Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in November 2007
<<   <   Page 2 / 4   >   >>
Goodbye, Mr. CISSP
News  |  11/20/2007  | 
Losing a member of your security team is always tough, but good documentation can help ease the pain
Researchers Thankful for New Paypal Policy
Quick Hits  |  11/20/2007  | 
Immunity from legal action for researchers who follow site's responsible disclosure procedures
Phishers Steal DOJ's Identity
Quick Hits  |  11/20/2007  | 
New spam-based exploits also operate under guise of Better Business Bureau
Innovative Security, Encentuate Team
News  |  11/20/2007  | 
Innovative Security Solutions joins Encentuate's growing EMEA Partner Program
AirPatrol Launches WiFi Solution
News  |  11/19/2007  | 
AirPatrol offers next generation WiFi security solution for 802.11n
MEGA International Acquires Control Metrics
News  |  11/19/2007  | 
MEGA International acquires Control Metrics, pioneer of internal control management systems
Security Players Pick Top Threats You Should Be Worried About
Commentary  |  11/19/2007  | 
Next year's biggest security threats for small and midsize businesses? More of the same with differences, according to Symantec and McAfee's seers.
Working-Class SIM
News  |  11/19/2007  | 
After years of targeting the largest enterprises, netForensics goes where no security information management vendor has gone before: the mid-sized business
Breach WAF Earns ICSA Labs Certification
News  |  11/19/2007  | 
Breach Security earns ICSA Labs certification for Web application firewall
WiFi, Whitepaper, Tools Debut
News  |  11/19/2007  | 
Xirrus releases WiFi and Payment Card Industry (PCI) compliance whitepaper, and tools
DNS Servers in Harm's Way
News  |  11/19/2007  | 
Security of Internet-facing Domain Name Service (DNS) servers often overlooked
UK Government in Uproar Following Data Loss
News  |  11/19/2007  | 
Misplaced disks contained personal information on 25 million taxpayers
The Aftermath of Identity Theft
Quick Hits  |  11/19/2007  | 
Loss of personal information continues to increase; stolen data often used to open lines of credit
Responsible Response
News  |  11/19/2007  | 
Responsible disclosure is one thing, but how do you respond when you're informed of a possibly compromised machine or vuln in your apps?
Risky Behavior Rises With Confidence
News  |  11/19/2007  | 
Trend Micro Internet Confidence and Safety Survey reveals consumer confidence in the Internet is on the rise in U.S. and Japan
Sentrigo Fights SQL Injection on Databases
News  |  11/19/2007  | 
Sentrigo announces new technique to combat zero-day SQL injection attacks on databases
Bank Implements Fraud Detection Solution
News  |  11/18/2007  | 
Skipton banks on Compliance Alert for AML and fraud detection
eIQnetworks Joins PCI Security Standards Council
News  |  11/18/2007  | 
Leading provider of integrated security, risk and audit management brings expertise to payment card industry standards body
TWC Locks Down Security
News  |  11/18/2007  | 
The Weather Channel selects RedSeal to proactively identify and mitigate network vulnerabilities
Sophos: 70% Cos. Worry About Email Leakage
News  |  11/16/2007  | 
With half of employees admitting to sending emails to the wrong person, firms are right to be worried
New Bunjee-Jumping USB Worm Arrives for the Holidays
Quick Hits  |  11/16/2007  | 
4GB plush-toy USB thumb drives are the gift for the geek who has everything
Real Security Means Securing Every Point, Not Just Entry Points And End Points
Commentary  |  11/16/2007  | 
A good recent book about effective network defense, written by a Cisco security engineer, has plenty to say to anyone trying to defend a network, whatever its size, and, to a point, whatever hardware it rests upon.
Botnets: Whose Fault Are They?
News  |  11/16/2007  | 
Everybody's blaming somebody - and it isn't helping anybody
Financial Consulting Firm Fixes Security Flaws
News  |  11/16/2007  | 
InCharge Institute of America runs F5 Networks's BIG-IP Application Security Manager to shore up security
SecureMac, Tri Synergy Partner
News  |  11/15/2007  | 
Tri Synergy will now be publishing and distributing MacScan, SecureMac's cutting edge anti-spyware software for Macintosh computers
Some Data Protection Miscreants Never Learn
Commentary  |  11/15/2007  | 
We know the gory details about TJX Cos. and its mind-boggling data breach. But a hard-hitting new report on the worst data offenders from Byte & Switch shows that in some cases these organizations still haven't cleaned up their security act. Following their own high-profile breaches, the goings-on at Los Alamos National Laboratory, the Department of Veterans Affairs, and Iron Mountain are shocking indeed.
