News & Commentary

Content posted in November 2007
Page 1 / 4   >   >>
China Dismisses McAfee Cybercrime Findings
Quick Hits  |  11/30/2007  | 
Chinese official says China is the victim, not the aggressor
Temp Workers Pose Large Security Challenge
Commentary  |  11/30/2007  | 
Adding extra help for the holiday rush -- or any crunch-period -- requires taking extra time to seal any potential security holes. But according to Websense, many of you won't.
AV Vendor Adopts 'Herd' Intelligence
News  |  11/30/2007  | 
Panda Security on Monday will roll out new anti-malware solution that analyzes new malware 'in the cloud' rather than in the lab
When Projects Cause Security Failures
News  |  11/30/2007  | 
Some tips on how to balance the day-to-day and big projects in security
Wachovia Automates Security Policies
News  |  11/30/2007  | 
Corporate Investment Bank Technology Division adopts entitlement management system to streamline security policy changes
nCipher Appoints New CEO
News  |  11/29/2007  | 
Company adds Geoffrey Finlay as chief executive officer
BitDefender Intros Nov. Top 10 Malware
News  |  11/29/2007  | 
November's list reveals trend toward lower-profile malware
FBI Nabs Eight in Second 'Bot Roast'
News  |  11/29/2007  | 
Bots totaled more than $20M in losses and harnessed more than a million PCs, feds say
Insecure Software Costs US $180B per Year
News  |  11/29/2007  | 
'Vulnerability tax' might be the answer, says SANS instructor and security expert David Rice
Under 50% UK IT Mgrs Use Encryption
News  |  11/29/2007  | 
UK IT managers feel secure against data leaks, but less than half use encryption solutions, says Check Point survey
GFI Adds Deeper Control of USB, iPod
News  |  11/29/2007  | 
New version of GFI EndPointSecurity released
NSA Certifies IP Phone for Top-Secret Comms
News  |  11/29/2007  | 
National Security Agency certifies new 'Sectera vIPer' phone by General Dynamics for top secret communications
Cyberwarfare Now 'Business as Usual'
Quick Hits  |  11/29/2007  | 
Experts flag international cyber-spying as top threat, say malware economy now mimicking legitimate software markets
What's Behind Non-Compliance?
News  |  11/28/2007  | 
New study shows that many employees still don't know about critical policies - or believe those policies will be enforced
Firewalls Ready for Evolutionary Shift
News  |  11/28/2007  | 
Next-generation firewalls will come with true IPS integration and app-awareness, but experts say ability to distinguish data is key
Free Qualys Security Scan Available
News  |  11/28/2007  | 
Free Qualys Security Scan available for the new SANS Top 20
Charity Hacker Used Employee Password
Quick Hits  |  11/28/2007  | 
Attacker who stole data from 92 charities had a valid password from their shared service provider
FDIC Selects Shavlik
News  |  11/28/2007  | 
Shavlik NetChk Compliance helps FDIC meet government mandates that require proof of configuration security
Akonix Tracks New IM Attacks
News  |  11/28/2007  | 
Akonix responds to complex botnets and criminal IM activity with aggressive policy updates
New TrustedSource Threat Portal Shows You Where The Bad Stuff Is
Commentary  |  11/27/2007  | 
The latest update of Secure Computing's TrustedSource.org threat intelligence portal goes live today -- and provides a frightening look at the threat environment we live and work in.
Integrated Security Suites Attempt to Ease Management Chores
Commentary  |  11/27/2007  | 
Tired of trying to maintain and update a handful of different security products? Then security supplier Sophos offers you an alternative : the Sophos Security Suite Small Business Edition, one in a growing of integrated security suites.
