News & Commentary

Content posted in December 2007
Page 1 / 4   >   >>
Some New Year's Security Resolutions Can Also Be Security Solutions
Commentary  |  12/31/2007  | 
Meet the New Year's security challenges -- same as the old year's security challenges in many ways. And of all of them -- vulnerabilities, cybercrime, flawed old technologies, powerful new technologies, human nature, it's that last that's the most easily addressable. And probably the least addressed.
FTC Ups the Ante on Fighting Spam, Phishing
Quick Hits  |  12/31/2007  | 
Federal Trade Commission report calls for authenticated email, reputation services, and better consumer anti-spam reporting tools
Secure Resolutions
News  |  12/31/2007  | 
Skip the diet and spend more time in the lab
The Five Coolest Hacks of 2007
News  |  12/31/2007  | 
Nothing was sacred - not cars, not truckers, not even the stock exchange
Hackers Take the Holidays
News  |  12/30/2007  | 
Christmas, New Year's, or St. Swithin's Day, attackers always seem to be in a holiday mood
The Prank That Could Kill You
News  |  12/30/2007  | 
'Swatting' is becoming increasingly popular - with potentially dangerous consequences
ID & Access Management Cures Hospital's Password Pains
News  |  12/28/2007  | 
Lutheran Medical Center's new automated order-entry app sped up its move to single sign-on
US-Based Chinese News Site Gets DDOSed
Quick Hits  |  12/28/2007  | 
Attack knocks out 2,000 Chinese dissident blogs hosted on the site
Check Point Weighs in on NHS Data Loss
News  |  12/27/2007  | 
Check Point says data losses by UK's NHS are yet another example of lax security practice in the public and private sector
Security's Biggest Train Wrecks of 2007
News  |  12/27/2007  | 
We've seen a boxcar o' breaches and break-ins this year, but these were the most grisly - and the hardest to take our eyes from
Emerging Threats Could Help Security Pros
Quick Hits  |  12/26/2007  | 
New Website aims to make security data more useful and available
Storm Darkens Christmas, Takes Aim at New Year's
News  |  12/26/2007  | 
Botnet takes a holiday on users' computers
The Gifts That Keep on Giving
News  |  12/26/2007  | 
Holiday gifts of gadgets and storage devices can create nightmares for IT
IT Consultant Hacks Former Client
Quick Hits  |  12/26/2007  | 
Angered over business deal, consultant wipes out former client's customer database
Wishing You a Happy, Safe Holiday
Quick Hits  |  12/23/2007  | 
And no grinches in your stockings
CyberDefender To Offer Free Tech Support And Security Check December 26th
Commentary  |  12/21/2007  | 
Following up on a successful Halloween promotion, security company CyberDefender is offering another day of free tech support, security checks and setup consultation on December 26th.
Tech Insight: Microsoft's IPSec
News  |  12/21/2007  | 
Windows' built-in security capabilities offer endpoint alternative to NAP/NAC
Privacy Goes Public
News  |  12/21/2007  | 
While end users remain confused about online privacy issues, enterprises - and vendors - now make it their business
'Bah Humbug' Social Networking
Quick Hits  |  12/21/2007  | 
Snubster, Enemybook, and Hatebook launch new wave of social nets that parody and rebel against 'phony' online relationships
Need For Security Looming Larger In 2008
Commentary  |  12/20/2007  | 
Hey, great news! Everyone's finally starting to take data security seriously. It only took what, countless thefts, misplaced laptops, unprotected networks, greedy employees, a lack of policies, and the threats of massive and costly legalities to get us all on board?

