News & Commentary

Content posted in November 2006
Page 1 / 4   >   >>
E-Tailers Leaving Money On The Table Thanks To Weak Web Sites
Commentary  |  11/30/2006  | 
One week after I'd already bought three holiday presents online I learned that the vast majority of Web sites are vulnerable to attack by malicious hackers and that such security concerns are expected to drive away potential customers who would have shelled out nearly $2 billion online this year. The only real surprise is why those numbers aren't higher.
What Do You Have To Give Them If You Want To Use The Bathroom?
Commentary  |  11/30/2006  | 
An International House of Pancakes (IHOP) restaurant reversed its policy of requiring customers to surrender their driver's licenses before being served, after customers complained about the privacy and identity theft risks. One customer complained: "You want my license? I'm going for pancakes, I'm not buying the Hope diamond." The restaurant was trying to limit "dine-a
Grisoft Adds Rescue CD
News  |  11/30/2006  | 
Grisoft, the developer of AVG security software, introduced AVG Rescue CD
Month of Kernel Bugs Ends in Controversy
News  |  11/30/2006  | 
The MOKB forced several vendors to patch their wireless drivers, but it concluded today with a debate over the validity of a Mac OS X flaw
New Threats Loom for 2007
News  |  11/30/2006  | 
Password-stealing sites, video malware, and a parasitic comeback top McAfee's list of predicted threats for new year
Vista, Office 2007 Arrive
News  |  11/30/2006  | 
Steve Ballmer kicks off most significant product launch in Microsoft's history
Security Appliance Delivers for Kenco
News  |  11/30/2006  | 
Logistics company gets the bigger picture with new appliance, software for security management
Credit Union Overcomes Insecurities
News  |  11/30/2006  | 
Uses data classification to plug security holes by actually enforcing set policies
Symantec Manages Exchange
News  |  11/30/2006  | 
Symantec will offer market-leading, end-to-end messaging management support for customers migrating to Exchange Server 2007
MessageLabs Offers Solutions
News  |  11/29/2006  | 
MessageLabs announced the launch of MessageLabs Small Business Solutions
Sophos Reveals Top Ten
News  |  11/29/2006  | 
Sophos announced the top ten viruses plaguing computer users worldwide during November 2006
Protegrity Gets Patent
News  |  11/29/2006  | 
Protegrity Corporation has been awarded United States Patent 7,120,933
The Ripple Effects Of E-Discovery
Commentary  |  11/29/2006  | 
When I last tread this space, it was to alert readers who weren't already aware, of the Dec. 1rst launch of new federal rules regarding electronic discovery. By the way, there's no new law. The new requirements are just an extension of existing rules, which you can find here.
Paradial Unveils Product
News  |  11/29/2006  | 
Paradial announced the general availability of Paradial's RealTunnel 2.0
TriCipher Hires Exec
News  |  11/29/2006  | 
TriCipher announced that Vatsal Sonecha has joined its executive team as vice president of strategy and business development
Stop Wasting My Time
News  |  11/29/2006  | 
Dark Reading survey shows frustrated security pros spend too much time on drudgery, not enough on important tasks
The 10 Most Overlooked Aspects of Security
News  |  11/29/2006  | 
Think your organization has all its security bases covered? You might think twice after checking out this list
Securing Identity From Inside the App
News  |  11/29/2006  | 
Oracle-led group seeks to secure the personal information that gets embedded in applications
MessageLabs Intros Services
News  |  11/29/2006  | 
MessageLabs announced the launch of MessageLabs Small Business Solutions
Banking on Security
News  |  11/29/2006  | 
No tellers were harmed, no cash was removed... This social engineer was after logins and passwords
F-Secure Protects Corporate Data
News  |  11/29/2006  | 
At the beginning of 2007 the new F-Secure Client Security 7 will take the protection of corporate PCs to a new level
McAfee Predicts '07 Trends
News  |  11/29/2006  | 
McAfee announced its top ten predictions for security threats in 2007 from McAfee Avert Labs
CA Faces Backup Flaw
News  |  11/29/2006  | 
Tape security flaw in CA's BrightStor ARCserve could open users to DOS attacks
Secude Unveils 5.8
News  |  11/29/2006  | 
Secude signon Version 5.8 now adjusts even better to companies' individual security needs
Vericept, Anadarko Partner
News  |  11/29/2006  | 
Anadarko Petroleum has selected The Vericept 360 degrees Risk Management Platform
PetroChina Selects Array