Client, Application Flaws Top SANS Vulnerability List
News  |  11/27/2007  | 
Gullible users, untrained developers are helping to make life easier for hackers, annual study says
Trust Digital Issues Holiday Smartphone Tips
News  |  11/27/2007  | 
Trust Digital: Smartphone stocking stuffers make IT departments suffer
GTB Adds New DLP System
News  |  11/27/2007  | 
GTB extends its 'True Content Aware' data loss prevention approach beyond the enterprise's network perimeter to the client endpoint
Spam for the Holidays
Quick Hits  |  11/27/2007  | 
New pump-and-dump scheme decks email's halls with holiday-related messages
Core Security Discovers Vulnerability in Lotus Notes
News  |  11/27/2007  | 
Users vulnerable to attack when viewing corrupt Lotus 1-2-3 file attachments
Secure Computing Upgrades Portal
News  |  11/27/2007  | 
Secure Computing unveils the new TrustedSource.org
Vigilar Picks eIQnetworks' SecureVue Platform
News  |  11/27/2007  | 
Vigilar selects eIQnetworks' SecureVue platform for ATLAS log management module
Software Anti-Piracy Efforts Target Small Business
Commentary  |  11/26/2007  | 
Why are the big software companies going after small businesses for software piracy? Because they can!
UK Retail Giant Breached by Insider
Quick Hits  |  11/26/2007  | 
Call center operator may have stolen credit card information from many customers at online giant Tesco
Klocwork, Marubeni Team Up
News  |  11/26/2007  | 
Company adds Asia-Pacific channel partner to meet global demand for best-of-breed source code analysis tools
CompTIA: Spyware Problems Rise
News  |  11/26/2007  | 
Worms, viruses, browser-based attacks down
Cenzic Announces Record Growth for 2007
News  |  11/26/2007  | 
Cenzic announces record growth, prestigious awards, excellent product ratings
Ingrian Hits Data Encryption Milestone
News  |  11/26/2007  | 
Ingrian ships 1500th data encryption appliance
Webroot Merges With SaaS Firm Email Systems
News  |  11/26/2007  | 
Webroot moves aggressively to extend enterprise security capability - merges with SAAS firm Email Systems
UK Government Breach Exceeds Original Estimates
News  |  11/26/2007  | 
Officials may have lost eight more storage disks containing personal information on British citizens
The Right Stuff
News  |  11/26/2007  | 
An inexperienced systems administrator, combined with outdated Web apps, is a recipe for disaster
Buffer Overflows Are Top Threat, Report Says
News  |  11/26/2007  | 
Research data says buffer overflow bugs outnumber Web app vulnerabilities, and some severe Microsoft bugs are on the decline
GlobalPlatform Publishes White Paper
News  |  11/26/2007  | 
Smart card organization has published a white paper - along with a use case scenario
Vasco Rolls Out E-Signature Authenticator
News  |  11/26/2007  | 
Vasco launches ultra-portable Digipass 270 e-signature authenticator
VZ: Stop Hackers From Stealing Christmas
News  |  11/26/2007  | 
Verizon Business offers list of top security tips for retailers
Circuit City Selects Vericept for Data Loss Prevention
News  |  11/26/2007  | 
Leading consumer electronics retailer selects Vericept to preserve and protect valuable corporate data and maintain PCI data security standards
Enterasys Adds Secure Virtual Data Centers
News  |  11/25/2007  | 
Uniquely discovers, classifies, prioritizes, and secures virtualized computing and storage without sacrificing performance
BitDefender Products Sold at OfficeMax
News  |  11/25/2007  | 
BitDefender Internet security and antivirus products now available throughout the US at OfficeMax
Rethinking Desktop Security
News  |  11/21/2007  | 
New and built-in security technologies could soon make the PC safer than ever
Check Point Urges Shoppers to Be Cautious
News  |  11/21/2007  | 
Developers of the award-winning ZoneAlarm Internet Security Suite share insider tips for safe online shopping during the holiday rush
Cybercriminals Ready for Banner Holiday Shopping Season
News  |  11/21/2007  | 
Black Friday and Cyber Monday will kick off a record run for online fraudsters, researchers say
Cisco's IronPort Adds PCI to Email
News  |  11/20/2007  | 
IronPort Systems helps retailers comply with Payment Card Industry standards
Startup Offers Low-Cost USB Security Device
News  |  11/20/2007  | 
Lock the Bad Guys out of your USB Ports with MyUSBOnly
Sophos: Trojan Spreads Wiretapping Scare
News  |  11/20/2007  | 
Emails from a private investigator lead to malware infection
Page 1 / 4   >   >>


12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.