News & Commentary

Content posted in November 2007
Page 1 / 4   >   >>
China Dismisses McAfee Cybercrime Findings
Quick Hits  |  11/30/2007  | 
Chinese official says China is the victim, not the aggressor
Temp Workers Pose Large Security Challenge
Commentary  |  11/30/2007  | 
Adding extra help for the holiday rush -- or any crunch-period -- requires taking extra time to seal any potential security holes. But according to Websense, many of you won't.
AV Vendor Adopts 'Herd' Intelligence
News  |  11/30/2007  | 
Panda Security on Monday will roll out new anti-malware solution that analyzes new malware 'in the cloud' rather than in the lab
When Projects Cause Security Failures
News  |  11/30/2007  | 
Some tips on how to balance the day-to-day and big projects in security
Wachovia Automates Security Policies
News  |  11/30/2007  | 
Corporate Investment Bank Technology Division adopts entitlement management system to streamline security policy changes
nCipher Appoints New CEO
News  |  11/29/2007  | 
Company adds Geoffrey Finlay as chief executive officer
BitDefender Intros Nov. Top 10 Malware
News  |  11/29/2007  | 
November's list reveals trend toward lower-profile malware
FBI Nabs Eight in Second 'Bot Roast'
News  |  11/29/2007  | 
Bots totaled more than $20M in losses and harnessed more than a million PCs, feds say
Insecure Software Costs US $180B per Year
News  |  11/29/2007  | 
'Vulnerability tax' might be the answer, says SANS instructor and security expert David Rice
Under 50% UK IT Mgrs Use Encryption
News  |  11/29/2007  | 
UK IT managers feel secure against data leaks, but less than half use encryption solutions, says Check Point survey
GFI Adds Deeper Control of USB, iPod
News  |  11/29/2007  | 
New version of GFI EndPointSecurity released
NSA Certifies IP Phone for Top-Secret Comms
News  |  11/29/2007  | 
National Security Agency certifies new 'Sectera vIPer' phone by General Dynamics for top secret communications
Cyberwarfare Now 'Business as Usual'
Quick Hits  |  11/29/2007  | 
Experts flag international cyber-spying as top threat, say malware economy now mimicking legitimate software markets
What's Behind Non-Compliance?
News  |  11/28/2007  | 
New study shows that many employees still don't know about critical policies - or believe those policies will be enforced
Firewalls Ready for Evolutionary Shift
News  |  11/28/2007  | 
Next-generation firewalls will come with true IPS integration and app-awareness, but experts say ability to distinguish data is key
Free Qualys Security Scan Available
News  |  11/28/2007  | 
Free Qualys Security Scan available for the new SANS Top 20
Charity Hacker Used Employee Password
Quick Hits  |  11/28/2007  | 
Attacker who stole data from 92 charities had a valid password from their shared service provider
FDIC Selects Shavlik
News  |  11/28/2007  | 
Shavlik NetChk Compliance helps FDIC meet government mandates that require proof of configuration security
Akonix Tracks New IM Attacks
News  |  11/28/2007  | 
Akonix responds to complex botnets and criminal IM activity with aggressive policy updates
New TrustedSource Threat Portal Shows You Where The Bad Stuff Is
Commentary  |  11/27/2007  | 
The latest update of Secure Computing's TrustedSource.org threat intelligence portal goes live today -- and provides a frightening look at the threat environment we live and work in.
Integrated Security Suites Attempt to Ease Management Chores
Commentary  |  11/27/2007  | 
Tired of trying to maintain and update a handful of different security products? Then security supplier Sophos offers you an alternative : the Sophos Security Suite Small Business Edition, one in a growing of integrated security suites.
