News & Commentary

Content posted in March 2007
Page 1 / 5   >   >>
When The 2 Billionth Customer Record Is Stolen, Insiders Will Be The Most Guilty
Commentary  |  3/30/2007  | 
While I was researching my next story on the danger that employees, contractors, and business partners (i.e., insiders) can place on the security of corporate data, a friend of mine sent me an interesting study that noted, among several other fascinating data points, that last year personal records were compromised at a rate of 5.8 million per month. At this rate, by the end of the year more than 2 billion records
Is The Mac More Secure Than Windows? Does It Matter?
Commentary  |  3/30/2007  | 
Is the Mac more secure than Windows, in some absolute measurement of security? And does it really matter? Senior writer Sharon Gaudin talked to a few security experts and reported the consensus that, despite a recent increase in reported security flaws, the Mac is still more secure than Windows. But it's doubtful that'll change anybody's buying decisions -- Windows users know that their software has security pr
The TJX Haul: Largest Ever AND The Perfect Crime?
Commentary  |  3/30/2007  | 
The California Secretary of State web site gets to keep it's title as number one in the race to be the longest running data breach. It left three years of files exposing personal data up online, practically for the taking. But the TJX Companies take the cake when it comes to known harm. The company has the dubious distinction of having the largest ever number of stolen credit and debit cards - 45.7 million - whi
Cisco's NAC Gets Hacked
News  |  3/30/2007  | 
German security experts develop tool that spoofs legitimate client and fools Cisco servers into allowing network access
Mourning the Loss of the Safety Margin
News  |  3/30/2007  | 
From phishing and malware to RFID and car hacks, there's not much room to be a user anymore
IBM ISS to Launch Branch IPS
News  |  3/30/2007  | 
New low-end IPS appliance for branch offices, ATMs, kiosks, and POS systems
Eight Faces of a Hacker
News  |  3/29/2007  | 
Profilers decipher who they are, why they do it as new subcategories start to emerge
Killer Combo: XSS + CSRF
News  |  3/29/2007  | 
Researchers mix cross-site scripting and cross-site request forgery together in a deadly cocktail
Vasco Adds SSL-VPN to aXs Guard
News  |  3/29/2007  | 
Vasco Data Security International has added SSL-VPN functionality to its award winning aXs Guard Authentication Appliance
Akonix: 200% Increase in IM Attacks
News  |  3/29/2007  | 
Akonix announced its IM Security Center researchers tracked 31 new malicious code attacks over IM networks during the month of March
University Cleans Up Bots on Campus
News  |  3/29/2007  | 
The University of Missouri-Columbia's IRC blocking system quarantines spamming client machines
CryptoCard, Evidian Team Up
News  |  3/29/2007  | 
CryptoCard and Evidian will increase the opportunity for resellers to offer a highly-competitive end-to-end access management security solution
Webinar Reports on USB Attacks
News  |  3/29/2007  | 
Provilla's Webinar demonstrates the first effective way to prevent the loss of information through attacks on auto-run USB drives
Hospital Signs With Encentuate
News  |  3/28/2007  | 
University General Hospital Systems signs exclusive agreement with Encentuate
Comodo Announces Certificates
News  |  3/28/2007  | 
Comodo announced the availability of Unified Communications (UC) certificates for Microsoft Exchange Server 2007
I've Been Chipped
News  |  3/28/2007  | 
The technology behind my new RFID-equipped US passport has been thought out remarkably well
Hacking the Car Navigation System
News  |  3/28/2007  | 
Italian researchers reveal attack methods on RDS-TMC navigation systems
Foundry Secures ServerIron Switches
News  |  3/28/2007  | 
Foundry Networks announces availability of Web firewall and bandwidth optimization for ServerIron 4G application switches
MySpace Sues 'Spam King'
News  |  3/28/2007  | 
Social networking site alleges phishing attack by infamous spammer Sanford Wallace
Aventail Predicts Remote Access Surge
News  |  3/28/2007  | 
Aventail announced the results of a survey of 604 IT decision-makers
Endeavor, Lofty Perch Partner
News  |  3/28/2007  | 
Endeavor Security and Lofty Perch announced a partnership
Bioscrypt Intros Face Recognition Camera
News  |  3/28/2007  | 
