News & Commentary

Content posted in May 2007
Page 1 / 5   >   >>
Why Catching The 'Spam King' Won't Save Your In-Box
Commentary  |  5/31/2007  | 
Even if a judge and jury lock up Robert Alan Soloway for the rest of his natural born life, your in-box will still be inundated with tons of offers for HGH, porn, and penny stocks.
Guerrilla Storage
News  |  5/31/2007  | 
Hackers could use your computers to house their data, Symantec researchers say
Spamless in Seattle
News  |  5/31/2007  | 
My spam filter didn't get the memo
Beware of the Quiet Ones
News  |  5/31/2007  | 
Vulnerability report for '06 shows XSS still number one, but lesser-known bugs making inroads
Compromised Site Causes Trouble
News  |  5/31/2007  | 
Malicious Java Script makes user's browser download, execute Trojan
How to Stop Political Attacks
News  |  5/30/2007  | 
Experts advise users on how to defend themselves against cyber-terrorism, cyber wars, and hacktivism
BeCrypt to Talk Securing Workers
News  |  5/30/2007  | 
BeCrypt will be debuting its latest product Trusted Client in the US at the Gartner IT Security Summit
Monty Python's Flying Backup
News  |  5/30/2007  | 
If all vendors' presentations were this funny, we'd invite them over more often
Finjan CTO to List Web Threats
News  |  5/30/2007  | 
Finjan CTO to list latest Web threats at Gartner IT Security Summit
UPMC Taps TriCipher
News  |  5/30/2007  | 
Medical center taps TriCipher to protect patient health information
CDW Readies for Buyout
News  |  5/30/2007  | 
Tentative agreement to sell out to private equity firm will open 30-day bidding process
Securify Adds Identity-Based Discovery
News  |  5/30/2007  | 
Securify announced general availability of the next version of its identity-aware monitoring solution
AppGate Supports Windows Mobile 6
News  |  5/30/2007  | 
AppGate provides a truly mobile solution that enables users of mobile devices to securely access all resources inside an internal network
Bug Disclosures Decline
News  |  5/30/2007  | 
The rate of vulnerabilities disclosed publicly has dropped drastically so far this year, but don't exhale yet
SecureMac Rolls Anti-Spyware Tool
News  |  5/30/2007  | 
SecureMac released MacScan 2.4.1, the latest version of the company's industry leading anti-spyware package for Macintosh computers
Data Security: You're Not Learning From Others' Mistakes
Commentary  |  5/29/2007  | 
As I was catching up on some e-mail last night, I came across a message that's become all too familiar to me. It was textbook: A company was apologizing that one of its laptops had been stolen and that the laptop contained customer account and credit card information. A real yawner, until I considered that this e-mail was delivered to my personal e-mail account and that it was my customer account and credit card info that may have been compromised. Companies just aren't getting the messag
TSCP Chooses CertiPath
News  |  5/29/2007  | 
TSCP selects CertiPath to manage joint public- and private-sector alliance
VeriSign's CEO Signs Off
News  |  5/29/2007  | 
Analysts say company could get fresh start as Sclavos walks after 12-year tenure
New Laws Don't Solve Global Problems
News  |  5/29/2007  | 
US, Germany advance legislation against spyware, spam - but can't do much to stop foreign exploits
Security With a Native Touch
News  |  5/29/2007  | 
Outsourcing overseas is a great idea, as long as a native-born local can bridge the cultural - and legal - gaps
Study: 80% Plan Network-Based NAC
News  |  5/29/2007  | 
Eighty percent plan to enforce NAC in the network, says Infonetics in new study
VeriSign CEO Steps Down
News  |  5/29/2007  | 
VeriSign said Tuesday Chief Executive and director Stratton D. Sclavos stepped down from his positions for undisclosed reasons
KACE, GuardianEdge Integrate Platforms
News  |  5/29/2007  | 
KACE and GuardianEdge announce integration between KBOX family of appliances and GuardianEdge data protection platform
Akonix Intros IM Security Appliance
News  |  5/29/2007  | 
Akonix addresses instant messaging security and compliance concerns of smaller businesses
Cryptomathic Intros Key Management System
News  |  5/29/2007  | 
Cryptomathic launched a Key Management System that enables organizations to manage the lifecycle of cryptographic keys using a central approach
FlexiSPY Spills BlackBerry Secrets
News  |  5/29/2007  | 
Vervata has released new versions of its controversial FlexiSPY mobile phone spy software
GFI Releases PCI Compliance White Paper
News  |  5/29/2007  | 
