Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in September 2012
PNC Bank Hit By Crowdsourced Hacktivist Attacks
News  |  9/28/2012  | 
Financial services website disrupted by DDoS attacks launched to protest anti-Muslim film, following similar attacks against Wells Fargo, U.S. Bank, and Bank of America.
Profiling The Cybercriminal And The Cyberspy
News  |  9/27/2012  | 
Insight into key characteristics, behaviors of cybercrime versus cyberespionage attackers can help -- but the threats aren't just from China and Eastern Europe
Muslim Hacktivists Take Credit For U.S. Bank Attack
News  |  9/27/2012  | 
A hacktivist group is apparently following through on its vow to attack financial institutions in retaliation for anti-Muslim film.
Deja Vu All Over Again: New Java Vulnerability Found, Bypasses Built-In Security
Quick Hits  |  9/26/2012  | 
Yet another Java bug has been discovered—and this one breaks out of the software's sandbox
Java Vulnerability Affects 1 Billion Plug-ins
News  |  9/26/2012  | 
Another week, another Java vulnerability--only this one affects all versions of Java released in the past eight years.
Twitter Direct Messages Disguise Trojan App Attack
News  |  9/25/2012  | 
Compromised Twitter accounts send fake Facebook videos and Flash updates that trigger drive-by malware exploits.
Watch The Watchers: 'Trusted' Employees Can Do Damage
News  |  9/25/2012  | 
A study of insider attacks within financial firms offers lessons to other companies: identify important data, limit access, and scrutinize trusted users most closely
Microsoft IE Patch Fixes Flaw Under Active Attack
News  |  9/24/2012  | 
Microsoft wins praise for quickly addressing five remote-execution security vulnerabilities, one of which is being used now in attacks.
IBM Predicts Rise In OS X Exploits, Touts Sandboxing
News  |  9/20/2012  | 
IBM's X-Force Trend and Risk Report says browser exploits and BYOD continue to pose challenges, warns that OS X attacks are getting more sophisticated.
Bank Of America Website Slows After Islamic Hacker Threats
News  |  9/19/2012  | 
Group protesting anti-Islam film claims credit for website service interruptions that hit Bank of America Tuesday afternoon.
Mikko's Malware Odyssey
News  |  9/18/2012  | 
Security guru Mikko Hypponen talks malware evolution, factory-automation vulnerabilities, Space Invaders, and jamming to Justin Bieber
Microsoft Warns Of IE 9 Security Bug
News  |  9/18/2012  | 
Microsoft promises fix for zero-day exploit that puts users of IE 9, and earlier IE versions, at risk upon visiting a malicious website.
Services Can Help Identify Mobile Risks
News  |  9/17/2012  | 
While mobile device management (MDM) services can help a company manage its employees phones and tablets, figuring out whether the devices are up-to-date is also critical
Cloud Services Face Different Security Threats
News  |  9/14/2012  | 
Alert Logic study finds that cloud and on-premises customers face about the same number, but different types, of threats.
Is 'Virus Expert' Tied To PlugX RAT Malware?
News  |  9/13/2012  | 
Security firm AlienVault believes "whg0001" helped create malware used to attack targets in Japan, South Korea, Taiwan, and Tibet.
Symantec Security Has Become Forgotten Child, Critics Say
News  |  9/13/2012  | 
After Symantec leadership change, some channel partners question whether the company will continue emphasizing its storage business over security.
Cisco Releases Cloud IPS, Upgrades Security Products
News  |  9/12/2012  | 
Network equipment vendor's new products and services focus on improving security for mixed physical, virtual, and cloud environments, as well as BYOD.
GoDaddy Outage: Anonymous Attack Or IT Failure?
News  |  9/12/2012  | 
If hacktivists weren't behind the six-hour outage, as GoDaddy's CEO contends, they may still have taken advantage of the situation.
Old Operating Systems Die Harder
Quick Hits  |  9/11/2012  | 
Aging OSes like XP still getting hit big-time with old exploits, new data shows
6 Ways To Strengthen Web App Security
News  |  9/7/2012  | 
Want to keep your Web application from getting hacked? Here's how to get serious about secure apps.
Fixing The Patch Problem
News  |  9/7/2012  | 
Many companies are patching systems more slowly than in the past. Using a service that packages fixes can speed updates and give businesses a better chance of closing security holes
Java Still Not Safe, Security Experts Say
News  |  9/6/2012  | 
Oracle needs to fix holes faster, say some security experts. Leave Java disabled for now, because Oracle's emergency patch is insufficient.
Oracle Emergency Java Patch Opens Fresh Trouble
News  |  9/5/2012  | 
Oracle's emergency patch fixes flaws being used in active attacks, but opens the door to a previously undisclosed vulnerability.
FBI, AntiSec Spar On Apple IDs
News  |  9/5/2012  | 
FBI denies laptop data breach, but some security experts believe agency may have suffered a phishing attack.


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-11047
PUBLISHED: 2020-04-07
An issue was discovered on Samsung mobile devices with JBP(4.2) and KK(4.4) (Marvell chipsets) software. The ACIPC-MSOCKET driver allows local privilege escalation via a stack-based buffer overflow. The Samsung ID is SVE-2016-5393 (April 2016).
CVE-2016-11048
PUBLISHED: 2020-04-07
An issue was discovered on Samsung mobile devices with L(5.0/5.1) (Spreadtrum or Marvell chipsets) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2016-5421 (March 2016).
CVE-2016-11049
PUBLISHED: 2020-04-07
An issue was discovered on Samsung mobile devices with software through 2016-01-16 (Shannon333/308/310 chipsets). The IMEI may be retrieved and modified because of an error in managing key information. The Samsung ID is SVE-2016-5435 (March 2016).
CVE-2016-11050
PUBLISHED: 2020-04-07
An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016-5562 (March 2016).
CVE-2016-11051
PUBLISHED: 2020-04-07
An issue was discovered on Samsung mobile devices with J(4.2) (Qualcomm Wi-Fi chipsets) software. There is a buffer overflow in the Qualcomm WLAN Driver. The Samsung ID is SVE-2016-5326 (February 2016).