Client, Application Flaws Top SANS Vulnerability List
News  |  11/27/2007  | 
Gullible users, untrained developers are helping to make life easier for hackers, annual study says
Trust Digital Issues Holiday Smartphone Tips
News  |  11/27/2007  | 
Trust Digital: Smartphone stocking stuffers make IT departments suffer
GTB Adds New DLP System
News  |  11/27/2007  | 
GTB extends its 'True Content Aware' data loss prevention approach beyond the enterprise's network perimeter to the client endpoint
Spam for the Holidays
Quick Hits  |  11/27/2007  | 
New pump-and-dump scheme decks email's halls with holiday-related messages
Core Security Discovers Vulnerability in Lotus Notes
News  |  11/27/2007  | 
Users vulnerable to attack when viewing corrupt Lotus 1-2-3 file attachments
Secure Computing Upgrades Portal
News  |  11/27/2007  | 
Secure Computing unveils the new TrustedSource.org
Vigilar Picks eIQnetworks' SecureVue Platform
News  |  11/27/2007  | 
Vigilar selects eIQnetworks' SecureVue platform for ATLAS log management module
Software Anti-Piracy Efforts Target Small Business
Commentary  |  11/26/2007  | 
Why are the big software companies going after small businesses for software piracy? Because they can!
UK Retail Giant Breached by Insider
Quick Hits  |  11/26/2007  | 
Call center operator may have stolen credit card information from many customers at online giant Tesco
Klocwork, Marubeni Team Up
News  |  11/26/2007  | 
Company adds Asia-Pacific channel partner to meet global demand for best-of-breed source code analysis tools
CompTIA: Spyware Problems Rise
News  |  11/26/2007  | 
Worms, viruses, browser-based attacks down
Cenzic Announces Record Growth for 2007
News  |  11/26/2007  | 
Cenzic announces record growth, prestigious awards, excellent product ratings
Ingrian Hits Data Encryption Milestone
News  |  11/26/2007  | 
Ingrian ships 1500th data encryption appliance
Webroot Merges With SaaS Firm Email Systems
News  |  11/26/2007  | 
Webroot moves aggressively to extend enterprise security capability - merges with SAAS firm Email Systems
UK Government Breach Exceeds Original Estimates
News  |  11/26/2007  | 
Officials may have lost eight more storage disks containing personal information on British citizens
The Right Stuff
News  |  11/26/2007  | 
An inexperienced systems administrator, combined with outdated Web apps, is a recipe for disaster
Buffer Overflows Are Top Threat, Report Says
News  |  11/26/2007  | 
Research data says buffer overflow bugs outnumber Web app vulnerabilities, and some severe Microsoft bugs are on the decline
GlobalPlatform Publishes White Paper
News  |  11/26/2007  | 
Smart card organization has published a white paper - along with a use case scenario
Vasco Rolls Out E-Signature Authenticator
News  |  11/26/2007  | 
Vasco launches ultra-portable Digipass 270 e-signature authenticator
VZ: Stop Hackers From Stealing Christmas
News  |  11/26/2007  | 
Verizon Business offers list of top security tips for retailers
Circuit City Selects Vericept for Data Loss Prevention
News  |  11/26/2007  | 
Leading consumer electronics retailer selects Vericept to preserve and protect valuable corporate data and maintain PCI data security standards
Enterasys Adds Secure Virtual Data Centers
News  |  11/25/2007  | 
Uniquely discovers, classifies, prioritizes, and secures virtualized computing and storage without sacrificing performance
BitDefender Products Sold at OfficeMax
News  |  11/25/2007  | 
BitDefender Internet security and antivirus products now available throughout the US at OfficeMax
Rethinking Desktop Security
News  |  11/21/2007  | 
New and built-in security technologies could soon make the PC safer than ever
Check Point Urges Shoppers to Be Cautious
News  |  11/21/2007  | 
Developers of the award-winning ZoneAlarm Internet Security Suite share insider tips for safe online shopping during the holiday rush
Cybercriminals Ready for Banner Holiday Shopping Season
News  |  11/21/2007  | 
Black Friday and Cyber Monday will kick off a record run for online fraudsters, researchers say
Cisco's IronPort Adds PCI to Email
News  |  11/20/2007  | 
IronPort Systems helps retailers comply with Payment Card Industry standards
Startup Offers Low-Cost USB Security Device
News  |  11/20/2007  | 
Lock the Bad Guys out of your USB Ports with MyUSBOnly
Sophos: Trojan Spreads Wiretapping Scare
News  |  11/20/2007  | 
Emails from a private investigator lead to malware infection
Page 1 / 4   >   >>


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15504
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.
CVE-2018-15505
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 a...
CVE-2018-15492
PUBLISHED: 2018-08-18
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.
CVE-2018-15494
PUBLISHED: 2018-08-18
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
CVE-2018-15495
PUBLISHED: 2018-08-18
/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.