Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in December 2007
<<   <   Page 2 / 4   >   >>
Redefining the Perimeter
News  |  12/17/2007  | 
Mobile devices offer great flexibility for users, but be sure you apply the right security rules
Data on 3M UK Drivers 'Lost in Iowa'
News  |  12/17/2007  | 
Misplaced hard drive adds to furor over lost tax data
Veracode Now Scans for Software Backdoors
News  |  12/17/2007  | 
Veracode shines spotlight on software backdoors as an emerging threat
Qualys Upgrades PCI Scanner
News  |  12/17/2007  | 
Qualys releases QualysGuard PCI 2.0
New Service Detects Backdoors in Software
News  |  12/17/2007  | 
Veracode identifies different types of these hidden programs in applications, adds a 'metal detector' for detecting them
Health System Adds Secure Mobile VPN
News  |  12/16/2007  | 
NetMotion Wireless enhances productivity at St. Luke's Episcopal Health System
Office Workers Know About Your Security Policy. But Are They Following It?
Commentary  |  12/14/2007  | 
Hey IT managers, your office workers might say they are following security procedures. But get someone to ask them that question anonymously. Their answers might surprise -- and upset -- you.
Survey: 40 Percent Of You Still Think Your Networks Are Insecure (And You're Probably Right)
Commentary  |  12/14/2007  | 
And most of the rest of you continue to leave endpoints unguarded, according to a new survey of small and midsize businesses.
ID & Access Management Key Focus Next Year for Arcot
News  |  12/14/2007  | 
Arcot predicts identity and access management to be a key security focus for 2008
Breaches Cause Skittish Attitudes Among Holiday Shoppers
News  |  12/14/2007  | 
Many consumers no longer sure of the security of their transactions, study says
New Plug-ins Help Firefox Find XSS, SQL Injection
News  |  12/14/2007  | 
Powerful tools help identify vulnerabilities, but use them advisedly
Insurer Adds Encryption to Prevent Data Leaks
News  |  12/14/2007  | 
American National Insurance Company (ANICO) encrypts the desktop, disk, and sensitive email traffic
Man Uses Toaster to Hack Computer
Quick Hits  |  12/14/2007  | 
And no, we don't mean it the other way around
SkyRecon IDs New Microsoft Vista Vulnerability
News  |  12/14/2007  | 
SkyRecon research team provides information leading to patch of Vista flaw
SecuGen, Realtime Integrate
News  |  12/14/2007  | 
SecuGen fingerprint readers now compatible with realtime's bioLock software for authentication of SAP applications, transactions, and data
DigitalPersona Broadens Support
News  |  12/13/2007  | 
Newest version of DigitalPersona Online now supports Microsoft Vista and Internet Explorer 7
Spam Reaching Record Volumes, Researchers Say
News  |  12/13/2007  | 
Study says 95% of all email is now spam
Report: Security Becoming Business Tool
News  |  12/13/2007  | 
Compliance, privacy and data protection, and meeting business objectives are top three drivers for security
NYCT Adds NAC
News  |  12/13/2007  | 
Nation's largest transportation agency chooses Mirage Networks to protect its automated train network
Quick Website Vulnerability Self-Test
Quick Hits  |  12/13/2007  | 
Breach Security offers simple test you can do on your own to check for Website flaws
Study: Breaches of Personal Data Now Prevalent in Enterprises
News  |  12/12/2007  | 
Eighty-five percent of enterprises have experienced at least one reportable incident in the past 12 months
Careful What You Buy
News  |  12/12/2007  | 
Before you put sign the check, make sure you've covered all the options for solving your security problem
Predicting Peril
News  |  12/12/2007  | 
We may not be able to predict the next big attack, but we can identify the trends that will spawn it
Maiffret Says Bye to eEye
News  |  12/12/2007  | 
eEye co-founder Marc Maiffret, 27, has quietly left the security firm he started at age 17
Untangle Surpasses 100K Users
News  |  12/12/2007  | 
Untangle, the pioneer in open source network gateway platforms, announced that it has surpassed the 100,000 users milestone
TraceSecurity Unveils Risk Manager
News  |  12/12/2007  | 
TraceSecurity Risk Manager 1.0 automates integrated security compliance risk management process
'You've Got Cross-Site Scripting'
News  |  12/12/2007  | 
Free email alert service lets customers know when an XSS vulnerability is found on their sites
FTC Charges Payment Processor in Fraud Scam
Quick Hits  |  12/12/2007  | 
Third-party payment services aided Internet scammers in attempting $200M in online fraud, FTC says
Four in 10 IT Execs Call Their Networks Insecure
News  |  12/12/2007  | 
Email viruses and Internet downloads considered to be the greatest threat to network security for SMBs
Venafi Supports nCipher HSM
News  |  12/12/2007  | 
Venafi support for ncipher Hardware Security Module lets organizations enhance security, leverage existing technology investment
Sipera Reveals Top Five VOIP Vulnerabilities
News  |  12/12/2007  | 
Remote eavesdropping and VOIP hopping, vishing, skype worm, and toll fraud threaten users, enterprises, and service providers
Sourcefire Announces Certified ClamAV Support
News  |  12/12/2007  | 
Leading open source solution now delivers data loss prevention modules to protect against credit card and Social Security number theft
AppliCure Seeks N.A. Resellers of Its WAF
News  |  12/12/2007  | 
Applicure seeks North American channel partners for SANS-highlighted Web application firewall software
Sentrigo Adds End-User Accountability to DBs
News  |  12/11/2007  | 
Sentrigo brings end-user accountability to enterprise databases with Hedgehog IDentifier
nCipher Acquires NeoScale Assets
News  |  12/11/2007  | 
nCipher strengthens position in the encryption market with the acquisition of IP and assets of NeoScale Systems Inc.
