News & Commentary

Content posted in November 2006
Page 1 / 4   >   >>
E-Tailers Leaving Money On The Table Thanks To Weak Web Sites
Commentary  |  11/30/2006  | 
One week after I'd already bought three holiday presents online I learned that the vast majority of Web sites are vulnerable to attack by malicious hackers and that such security concerns are expected to drive away potential customers who would have shelled out nearly $2 billion online this year. The only real surprise is why those numbers aren't higher.
What Do You Have To Give Them If You Want To Use The Bathroom?
Commentary  |  11/30/2006  | 
An International House of Pancakes (IHOP) restaurant reversed its policy of requiring customers to surrender their driver's licenses before being served, after customers complained about the privacy and identity theft risks. One customer complained: "You want my license? I'm going for pancakes, I'm not buying the Hope diamond." The restaurant was trying to limit "dine-a
Grisoft Adds Rescue CD
News  |  11/30/2006  | 
Grisoft, the developer of AVG security software, introduced AVG Rescue CD
Month of Kernel Bugs Ends in Controversy
News  |  11/30/2006  | 
The MOKB forced several vendors to patch their wireless drivers, but it concluded today with a debate over the validity of a Mac OS X flaw
New Threats Loom for 2007
News  |  11/30/2006  | 
Password-stealing sites, video malware, and a parasitic comeback top McAfee's list of predicted threats for new year
Vista, Office 2007 Arrive
News  |  11/30/2006  | 
Steve Ballmer kicks off most significant product launch in Microsoft's history
Security Appliance Delivers for Kenco
News  |  11/30/2006  | 
Logistics company gets the bigger picture with new appliance, software for security management
Credit Union Overcomes Insecurities
News  |  11/30/2006  | 
Uses data classification to plug security holes by actually enforcing set policies
Symantec Manages Exchange
News  |  11/30/2006  | 
Symantec will offer market-leading, end-to-end messaging management support for customers migrating to Exchange Server 2007
MessageLabs Offers Solutions
News  |  11/29/2006  | 
MessageLabs announced the launch of MessageLabs Small Business Solutions
Sophos Reveals Top Ten
News  |  11/29/2006  | 
Sophos announced the top ten viruses plaguing computer users worldwide during November 2006
Protegrity Gets Patent
News  |  11/29/2006  | 
Protegrity Corporation has been awarded United States Patent 7,120,933
The Ripple Effects Of E-Discovery
Commentary  |  11/29/2006  | 
When I last tread this space, it was to alert readers who weren't already aware, of the Dec. 1rst launch of new federal rules regarding electronic discovery. By the way, there's no new law. The new requirements are just an extension of existing rules, which you can find here.
Paradial Unveils Product
News  |  11/29/2006  | 
Paradial announced the general availability of Paradial's RealTunnel 2.0
TriCipher Hires Exec
News  |  11/29/2006  | 
TriCipher announced that Vatsal Sonecha has joined its executive team as vice president of strategy and business development
Stop Wasting My Time
News  |  11/29/2006  | 
Dark Reading survey shows frustrated security pros spend too much time on drudgery, not enough on important tasks
The 10 Most Overlooked Aspects of Security
News  |  11/29/2006  | 
Think your organization has all its security bases covered? You might think twice after checking out this list
Securing Identity From Inside the App
News  |  11/29/2006  | 
Oracle-led group seeks to secure the personal information that gets embedded in applications
MessageLabs Intros Services
News  |  11/29/2006  | 
MessageLabs announced the launch of MessageLabs Small Business Solutions
Banking on Security
News  |  11/29/2006  | 
No tellers were harmed, no cash was removed... This social engineer was after logins and passwords
F-Secure Protects Corporate Data
News  |  11/29/2006  | 
At the beginning of 2007 the new F-Secure Client Security 7 will take the protection of corporate PCs to a new level
McAfee Predicts '07 Trends
News  |  11/29/2006  | 
McAfee announced its top ten predictions for security threats in 2007 from McAfee Avert Labs
CA Faces Backup Flaw
News  |  11/29/2006  | 
Tape security flaw in CA's BrightStor ARCserve could open users to DOS attacks
Secude Unveils 5.8
News  |  11/29/2006  | 
Secude signon Version 5.8 now adjusts even better to companies' individual security needs
Vericept, Anadarko Partner
News  |  11/29/2006  | 
Anadarko Petroleum has selected The Vericept 360 degrees Risk Management Platform
PetroChina Selects Array
News  |  11/29/2006  | 
PetroChina has deployed Array's SSL VPN and Global Server Load Balancing platforms to deliver mission-critical applications
Netragard Unveils Vulnerabilities
News  |  11/29/2006  | 
NETRAGARD announced that its SRT uncovered two potentially critical vulnerabilities with Hewlett-Packard's Tru64 Operating System