GFI has launched a white paper to explain what the PCI DSS are, how they affect different companies, and the repercussions of non-compliance
Webroot Cautions Online Betters
News  |  5/29/2007  | 
Webroot Software advises caution for online betters during Epsom Derby
New Security Suite on a USB Stick
News  |  5/29/2007  | 
Yoggie revolutionizes computer security by launching the world's first full security suite on a USB stick
Fed Workers Still in the Dark
News  |  5/27/2007  | 
Despite completing awareness courses, majority of government workers say they've never heard of key guidelines
Blogging With Security
News  |  5/25/2007  | 
Common sense - and a mind for what's fit for public consumption - should be your guideposts
Users' Most Hated Sales Pitches
News  |  5/25/2007  | 
What ticks you off about security vendors' sales pitches? Exasperated customers offer their un-favorites
Microsoft Takes Aim at Endpoint
News  |  5/25/2007  | 
Microsoft says Network Access Protection (NAP), SSL VPN gateway will play nicely together
Wireless: Fix, Not Flaw
News  |  5/25/2007  | 
New applications help WiFi shed its image as enterprises' biggest network vulnerability
Vegas BBQ -- Burn, PC, Burn
Commentary  |  5/24/2007  | 
Picture a beautiful sunset over the desert, the glow of the Vegas skyline in the distance. Then a towering wave of flames leap into the air that crackles with the heat -- a man just set his computer on fire.
CryptoCard to Hold Workshop
News  |  5/24/2007  | 
CryptoCard's 'It Takes More Than Technology' reseller workshop explains that technology alone cannot solve real business security issues
NAC Vendors in the Hot Seat
News  |  5/24/2007  | 
Cisco, Microsoft shared the dais, and their thoughts on NAC, here yesterday at Interop
SophosLabs Launches 24-Hour Blog
News  |  5/24/2007  | 
Sophos announced the launch of a new security blog designed to provide breaking news, insight, and commentary on emerging security threats
Spooks in the Booth
News  |  5/24/2007  | 
You never know who you'll see at Interop Las Vegas - even a certain spy agency
At Interop, Security Talk Is Largely About Network Access Control
Commentary  |  5/23/2007  | 
Here at Interop, there's a lot of focus on security and a lot of that security attention is aimed right at network access control. It's a hot-button topic here. The question plaguing many IT and security managers, though, might be where to get started.
New Spec Could Cut Phishing, Spam
News  |  5/23/2007  | 
IETF approves email signature standard pioneered by Yahoo!, Cisco
StillSecure Bets on Embedded Security
News  |  5/23/2007  | 
Cobia platform spurs debate over 'open source'
Check Point Protects Minnesota
News  |  5/23/2007  | 
State of Minnesota selects Check Point's data security solutions to protect sensitive data
Open Source Pitfalls
News  |  5/23/2007  | 
Innovation abounds with open source, but some code gets left behind on a virtual compost heap
Identity Engines Upgrades, Partners
News  |  5/23/2007  | 
Identity Engines harnesses user, posture, and policy in end-to-end 802.1X solution; industry standard now integrated with Ignition Server
SonicWall Unveils Security App
News  |  5/23/2007  | 
SonicWall unveiled the SonicWall Network Security Appliance (NSA) E7500
Startup to Ship Sweetened Honeypot
News  |  5/23/2007  | 
New, real-time, AI-based forensics appliance uses virtualized honeypot technology and interfaces with IDS/IPSes
Cisco, EMC Team on Fabric Encryption
News  |  5/23/2007  | 
Cisco unveils plans for switch fabric encryption, skeptical users may take some convincing
RTTS, SPI Dynamics Join Forces
News  |  5/23/2007  | 
RTTS announced its new strategic partnership with SPI Dynamics
Spyware Hides in Plain Sight
News  |  5/23/2007  | 
Those innocuous little toolbars could be leaking your corporate data
Page 1 / 5   >   >>


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer, AvePoint, Inc.,  8/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-17305
PUBLISHED: 2018-08-21
Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by leveraging a Bleichenbacher R...
CVE-2017-17311
PUBLISHED: 2018-08-21
Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent crafted...
CVE-2017-17312
PUBLISHED: 2018-08-21
Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent crafted...
CVE-2018-12115
PUBLISHED: 2018-08-21
In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second...
CVE-2018-7166
PUBLISHED: 2018-08-21
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misint...