News & Commentary

Content posted in November 2007
Page 1 / 4   >   >>
China Dismisses McAfee Cybercrime Findings
Quick Hits  |  11/30/2007  | 
Chinese official says China is the victim, not the aggressor
Temp Workers Pose Large Security Challenge
Commentary  |  11/30/2007  | 
Adding extra help for the holiday rush -- or any crunch-period -- requires taking extra time to seal any potential security holes. But according to Websense, many of you won't.
AV Vendor Adopts 'Herd' Intelligence
News  |  11/30/2007  | 
Panda Security on Monday will roll out new anti-malware solution that analyzes new malware 'in the cloud' rather than in the lab
When Projects Cause Security Failures
News  |  11/30/2007  | 
Some tips on how to balance the day-to-day and big projects in security
Wachovia Automates Security Policies
News  |  11/30/2007  | 
Corporate Investment Bank Technology Division adopts entitlement management system to streamline security policy changes
nCipher Appoints New CEO
News  |  11/29/2007  | 
Company adds Geoffrey Finlay as chief executive officer
BitDefender Intros Nov. Top 10 Malware
News  |  11/29/2007  | 
November's list reveals trend toward lower-profile malware
FBI Nabs Eight in Second 'Bot Roast'
News  |  11/29/2007  | 
Bots totaled more than $20M in losses and harnessed more than a million PCs, feds say
Insecure Software Costs US $180B per Year
News  |  11/29/2007  | 
'Vulnerability tax' might be the answer, says SANS instructor and security expert David Rice
Under 50% UK IT Mgrs Use Encryption
News  |  11/29/2007  | 
UK IT managers feel secure against data leaks, but less than half use encryption solutions, says Check Point survey
GFI Adds Deeper Control of USB, iPod
News  |  11/29/2007  | 
New version of GFI EndPointSecurity released
NSA Certifies IP Phone for Top-Secret Comms
News  |  11/29/2007  | 
National Security Agency certifies new 'Sectera vIPer' phone by General Dynamics for top secret communications
Cyberwarfare Now 'Business as Usual'
Quick Hits  |  11/29/2007  | 
Experts flag international cyber-spying as top threat, say malware economy now mimicking legitimate software markets
What's Behind Non-Compliance?
News  |  11/28/2007  | 
New study shows that many employees still don't know about critical policies - or believe those policies will be enforced
Firewalls Ready for Evolutionary Shift
News  |  11/28/2007  | 
Next-generation firewalls will come with true IPS integration and app-awareness, but experts say ability to distinguish data is key
Free Qualys Security Scan Available
News  |  11/28/2007  | 
Free Qualys Security Scan available for the new SANS Top 20
Charity Hacker Used Employee Password
Quick Hits  |  11/28/2007  | 
Attacker who stole data from 92 charities had a valid password from their shared service provider
FDIC Selects Shavlik
News  |  11/28/2007  | 
Shavlik NetChk Compliance helps FDIC meet government mandates that require proof of configuration security
Akonix Tracks New IM Attacks
News  |  11/28/2007  | 
Akonix responds to complex botnets and criminal IM activity with aggressive policy updates
New TrustedSource Threat Portal Shows You Where The Bad Stuff Is
Commentary  |  11/27/2007  | 
The latest update of Secure Computing's TrustedSource.org threat intelligence portal goes live today -- and provides a frightening look at the threat environment we live and work in.
Integrated Security Suites Attempt to Ease Management Chores
Commentary  |  11/27/2007  | 
Tired of trying to maintain and update a handful of different security products? Then security supplier Sophos offers you an alternative : the Sophos Security Suite Small Business Edition, one in a growing of integrated security suites.
Client, Application Flaws Top SANS Vulnerability List
News  |  11/27/2007  | 
Gullible users, untrained developers are helping to make life easier for hackers, annual study says
Trust Digital Issues Holiday Smartphone Tips
News  |  11/27/2007  | 
Trust Digital: Smartphone stocking stuffers make IT departments suffer
GTB Adds New DLP System
News  |  11/27/2007  | 
GTB extends its 'True Content Aware' data loss prevention approach beyond the enterprise's network perimeter to the client endpoint
Spam for the Holidays
Quick Hits  |  11/27/2007  | 
New pump-and-dump scheme decks email's halls with holiday-related messages
Core Security Discovers Vulnerability in Lotus Notes
News  |  11/27/2007  | 
Users vulnerable to attack when viewing corrupt Lotus 1-2-3 file attachments
Secure Computing Upgrades Portal
News  |  11/27/2007  | 
Secure Computing unveils the new TrustedSource.org
Vigilar Picks eIQnetworks' SecureVue Platform
News  |  11/27/2007  | 
Vigilar selects eIQnetworks' SecureVue platform for ATLAS log management module
Software Anti-Piracy Efforts Target Small Business
Commentary  |  11/26/2007  | 
Why are the big software companies going after small businesses for software piracy? Because they can!
