
Secure Elements announces joint marketing agreement with Grant Thornton LLP Global Public Sector
Reports: Threats More Sophisticated, More Costly Than Ever
News  |  9/19/2007  | 
Cybercrime has become a cottage industry, and companies are feeling it in their bank accounts, researchers say
Radware Offers Defense Against Gangsta
News  |  9/19/2007  | 
Radware issues immediate protection against the 'Gangsta.exe' trojan horse
ISPs Try on Anti-Botnet Services Model
News  |  9/19/2007  | 
Anti-botnet security services are on the rise, but ISPs still aren't coming over to clean up your machine
The Six Stages of Incident Response
News  |  9/19/2007  | 
Following these simple steps can help your organization handle a serious data breach
Mu Security Discovers DHCP Zero-Day
News  |  9/19/2007  | 
Mu Security discovers Dibbler DHCPv6 zero-day denial of service vulnerability
Hosting Vendor Suffers Major Security Breach
Quick Hits  |  9/19/2007  | 
Even the companies contracted to protect your data are losing it
Page 1 / 3   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.
CVE-2016-6555
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in ver...
CVE-2016-6556
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This iss...