ArcSight Expands Log Management Suite
News  |  11/15/2007  | 
ArcSight expands Log Management Suite with new channel-friendly appliances for small and mid-sized businesses
A Rogues Gallery of Data Protection Miscreants
News  |  11/15/2007  | 
Byte and Switch profiles leading data security offenders who did it for you, so you won't have to
Incident Response Means Knowing Your Data
News  |  11/15/2007  | 
To keep data safe and protect forensic evidence, first responders must know how users operate
Many Retailers Open to Wireless Attacks
News  |  11/15/2007  | 
Penetration tests show that half of wireless networks at major mall stores could be easily hacked
PGP Aims to 'Choreograph' Encryption Keys
News  |  11/15/2007  | 
Next-generation key management strategy, and major upgrades to desktop and server encryption products on tap
Hats Off to the Feds
Commentary  |  11/15/2007  | 
One of the deviants who spend their time writing software to wreak havoc with your companys computers will be spending a long time, as many as 60 years, in jail, thanks to the work of the Federal Bureau of Investigation.
MX Logic: Spam Levels to Spike Another 50%
News  |  11/15/2007  | 
New delivery methods and malware payloads strengthen impact of spam surge
Mirage NAC Stops Storm Worm & Variants
News  |  11/15/2007  | 
Mirage Networks stops Storm worm and variants that render other NAC solutions ineffective
Check Point Delivers Multi-Gigabit Speed
News  |  11/15/2007  | 
New Check Point VPN-1 Multi-Core delivers multi-Gigabit speed based upon acceleration technology breakthroughs
Half Say They Piggyback on Others' WiFi
News  |  11/15/2007  | 
More than 50% of people polled admit they have stolen WiFi Internet access
Passkey Unveils PCI-Compliant Room List Tool
News  |  11/15/2007  | 
First tool to offer PCI compliance and complete automation for hotel groups using room lists
Motorola Validates CryptoVue Appliance
News  |  11/15/2007  | 
ERF Wireless CryptoVue network security appliance successfully tested and validated by Motorola
Jilted Lover Jailed for Internet Monitoring
Quick Hits  |  11/15/2007  | 
The long arm of Texas law is cracking down on Internet, email spying
Life on the Fast Track
News  |  11/14/2007  | 
There's something to be said for applying experience and education to technology change, especially when it comes to security
Startup Launches Secure Mail Services
News  |  11/14/2007  | 
Globalpex launches Web-based services that help businesses certify and manage key communications content
Sophos Unveils Enhanced Email Security Appliance
News  |  11/14/2007  | 
Sophos email appliances set a new standard in efficient security management
Dissecting Malware
News  |  11/14/2007  | 
How to analyze code that's behaving badly or oddly
Researchers 'Spy' on Web Attackers
News  |  11/14/2007  | 
'Undercover' research finds banner ad/click-fraud, spam - and automated attacks - dominate
RedCannon Rolls Out DLP Kit
News  |  11/14/2007  | 
RedCannon Security introduces KeyPoint Data Leak Prevention Kit to protect portable data at rest and on the road
Litchfield: 500,000 Database Servers Have No Firewall
Quick Hits  |  11/14/2007  | 
UK security guru set to expose vulnerabilities in DB servers across the Web
Imperva CTO to Unveil New Web 2.0 Exploits
News  |  11/14/2007  | 
Imperva CTO Amichai Shulman to present at AppSec 2007 Conference
New 'Safer' Social Networking Site Debuts
News  |  11/14/2007  | 
Zubby.com heralds new approach to Social Networking, eschews music for maturity
ESET Adds Linux Support
News  |  11/14/2007  | 
ESET introduces malware protection for enterprise and SMB Linux environments
VeriSign Announces New Coporate Direction
News  |  11/14/2007  | 
VeriSign refines strategic direction to focus on Internet infrastructure
<<   <   Page 2 / 4   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26587
PUBLISHED: 2021-09-27
A potential DOM-based Cross Site Scripting security vulnerability has been identified in HPE StoreOnce. The vulnerability could be remotely exploited to cause an elevation of privilege leading to partial impact to confidentiality, availability, and integrity. HPE has made the following software upda...
CVE-2021-36878
PUBLISHED: 2021-09-27
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions &lt;= 2.0.5) makes it possible for attackers to update settings.
CVE-2021-37539
PUBLISHED: 2021-09-27
Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution.
CVE-2021-33907
PUBLISHED: 2021-09-27
The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an elevated privileged context.
CVE-2021-34408
PUBLISHED: 2021-09-27
The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. This could allow for potential privilege escalation if a link was created between the user writable direct...