UK Retail Giant Breached by Insider
Quick Hits  |  11/26/2007  | 
Call center operator may have stolen credit card information from many customers at online giant Tesco
Klocwork, Marubeni Team Up
News  |  11/26/2007  | 
Company adds Asia-Pacific channel partner to meet global demand for best-of-breed source code analysis tools
CompTIA: Spyware Problems Rise
News  |  11/26/2007  | 
Worms, viruses, browser-based attacks down
Cenzic Announces Record Growth for 2007
News  |  11/26/2007  | 
Cenzic announces record growth, prestigious awards, excellent product ratings
Ingrian Hits Data Encryption Milestone
News  |  11/26/2007  | 
Ingrian ships 1500th data encryption appliance
Webroot Merges With SaaS Firm Email Systems
News  |  11/26/2007  | 
Webroot moves aggressively to extend enterprise security capability - merges with SAAS firm Email Systems
UK Government Breach Exceeds Original Estimates
News  |  11/26/2007  | 
Officials may have lost eight more storage disks containing personal information on British citizens
The Right Stuff
News  |  11/26/2007  | 
An inexperienced systems administrator, combined with outdated Web apps, is a recipe for disaster
Buffer Overflows Are Top Threat, Report Says
News  |  11/26/2007  | 
Research data says buffer overflow bugs outnumber Web app vulnerabilities, and some severe Microsoft bugs are on the decline
GlobalPlatform Publishes White Paper
News  |  11/26/2007  | 
Smart card organization has published a white paper - along with a use case scenario
Vasco Rolls Out E-Signature Authenticator
News  |  11/26/2007  | 
Vasco launches ultra-portable Digipass 270 e-signature authenticator
VZ: Stop Hackers From Stealing Christmas
News  |  11/26/2007  | 
Verizon Business offers list of top security tips for retailers
Circuit City Selects Vericept for Data Loss Prevention
News  |  11/26/2007  | 
Leading consumer electronics retailer selects Vericept to preserve and protect valuable corporate data and maintain PCI data security standards
Enterasys Adds Secure Virtual Data Centers
News  |  11/25/2007  | 
Uniquely discovers, classifies, prioritizes, and secures virtualized computing and storage without sacrificing performance
BitDefender Products Sold at OfficeMax
News  |  11/25/2007  | 
BitDefender Internet security and antivirus products now available throughout the US at OfficeMax
Rethinking Desktop Security
News  |  11/21/2007  | 
New and built-in security technologies could soon make the PC safer than ever
Check Point Urges Shoppers to Be Cautious
News  |  11/21/2007  | 
Developers of the award-winning ZoneAlarm Internet Security Suite share insider tips for safe online shopping during the holiday rush
Cybercriminals Ready for Banner Holiday Shopping Season
News  |  11/21/2007  | 
Black Friday and Cyber Monday will kick off a record run for online fraudsters, researchers say
Cisco's IronPort Adds PCI to Email
News  |  11/20/2007  | 
IronPort Systems helps retailers comply with Payment Card Industry standards
Startup Offers Low-Cost USB Security Device
News  |  11/20/2007  | 
Lock the Bad Guys out of your USB Ports with MyUSBOnly
Sophos: Trojan Spreads Wiretapping Scare
News  |  11/20/2007  | 
Emails from a private investigator lead to malware infection
Page 1 / 4   >   >>


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Now, we come here to play Paw-ke Man Go!"
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6497
PUBLISHED: 2019-01-20
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.
CVE-2018-18908
PUBLISHED: 2019-01-20
The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests over cleartext HTTP. This makes the data submitted in these requests prone to Man in The Middle (MiTM) attacks, whereby an attacker would be able to obtain the data sent in these requests. Some of the requ...
CVE-2019-6496
PUBLISHED: 2019-01-20
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of...
CVE-2019-3773
PUBLISHED: 2019-01-18
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
CVE-2019-3774
PUBLISHED: 2019-01-18
Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.