Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in September 2008
Page 1 / 2   >   >>
New DoS Attack Is a Killer
Commentary  |  9/30/2008  | 
Things are a-brewin' in Sweden. Sweden is not just home of the infamous bikini team, it is also the home of Outpost 24, an equally sexy software-as-a-service network scanning service, and the employer of my friend Robert E. Lee and his colleague Jack C. Louis. These guys are the inventors of UnicornScan, a user-land TCP stack turned into a port scanner. Never heard of it? Use Nmap exclusively? Well if you run Linux, I suggest checking
Study: Routine Misbehavior by End Users Can Lead to Major Data Leaks
News  |  9/30/2008  | 
Many end users don't understand the risks associated with breaking company security policies, report says
Attackers Mix Online, Offline Exploits to Mask Financial Fraud
News  |  9/30/2008  | 
Cybercriminals split the attack cycle into pieces that may appear unrelated in order to evade detection
Microsoft, Washington State Launch Legal Assault On Scareware
News  |  9/29/2008  | 
The lawsuit against Registry Cleaner XP is trying to halt pop-up ads that look like Windows system messages and falsely claim that a critical system error has occurred.
CSRF Flaws Found on Major Websites
News  |  9/29/2008  | 
Princeton University researchers reveal four sites with cross-site request forgery flaws and unveil tools to protect against these attacks
Yahoo! Japan Auctions Compromised, Report Says
News  |  9/29/2008  | 
Thieves may have accessed Web auction site as many as 1.5 million times since May
Theft at RAF Facility Endangers Personal Data of 50,000
Quick Hits  |  9/29/2008  | 
Data on British air force hard drives wasn't encrypted; old facility 'wasn't that secure,' reports say
'Clickjacking' Attack Prompts Warning To Disable Browser Plug-Ins
News  |  9/26/2008  | 
The flaw affects Apple Safari, Google Chrome, Microsoft Internet Explorer, Mozilla Firefox, and Opera and could trick a user into clicking on content from another page.
Portrait Of A Computer Forensic Examiner
News  |  9/26/2008  | 
While data can be recovered from any computer, expert Ives Potrafka believes that corporate IT departments have far less control over what happens on PCs used for work.
Adobe PDF Reader Vulnerable, U.S. CERT Warns
News  |  9/26/2008  | 
The government's standard precautionary advice: Don't open files from sources you don't trust, and keep your antivirus software and patches up to date.
Survey: Virtually No Security in Enterprises' Virtual Systems
Quick Hits  |  9/26/2008  | 
Enterprise survey shows few companies have secured their virtual environments
New ID Theft Service Crawls the Web on Consumers' Behalf
News  |  9/26/2008  | 
For $15, Affinion penetrates hacker chat rooms and warns users when their data is for sale
Tiger Team Member Attacks Developers, Not Apps
News  |  9/25/2008  | 
Expert shows how he can get into a Web app without touching the application itself
Sarah Palin E-Mail Hacking Grand Jury Returns No Indictment
News  |  9/24/2008  | 
A Tennessee Democratic state representative's son was linked last week to involvement in the breach of the Republican vice presidential candidate's Yahoo Mail account.
Shadowserver to Build 'Sinkhole' Server to Find Errant Bots
News  |  9/24/2008  | 
New initiative will emulate IRC, HTTP botnet traffic
Many PC Users Remain Unaware of Security, Privacy
Quick Hits  |  9/24/2008  | 
More than a tenth of users don't know whether they have an antivirus, firewall; majority don't know what privacy settings they're using
For US Enterprises, Computer Crime Starts at Home
News  |  9/23/2008  | 
Despite perceptions about overseas hackers, attacks increasingly emanate from domestic sources, studies say
Phony Pop-Up Warning Messages Dupe Most Users
News  |  9/23/2008  | 
New research from NC State University shows how even savvy users fall for malicious system error messages
Man Indicted for Hacking & Blackmailing Luxury Automaker
Quick Hits  |  9/23/2008  | 
Sixty-year-old hacker threatened Maserati North America with exposing his theft of customer data from carmaker's Website
'Profiler' Hacks Global Hacker Culture
News  |  9/23/2008  | 
Former notorious Italian hacker releases initial results of research identifying different types of hackers and their behaviors on and offline
US-Based Malware Network Shuts Down
News  |  9/22/2008  | 
Network that served large numbers of hackers is no longer in service, observers say
Employees Still Flouting Security Policies, Study Says
Quick Hits  |  9/22/2008  | 
Three in 10 enterprises say their business' security is being compromised by personal use of corporate systems
Only 35% Of Oracle Users Continuously Monitor For Suspicious Activity
News  |  9/19/2008  | 
A recent Unisphere survey found 20% of respondents anticipated some kind of data security breach over the coming year.
Sarah Palin E-Mail Hacker Tied To Tennessee Democrat
News  |  9/19/2008  | 
Department of Justice investigators have declined to comment on the status of the Palin e-mail investigation.