Bioscrypt introduces the world's first 3D face recognition camera for use in authenticating individuals accessing a computer
GFI LANguard NSS 8 Arrives
News  |  3/28/2007  | 
GFI Software announced the release of GFI LANguard Network Security Scanner 8
The Password Is... Vulnerability
News  |  3/28/2007  | 
Default passwords expose you to more risk than you may realize; here are some ways to rectify that
Security's New School
News  |  3/27/2007  | 
Certification, training programs seek to expand the realm of the security-savvy
This Press Release Bites
News  |  3/27/2007  | 
An overdose of terriers, spam, and free tools
IIA Provides Guidance
News  |  3/27/2007  | 
Trends in IT outsourcing have prompted The IIA to focus its seventh Global Technology Audit Guide (GTAGR) on this topic
Now Playing: Metasploit 3.0
News  |  3/27/2007  | 
Latest iteration boasts a new Web interface, WiFi exploits, and new attack-relay features
Websense Unveils Security Software
News  |  3/27/2007  | 
Websense Wireless protects minors from inappropriate content and bolsters smartphone security
Lancope Ships StealthWatch 5.6
News  |  3/27/2007  | 
Lancope announced the general availability of StealthWatch System 5.6
Lofty Perch, Endeavor Team Up
News  |  3/27/2007  | 
Lofty Perch and Endeavor Security partner to deliver secure solutions for industrial control systems
SurfControl Intros Bundles for SMBs
News  |  3/27/2007  | 
SurfControl announces new email and Web protection bundles for SMBs
Breach Response: No Sure Thing
News  |  3/27/2007  | 
Experts say they know what to do in the event of a security incident; they just don't agree on what that should be
Sipera Viper Lab IDs Threats
News  |  3/27/2007  | 
Sipera Viper Lab disclosed nine threat advisories for WiFi/dual mode telephones from vendors including RIM, HTC, Samsung, Dell, and D-Link
Yosemite Adds Media Encryption
News  |  3/27/2007  | 
Yosemite Technologies announced the release of Yosemite Backup 8.5 data protection software enriched with several important new features
ControlGuard & PGP Partner
News  |  3/27/2007  | 
ControlGuard announced a partnership agreement with PGP Corporation, a global leader in enterprise data security and encryption solutions
Security Upgrades Proliferate
News  |  3/26/2007  | 
Vendors roll out refinements to plug the many ways data might leak from the enterprise
F5 Helps GBI Meet Requirements
News  |  3/26/2007  | 
F5 Networks announced that the GTA employs F5's FirePass SSL VPN product to ensure GBI meets federal security requirements
Wooing the Gun-Shy Shopper
News  |  3/26/2007  | 
With online counterfeit goods on the rise, some e-commerce sites guarantee sales with bonded transactions
ID Theft Doubles in Two Months
News  |  3/26/2007  | 
Phishers, malware authors go beyond the usual targets to find victims they've never attacked before
Blue Coat Exec Publishes Book
News  |  3/26/2007  | 
Blue Coat announced that one of its senior technologists has co-authored a second volume to his recent reference book on IPv6
Bosley Adds ConSentry ID Management
News  |  3/26/2007  | 
Bosley has selected the ConSentry LANShield platform to secure network access across more than 80 locations
Princeton Softech Calls for Testing
News  |  3/26/2007  | 
Princeton Softech foresees testing times as businesses race to meet PCI compliance deadline
Sipera Protects WiFi Phone
News  |  3/26/2007  | 
Sipera Systems announced new functionality for the Sipera IPCS 520
Cyberoam Helps Schools
News  |  3/26/2007  | 
Cyberoam announces that its CR series provides compliance for school districts and libraries struggling to meet the CIPA safety guidelines
RSnake, Unmasked
News  |  3/26/2007  | 
Hacker RSnake is shedding his old snakeskin and starting his own security consultancy
Simplicita Partners With Yahoo
News  |  3/26/2007  | 
Simplicita announced an agreement with Yahoo! to provide ISPs with an automated system implementing protection and improving navigation
CDC Software Selects Sophos
News  |  3/26/2007  | 
Sophos selected by CDC Software for protection of its global network
MEGA Announces GRC Platform
News  |  3/26/2007  | 
MEGA International introduced customers of its Governance, Risk, Compliance (GRC) Platform
IPLocks Rolls Out 'SOX-in-a-Box'
News  |  3/26/2007  | 
IPLocks introduces new era of sustainable compliance with next-generation of automated SOX reports
Page 1 / 5   >   >>


12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.