CommVault Enhances Search
News  |  11/29/2006  | 
CommVault announced data archiving software enhancements that improve legal search and discovery of enterprise Microsoft Exchange email
Vasco Secures 100
News  |  11/29/2006  | 
Vasco has passed the landmark of 100 customers in the US banking sector
NSS Certifies McAfee IntruShield
News  |  11/28/2006  | 
McAfee IntruShield was the only Network Intrusion Prevention Solution (IPS) to receive the new 'Multi-Gigabit IPS'certification by the NSS
Cartus Earns Cybertrust Certification
News  |  11/28/2006  | 
Cartus has obtained Cybertrust Security Management Program (SMP) Enterprise Certification for the fourth year in a row
ESET Protects USD
News  |  11/28/2006  | 
Deer Valley USD has selected ESET NOD32 Antivirus software as the default antivirus solution for its 36 K-12 schools
AAO Picks StillSecure
News  |  11/28/2006  | 
StillSecure announced that American Academy of Ophthalmology (AAO) is using StillSecure Safe Access for network access control (NAC)
Hackers and Humbugs
News  |  11/28/2006  | 
Spread some holiday cheer with your own Month of Bugs
Where the Bugs Are
News  |  11/28/2006  | 
New data from White Hat reveals vulnerabilities in major Web-based applications
Imperva Secures Platform
News  |  11/28/2006  | 
AEMS has selected the SecureSphere Web Application Firewall to protect its Internet-based trading platform from being compromised
Spam Victims Get the Picture
News  |  11/28/2006  | 
Vendors warn of growing threat of spam embedded with image files that circumvent filters
AppSec Tackles Data Security
News  |  11/28/2006  | 
Application Security hosted an invitation-only seminar for CXO-level IT security professionals
Mu Finds Vulnerability
News  |  11/28/2006  | 
Mu identifies pre-authentication vulnerability in Mac OS X kernel PPP driver
Insightix Intros 3.0
News  |  11/28/2006  | 
Insightix announced the release of Insightix NAC 3.0
TSA Standardizes on Aventail
News  |  11/28/2006  | 
Trans States Airlines (TSA) has standardized on Aventail's award-winning SSL VPN platform ST2
Bioscrypt, Artemis Team
News  |  11/28/2006  | 
ASG will distribute a private label BioCert version of VeriSoft USC
Capgemini Offers Security
News  |  11/28/2006  | 
ControlGuard announced that Capgemini will offer ControlGuard Endpoint Access Manager as part of its portfolio in Italy
Covelight & Quova Partner
News  |  11/27/2006  | 
Covelight announced a partnership with Quova to deliver a seamless platform for online user transaction data and enhanced authentication capabilities
Looking Over the Overlooked
News  |  11/27/2006  | 
Some honorable mentions that didn't make our 'Top 10 Most Overlooked Aspects of IT Security' story
Startup to Take Measure of Security
News  |  11/27/2006  | 
Errata will security-test and certify software and managed security services
McAfee Offers Program
News  |  11/27/2006  | 
McAfee announced that it is offering special incentives to customers of IBM Internet Security Systems to switch to McAfee solutions
Utimaco Gets Certification
News  |  11/27/2006  | 
RSA has certified that Utimaco's SafeGuard Easy solution and the RSA SecurID SID800 hardware authenticator are both technically compatible
Online Shopping to Soar
News  |  11/27/2006  | 
Record shopping expected online this holiday, and Sophos urges surfers to play it safe
To Improve Holiday Safety, I'll Start A House Fire Every Day In December Using A Different Christmas Decoration
Commentary  |  11/22/2006  | 
The gimmick of churning out software security flaws on a daily basis for some set period has gotten ridiculous. First the Month of Browser Bugs, then the Month of Kernel Bugs, now the research firm firm Argeniss plans the Week of Oracle Database Bugs. Security researchers play an irreplaceable watchdog role. But it's time to retire this publicity stunt.
Page 1 / 4   >   >>


Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
2018 on Track to Be One of the Worst Ever for Data Breaches
Jai Vijayan, Freelance writer,  11/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-9071
PUBLISHED: 2018-11-16
Lenovo Chassis Management Module (CMM) prior to version 2.0.0 allows unauthenticated users to retrieve information related to the current authentication configuration settings. Exposed settings relate to password lengths, expiration, and lockout configuration.
CVE-2018-9073
PUBLISHED: 2018-11-16
Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes a hardcoded encryption key to protect certain secrets. Possession of the key can allow an attacker that has already compromised the server to decrypt these secrets.
CVE-2018-9085
PUBLISHED: 2018-11-16
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors.
CVE-2018-9086
PUBLISHED: 2018-11-16
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.
CVE-2018-19296
PUBLISHED: 2018-11-16
PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.