News  |  11/29/2006  | 
PetroChina has deployed Array's SSL VPN and Global Server Load Balancing platforms to deliver mission-critical applications
Netragard Unveils Vulnerabilities
News  |  11/29/2006  | 
NETRAGARD announced that its SRT uncovered two potentially critical vulnerabilities with Hewlett-Packard's Tru64 Operating System
CommVault Enhances Search
News  |  11/29/2006  | 
CommVault announced data archiving software enhancements that improve legal search and discovery of enterprise Microsoft Exchange email
Vasco Secures 100
News  |  11/29/2006  | 
Vasco has passed the landmark of 100 customers in the US banking sector
NSS Certifies McAfee IntruShield
News  |  11/28/2006  | 
McAfee IntruShield was the only Network Intrusion Prevention Solution (IPS) to receive the new 'Multi-Gigabit IPS'certification by the NSS
Cartus Earns Cybertrust Certification
News  |  11/28/2006  | 
Cartus has obtained Cybertrust Security Management Program (SMP) Enterprise Certification for the fourth year in a row
ESET Protects USD
News  |  11/28/2006  | 
Deer Valley USD has selected ESET NOD32 Antivirus software as the default antivirus solution for its 36 K-12 schools
AAO Picks StillSecure
News  |  11/28/2006  | 
StillSecure announced that American Academy of Ophthalmology (AAO) is using StillSecure Safe Access for network access control (NAC)
Hackers and Humbugs
News  |  11/28/2006  | 
Spread some holiday cheer with your own Month of Bugs
Where the Bugs Are
News  |  11/28/2006  | 
New data from White Hat reveals vulnerabilities in major Web-based applications
Imperva Secures Platform
News  |  11/28/2006  | 
AEMS has selected the SecureSphere Web Application Firewall to protect its Internet-based trading platform from being compromised
Spam Victims Get the Picture
News  |  11/28/2006  | 
Vendors warn of growing threat of spam embedded with image files that circumvent filters
AppSec Tackles Data Security
News  |  11/28/2006  | 
Application Security hosted an invitation-only seminar for CXO-level IT security professionals
Mu Finds Vulnerability
News  |  11/28/2006  | 
Mu identifies pre-authentication vulnerability in Mac OS X kernel PPP driver
Insightix Intros 3.0
News  |  11/28/2006  | 
Insightix announced the release of Insightix NAC 3.0
TSA Standardizes on Aventail
News  |  11/28/2006  | 
Trans States Airlines (TSA) has standardized on Aventail's award-winning SSL VPN platform ST2
Bioscrypt, Artemis Team
News  |  11/28/2006  | 
ASG will distribute a private label BioCert version of VeriSoft USC
Capgemini Offers Security
News  |  11/28/2006  | 
ControlGuard announced that Capgemini will offer ControlGuard Endpoint Access Manager as part of its portfolio in Italy
Covelight & Quova Partner
News  |  11/27/2006  | 
Covelight announced a partnership with Quova to deliver a seamless platform for online user transaction data and enhanced authentication capabilities
Looking Over the Overlooked
News  |  11/27/2006  | 
Some honorable mentions that didn't make our 'Top 10 Most Overlooked Aspects of IT Security' story
Startup to Take Measure of Security
News  |  11/27/2006  | 
Errata will security-test and certify software and managed security services
McAfee Offers Program
News  |  11/27/2006  | 
McAfee announced that it is offering special incentives to customers of IBM Internet Security Systems to switch to McAfee solutions
Utimaco Gets Certification
News  |  11/27/2006  | 
RSA has certified that Utimaco's SafeGuard Easy solution and the RSA SecurID SID800 hardware authenticator are both technically compatible
Online Shopping to Soar
News  |  11/27/2006  | 
Record shopping expected online this holiday, and Sophos urges surfers to play it safe
To Improve Holiday Safety, I'll Start A House Fire Every Day In December Using A Different Christmas Decoration
Commentary  |  11/22/2006  | 
The gimmick of churning out software security flaws on a daily basis for some set period has gotten ridiculous. First the Month of Browser Bugs, then the Month of Kernel Bugs, now the research firm firm Argeniss plans the Week of Oracle Database Bugs. Security researchers play an irreplaceable watchdog role. But it's time to retire this publicity stunt.
Page 1 / 4   >   >>


Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11354
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.
CVE-2018-11355
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.
CVE-2018-11356
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.
CVE-2018-11357
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
CVE-2018-11358
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.