News & Commentary

Content posted in November 2006
Page 1 / 4   >   >>
E-Tailers Leaving Money On The Table Thanks To Weak Web Sites
Commentary  |  11/30/2006  | 
One week after I'd already bought three holiday presents online I learned that the vast majority of Web sites are vulnerable to attack by malicious hackers and that such security concerns are expected to drive away potential customers who would have shelled out nearly $2 billion online this year. The only real surprise is why those numbers aren't higher.
What Do You Have To Give Them If You Want To Use The Bathroom?
Commentary  |  11/30/2006  | 
An International House of Pancakes (IHOP) restaurant reversed its policy of requiring customers to surrender their driver's licenses before being served, after customers complained about the privacy and identity theft risks. One customer complained: "You want my license? I'm going for pancakes, I'm not buying the Hope diamond." The restaurant was trying to limit "dine-a
Grisoft Adds Rescue CD
News  |  11/30/2006  | 
Grisoft, the developer of AVG security software, introduced AVG Rescue CD
Month of Kernel Bugs Ends in Controversy
News  |  11/30/2006  | 
The MOKB forced several vendors to patch their wireless drivers, but it concluded today with a debate over the validity of a Mac OS X flaw
New Threats Loom for 2007
News  |  11/30/2006  | 
Password-stealing sites, video malware, and a parasitic comeback top McAfee's list of predicted threats for new year
Vista, Office 2007 Arrive
News  |  11/30/2006  | 
Steve Ballmer kicks off most significant product launch in Microsoft's history
Security Appliance Delivers for Kenco
News  |  11/30/2006  | 
Logistics company gets the bigger picture with new appliance, software for security management
Credit Union Overcomes Insecurities
News  |  11/30/2006  | 
Uses data classification to plug security holes by actually enforcing set policies
Symantec Manages Exchange
News  |  11/30/2006  | 
Symantec will offer market-leading, end-to-end messaging management support for customers migrating to Exchange Server 2007
MessageLabs Offers Solutions
News  |  11/29/2006  | 
MessageLabs announced the launch of MessageLabs Small Business Solutions
Sophos Reveals Top Ten
News  |  11/29/2006  | 
Sophos announced the top ten viruses plaguing computer users worldwide during November 2006
Protegrity Gets Patent
News  |  11/29/2006  | 
Protegrity Corporation has been awarded United States Patent 7,120,933
The Ripple Effects Of E-Discovery
Commentary  |  11/29/2006  | 
When I last tread this space, it was to alert readers who weren't already aware, of the Dec. 1rst launch of new federal rules regarding electronic discovery. By the way, there's no new law. The new requirements are just an extension of existing rules, which you can find here.
Paradial Unveils Product
News  |  11/29/2006  | 
Paradial announced the general availability of Paradial's RealTunnel 2.0
TriCipher Hires Exec
News  |  11/29/2006  | 
TriCipher announced that Vatsal Sonecha has joined its executive team as vice president of strategy and business development
Stop Wasting My Time
News  |  11/29/2006  | 
Dark Reading survey shows frustrated security pros spend too much time on drudgery, not enough on important tasks
The 10 Most Overlooked Aspects of Security
News  |  11/29/2006  | 
Think your organization has all its security bases covered? You might think twice after checking out this list
Securing Identity From Inside the App
News  |  11/29/2006  | 
Oracle-led group seeks to secure the personal information that gets embedded in applications
MessageLabs Intros Services
News  |  11/29/2006  | 
MessageLabs announced the launch of MessageLabs Small Business Solutions
Banking on Security
News  |  11/29/2006  | 
No tellers were harmed, no cash was removed... This social engineer was after logins and passwords
F-Secure Protects Corporate Data
News  |  11/29/2006  | 
At the beginning of 2007 the new F-Secure Client Security 7 will take the protection of corporate PCs to a new level
McAfee Predicts '07 Trends
News  |  11/29/2006  | 
McAfee announced its top ten predictions for security threats in 2007 from McAfee Avert Labs
CA Faces Backup Flaw
News  |  11/29/2006  | 
Tape security flaw in CA's BrightStor ARCserve could open users to DOS attacks
Secude Unveils 5.8
News  |  11/29/2006  | 
Secude signon Version 5.8 now adjusts even better to companies' individual security needs
Vericept, Anadarko Partner
News  |  11/29/2006  | 