New Malware Steals Legitimate Ads
Commentary  |  12/20/2007  | 
Anti-virus software supplier BitDefender discovered a new Trojan , which hijacks Google text advertisements and replaces them with ads from a different provider. The malware, which BitDefender dubbed Trojan.Qhost.WU, modifies a computers' Hosts file (a local storage for domain name /IP address mappings, which is consulted before
Cisco Broadens Threat Picture With New Report
News  |  12/20/2007  | 
First-time annual study offers insights on human, physical aspects of security as well as attacks and vulnerabilities
Alleged Phishing 'Mules' Arrested
News  |  12/20/2007  | 
Fourteen ABN AMRO customers were recruited by cybercriminals to launder stolen bank account funds
BitDefender Unveils 2008 Predictions
News  |  12/20/2007  | 
Mobile devices expected to be major target for cyber criminals
'Super Spam Me'
Quick Hits  |  12/20/2007  | 
McAfee studies effects of replying to unwanted email
Fidelis's Data Leakage IPv6-Compliant
News  |  12/20/2007  | 
Fidelis Security Systems first to comply with IPv6 support in newest release of Fidelis Extrusion Prevention System
Navigating the 'C' of Network Discovery
News  |  12/19/2007  | 
10:12 AM -- You have to find it before you can secure it
Amid Confusion, Market for ID Theft Services Grows
News  |  12/19/2007  | 
Baffled by conflicting information, consumers increasingly drawn into web of 'theft prevention' offerings
Google's Orkut Social Network Hacked
News  |  12/19/2007  | 
Hundreds of thousands of users infected by XSS worm hidden in messages from 'friends'
Data Loss Is Top Concern in Microsoft Poll
Quick Hits  |  12/19/2007  | 
Software giant sees sharp decline in worries about malware
Pen Testing Goes Reality TV
News  |  12/19/2007  | 
New CourtTV documentary 'Tiger Team' will follow real pen testers hired to hack businesses
Secure Office Managed Service Now Available
News  |  12/19/2007  | 
Total Tech's Secure Office brings industry-leading Web security and filtering to SMBs with remote employees
Putting Up Your Cyber Defenses
News  |  12/19/2007  | 
It's time to start thinking about protecting your systems - and your employees - in the event of attacks from foreign entities
Klocwork to Support Symbian OS
News  |  12/18/2007  | 
Klocwork joins Symbian Platinum Program
New Cisco Security Report: The Scary World We Work In Is Getting Scarier
Commentary  |  12/18/2007  | 
A new state of the cybersecurity globe from Cisco (a bMighty sponsor) is plenty detailed -- and plenty scary. And it's a look at this year. Next year may be worse.
Astaro Gives Back to Open Source Projects
News  |  12/18/2007  | 
UTM vendor promotes benefits of open source sponsorships
Hacking a New DNS Attack
News  |  12/18/2007  | 
DNS expert disputes Georgia Tech and Google research that points to malicious deployment of certain types of DNS servers
Internet Privacy: No Big Deal?
News  |  12/18/2007  | 
Despite warnings, users continue to post personal information on the Web
BitDefender Detects New Trojan
News  |  12/18/2007  | 
BitDefender detects new Trojan that hijacks Google text advertisements
BitDefender Recaps Top Threats
News  |  12/18/2007  | 
BitDefender also predicts continued growth of political spam in recap of top spam for 2007
Disney, Home Depot Get Poor Privacy Marks
Quick Hits  |  12/18/2007  | 
Ralph Lauren is among the best, public interest group says
Tufin Adds Over 50 to Its Channel Program
News  |  12/18/2007  | 
Tufin SecureTrack firewall operations management solution experiences worldwide growth through fast-growing channel presence
Cenzic Reports New Gmail, IE Bugs
News  |  12/17/2007  | 
Cenzic discovers vulnerabilities and potential threats in Google and Microsoft software
Perimeter eSecurity Makes 2008 Resolutions
News  |  12/17/2007  | 
Layered security needed now more than ever to protect against the ongoing flood of external & internal threats
Secerno Warns Against Simplistic Security
News  |  12/17/2007  | 
Simplistic security could cause corporate collapse in 2008, warns Secerno
Actimize Launches Enterprise Risk Case Manager
News  |  12/17/2007  | 
Actimize introduces enhanced enterprise risk case manager solution with faster and simplified implementation for financial institutions
Third Brigade Offers Money-Saving Tips
News  |  12/17/2007  | 
Third Brigade study reviews 13 regulations, uncovers 15 common threads
Cos. Pass SAML 2.0-Interoperability Testing
News  |  12/17/2007  | 
Liberty Alliance announces first companies to pass full-matrix SAML 2.0 interoperability testing
CRYPTOCard Partners With JCS & Associates
News  |  12/17/2007  | 
CRYPTOCard welcomes JCS & Associates to North American Partner Program
eEye Ship Not 'Sinking,' CEO Says
Quick Hits  |  12/17/2007  | 
Revenues in software and services up 53% over last year, says Kamal Arafeh
Page 1 / 4   >   >>


13 Russians Indicted for Massive Operation to Sway US Election
Kelly Sheridan, Associate Editor, Dark Reading,  2/16/2018
From DevOps to DevSecOps: Structuring Communication for Better Security
Robert Hawk, Privacy & Security Lead at xMatters,  2/15/2018
3 Tips to Keep Cybersecurity Front & Center
Greg Kushto, Vice President of Sales Engineering at Force 3,  2/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.