Arbor: 2008 Year of iPhone Hacks
News  |  12/11/2007  | 
The iPhone will be a primary target for hackers in 2008
Secure64 Touts DNS
News  |  12/11/2007  | 
Leading security researchers find Secure64 SourceT Micro OS immune to all known rootkits and malware
Varonis Gains Traction in Financial Services
News  |  12/11/2007  | 
Deployments in Institutions Like People's United Bank Demonstrate the Critical Role Varonis's award-winning software is playing in data protection and management
MarketLive Deploys Imperva
News  |  12/11/2007  | 
MarketLive gets PCI certification with Imperva
Study: Personal Data Exposed Frequently
News  |  12/11/2007  | 
Eighty-five percent of privacy and security professionals say a reportable data breach occurred in their organizations in the last year
Small Businesses Feel Security's Burn
News  |  12/11/2007  | 
Nearly one third of SMBs have experienced system compromise in the past year, study says
WSO2 Launches CardSpace ID Solution
News  |  12/11/2007  | 
WSO2 debuts identity solution to simplify authentication across Web applications, protect users from attacks
Imperva Named to Red Herring Top 100
News  |  12/11/2007  | 
Imperva selected as one of world's top private technology companies
Pitney Bowes Adds Email Encryption
News  |  12/11/2007  | 
Award-winning PGP encryption platform protects sensitive data and ensures regulatory compliance
Ask.com Won't Tell
Quick Hits  |  12/11/2007  | 
New privacy control feature in search engine lets users ensure their requests get automatically purged, not stored
Lancope Releases Virtual UDP Switch
News  |  12/11/2007  | 
Lancope announces first commercially available virtual UDP switch
Geha Selects Identity-Based NAC
News  |  12/11/2007  | 
Nevis LANenforcer appliances provide critical HIPAA compliance and policy-based user access controls for comprehensive LAN security
Wave Systems Ships Over 20M
News  |  12/11/2007  | 
Wave surpasses the 20M mark for shipments of EMBASSY Trust Suite software
IBM Rolls Out Tools for Safer Software
News  |  12/11/2007  | 
New IBM technologies help developers build safer software
Sophos Adds to Email Security and Control
News  |  12/11/2007  | 
Sophos debuts a powerful new weapon in the fight against spam
<<   <   Page 2 / 4   >   >>


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11498
PUBLISHED: 2020-04-02
Slack Nebula through 1.1.0 contains a relative path vulnerability that allows a low-privileged attacker to execute code in the context of the root user via tun_darwin.go or tun_windows.go. A user can also use Nebula to execute arbitrary code in the user's own context, e.g., for user-level persistenc...
CVE-2020-11499
PUBLISHED: 2020-04-02
Firmware Analysis and Comparison Tool (FACT) 3 has Stored XSS when updating analysis details via a localhost web request, as demonstrated by mishandling of the tags and version fields in helperFunctions/mongo_task_conversion.py.
CVE-2020-7628
PUBLISHED: 2020-04-02
install-package through 1.1.6 is vulnerable to Command Injection. It allows execution of arbitrary commands via the device function.
CVE-2020-7629
PUBLISHED: 2020-04-02
install-package through 0.4.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument.
CVE-2020-7630
PUBLISHED: 2020-04-02
git-add-remote through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name argument.