Anadarko Petroleum has selected The Vericept 360 degrees Risk Management Platform
PetroChina Selects Array
News  |  11/29/2006  | 
PetroChina has deployed Array's SSL VPN and Global Server Load Balancing platforms to deliver mission-critical applications
Netragard Unveils Vulnerabilities
News  |  11/29/2006  | 
NETRAGARD announced that its SRT uncovered two potentially critical vulnerabilities with Hewlett-Packard's Tru64 Operating System
CommVault Enhances Search
News  |  11/29/2006  | 
CommVault announced data archiving software enhancements that improve legal search and discovery of enterprise Microsoft Exchange email
Vasco Secures 100
News  |  11/29/2006  | 
Vasco has passed the landmark of 100 customers in the US banking sector
NSS Certifies McAfee IntruShield
News  |  11/28/2006  | 
McAfee IntruShield was the only Network Intrusion Prevention Solution (IPS) to receive the new 'Multi-Gigabit IPS'certification by the NSS
Cartus Earns Cybertrust Certification
News  |  11/28/2006  | 
Cartus has obtained Cybertrust Security Management Program (SMP) Enterprise Certification for the fourth year in a row
ESET Protects USD
News  |  11/28/2006  | 
Deer Valley USD has selected ESET NOD32 Antivirus software as the default antivirus solution for its 36 K-12 schools
AAO Picks StillSecure
News  |  11/28/2006  | 
StillSecure announced that American Academy of Ophthalmology (AAO) is using StillSecure Safe Access for network access control (NAC)
Hackers and Humbugs
News  |  11/28/2006  | 
Spread some holiday cheer with your own Month of Bugs
Where the Bugs Are
News  |  11/28/2006  | 
New data from White Hat reveals vulnerabilities in major Web-based applications
Imperva Secures Platform
News  |  11/28/2006  | 
AEMS has selected the SecureSphere Web Application Firewall to protect its Internet-based trading platform from being compromised
Spam Victims Get the Picture
News  |  11/28/2006  | 
Vendors warn of growing threat of spam embedded with image files that circumvent filters
AppSec Tackles Data Security
News  |  11/28/2006  | 
Application Security hosted an invitation-only seminar for CXO-level IT security professionals
Mu Finds Vulnerability
News  |  11/28/2006  | 
Mu identifies pre-authentication vulnerability in Mac OS X kernel PPP driver
Insightix Intros 3.0
News  |  11/28/2006  | 
Insightix announced the release of Insightix NAC 3.0
TSA Standardizes on Aventail
News  |  11/28/2006  | 
Trans States Airlines (TSA) has standardized on Aventail's award-winning SSL VPN platform ST2
Bioscrypt, Artemis Team
News  |  11/28/2006  | 
ASG will distribute a private label BioCert version of VeriSoft USC
Capgemini Offers Security
News  |  11/28/2006  | 
ControlGuard announced that Capgemini will offer ControlGuard Endpoint Access Manager as part of its portfolio in Italy
Covelight & Quova Partner
News  |  11/27/2006  | 
Covelight announced a partnership with Quova to deliver a seamless platform for online user transaction data and enhanced authentication capabilities
Looking Over the Overlooked
News  |  11/27/2006  | 
Some honorable mentions that didn't make our 'Top 10 Most Overlooked Aspects of IT Security' story
Startup to Take Measure of Security
News  |  11/27/2006  | 
Errata will security-test and certify software and managed security services
McAfee Offers Program
News  |  11/27/2006  | 
McAfee announced that it is offering special incentives to customers of IBM Internet Security Systems to switch to McAfee solutions
Utimaco Gets Certification
News  |  11/27/2006  | 
RSA has certified that Utimaco's SafeGuard Easy solution and the RSA SecurID SID800 hardware authenticator are both technically compatible
Online Shopping to Soar
News  |  11/27/2006  | 
Record shopping expected online this holiday, and Sophos urges surfers to play it safe
To Improve Holiday Safety, I'll Start A House Fire Every Day In December Using A Different Christmas Decoration
Commentary  |  11/22/2006  | 
The gimmick of churning out software security flaws on a daily basis for some set period has gotten ridiculous. First the Month of Browser Bugs, then the Month of Kernel Bugs, now the research firm firm Argeniss plans the Week of Oracle Database Bugs. Security researchers play an irreplaceable watchdog role. But it's time to retire this publicity stunt.
Page 1 / 4   >   >>


Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
SEC: Companies Must Disclose More Info on Cybersecurity Attacks & Risks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/22/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.