Experts: US Is Not Prepared to Handle Cyber Attacks
News  |  9/19/2008  | 
In Congressional testimony, authorities on cyber defense say neither government agencies nor private companies are ready for what may come
Research: Porn Is Losing Its Steam
Quick Hits  |  9/19/2008  | 
Separate reports both say lurid material no longer rules Web traffic trends
Palin's 'Hacker' Tells How He Did It
Quick Hits  |  9/18/2008  | 
Hacker claiming to have broken into Republican VP candidate Sarah Palin's Yahoo email account reportedly used low-tech research and a little social engineering
Porn Operators Hijack Pages on AARP Website
News  |  9/18/2008  | 
Multi-pronged attack shows weakness in custom content management systems, researcher says
Hacking Tool Lets You Target Your Own End Users
News  |  9/18/2008  | 
New open-source attack platform that performs email-based Web attacks debuts next week at OWASP conference
Zero-Day Exploit Code For Apple iTunes, QuickTime Posted
News  |  9/17/2008  | 
The vulnerability in Apple's newly patched software is said to crash any browser with the QuickTime plug-in.
Free 'Trojan-Proof' Password Tool Released for Windows
News  |  9/17/2008  | 
Beta virtual keyboard software aims to ward off password-sniffing Trojans, malware
Antivirus Vendors Push Toward Cloud Computing
News  |  9/17/2008  | 
Key elements of software now being delivered on a software-as-a-service basis
House Passes Identity Theft & Restitution Act
Quick Hits  |  9/17/2008  | 
Senate to consider bill that addresses data theft, use of keyloggers and spyware
Microsoft to Share Its Secure Development Blueprint, Threat Modeling Tool
Quick Hits  |  9/16/2008  | 
Customers, third-party developers can use Microsoft's model for writing more secure software - for free
Disclosure of Major New Web 'Clickjacking' Threat Gets Deferred
News  |  9/16/2008  | 
Web security researchers bow to Adobe request for time to patch before releasing proof of concept of newly discovered, massive 'clickjacking' attack
DHS Report Says Leave Laptops At Home
News  |  9/15/2008  | 
The federal agency said anyone who brings their computer or cell phone out of the country is risking privacy and data security violations.
Hackers Deface CERN's 'Big Bang' Particle Accelerator Site
News  |  9/15/2008  | 
As scientists began testing CERN's Large Hadron Collider last week, hackers made a mockery of the European lab's network security.
Snort Turns 10, Sourcefire Goes Virtual
News  |  9/15/2008  | 
IDS/IPS vendor joins the ranks of VMWare partners, gears up for commercial rollout of next-generation Snort
Lost Computer Exposes Data of 22,000 at Intuit
Quick Hits  |  9/15/2008  | 
Software company's loss was one of many resulting from burglary at HR outsourcing firm
Report: Unauthorized Apps Run Rampant on Many Enterprise Networks
News  |  9/15/2008  | 
Detailed analysis of traffic on 60 enterprise networks finds broad usage of software that isn't sanctioned by IT
Study: Hotel Networks Put Corporate Users at Risk
News  |  9/12/2008  | 
The Center for Hospitality Research's survey and hack confirms worries of weak security on hotel networks
CookieMonster Can Steal HTTPS Cookies
News  |  9/11/2008  | 
The Python-based tool actively gathers insecure SSL information and records that as well as normal HTTP cookies to Firefox-compatible cookie files.
Enterprises Struggle to Identify Sources of Risk
News  |  9/11/2008  | 
Security remains top priority, but businesses wrestle with business case, BT study says
New 'On/Off Switch' Protects RFID Cards From Hacks
News  |  9/11/2008  | 
Technology would let cardholders activate RFID transmission only when card goes through a reader
Online Death Certificates Dropped Amid ID Theft Fears
Quick Hits  |  9/11/2008  | 
Large Arizona county no longer posts public-record death certificates on its Website
Flying Phish Hooks Schools of Employees
News  |  9/11/2008  | 
Penetration test proves many workers can still be easily fooled
IBM Unveils Hardware-Based Encryption Tool
News  |  9/10/2008  | 
System x Vault protects data when a server's hard drive is disposed or stolen, without affecting server performance.
Home Security Gets A Web Makeover
News  |  9/10/2008  | 
Forget the closet control panel, today's Internet- and smartphone-enabled home security systems allow browser-based management, SMS updates, live video feeds, and money-saving DIY options.
Most Companies Believe Their Sensitive Data Is at Risk
Quick Hits  |  9/10/2008  | 
Enterprises recognize the threat of data theft, Finjan research study says
'Password Recovery' Services May Be Hackers for Hire
News  |  9/10/2008  | 
Services that promise to help you find your lost passwords may make their living by cracking the passwords of others, IBM researcher says
Page 1 / 2   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-07-02
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
PUBLISHED: 2022-07-02
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
PUBLISHED: 2022-07-02
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
PUBLISHED: 2022-07-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
PUBLISHED: 2022-07-02
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.