Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in June 2006
Page 1 / 4   >   >>
Our Data Isn't Secure, So What Are We Going To Do About It?
Commentary  |  6/30/2006  | 
One of the great things about my job is that there's never a shortage of things to do. This is especially the case when it comes to covering data security. Before the ink is dry on one story about a stolen laptop or breached database, I find another one to cover. But this troubling trend isn't just a case of "good-for-me-bad-for-you." I, too, have been ensnared in the web of identity theft and data breaches. Where is all this going, and what have we learned?
7 Lessons From IT Security Trial
Commentary  |  6/30/2006  | 
Over the last several weeks, InformationWeek has been covering the trial of a former UBS PaineWebber systems administrator, Roger Duronio, who's accused of writing and setting off a highly destructive logic bomb at his former employer as revenge for not receiving the maximum yearly bonus. The government prosecution contends that Duronio was not only looking to wreak havoc, but also to profit by purchasing securities whose valu
Dark Vacation
News  |  6/30/2006  | 
Dark Reading takes off July 3-4, and you should too
Saying 'No' to WiFi
News  |  6/30/2006  | 
Right next door to a Starbucks, Blue Cross of Idaho looks to Network Chemistry for an 802.11 lockdown
Enterprises Getting Soft on Security
News  |  6/30/2006  | 
Security losses are down, and so's IT security spending. Are enterprises setting themselves up for a nasty fall?
Did EMC Overpay?
News  |  6/30/2006  | 
The $2.1 billion for RSA shows EMC is serious about security but raises questions about price, integration challenges
Users Welcome Super-Deal
News  |  6/30/2006  | 
EMC's RSA acquisition appears to resonate well with IT pros
Windows Flaw, Word Trojan Found
News  |  6/30/2006  | 
Microsoft is looking into another possible Windows hole, and a new Trojan rides in on Word docs
EMC Secures RSA for $2.1B
News  |  6/29/2006  | 
EMC and RSA enter marriage of storage and security UPDATED 5:55 PM
Group to Research ID Theft
News  |  6/29/2006  | 
Universities, law enforcement agencies, and vendors team to study fraud and identity theft
Foundry Intros SecureIron
News  |  6/29/2006  | 
Foundry Networks announced the new SecureIron Perimeter Traffic Manager devices to augment perimeter security
SafeNet Adds to ranks
News  |  6/29/2006  | 
SafeNet announced the appointment of J. Carter Beese Jr. to its Board of Directors and John W. Frederick as Vice President
RSA Acknowledges Secret Suitor
News  |  6/29/2006  | 
The two vendors are rumored to be talking a marriage of storage and security
Cisco Issues WCS Warning
News  |  6/29/2006  | 
WiFi management platform turns up with a handful of vulnerabilities
Sentillion Offers Secure Virtualization
News  |  6/29/2006  | 
Sentillion, the leading provider of identity and access management solutions for the healthcare industry, today unveiled vThere
Hifn Cuts 22%
News  |  6/28/2006  | 
Hifn announced a series of actions today that are intended to accelerate Hifn's return to profitability
Cisco Seeks to Fill Security Gaps
News  |  6/28/2006  | 
Gaps between security products, and between IT and business groups, cause enterprise headaches, says Cisco's security CTO
BEW Offers Solutions
News  |  6/28/2006  | 
BEW Global implemented solutions to address HIPAA compliance concerns within The Portland Clinic and Longmont United Hospital
Lifespan Taps Vericept
News  |  6/28/2006  | 
Lifespan has selected The Vericept 360 degrees Risk Management Platform to protect sensitive patient health information and organization data
Warning Users of Dangerous Clicks
News  |  6/28/2006  | 
MarkMonitor's buyout of Collective Trust could allow ISPs to warn users about dangerous clicks ahead
Fearsome Decade
News  |  6/28/2006  | 
Escalation in sophistication and type of attacks means it's only a matter of time before you're a target
MarkMonitor Gets Collective Trust
News  |  6/28/2006  | 
MarkMonitor acquired CollectiveTrust to add their Zero-Hour fraud protection technology to MarkMonitor's anti-fraud solutions
Fortress, Nortel Team
News  |  6/28/2006  | 
Fortress and Nortel have formed a strategic relationship to provide government agencies worldwide with a joint solution
Upping The Ante On Data Collection
Commentary  |  6/27/2006  | 
So much about the overall issue and recent incidents of data loss are astounding, it's hard to know where to start. One good place is the Privacy Rights Clearinghouse, which offers up some sobering statistics on stolen data: Since Feb. 15, 2005 there has been over 200 data breaches (with some companies starring as repeat offenders) affecting the data of 88,399,953 individuals. At least - that's what's been report
Demons Lurk in Management Software
News  |  6/27/2006  | 
Systems management software may be the weakest link in the enterprise, according to researchers from Matasano Security
Mu Security Lands $10M
News  |  6/27/2006  | 
Mu Security has raised an additional $10 million in a Series B funding round
AppSec Rolls Out Tool
News  |  6/27/2006  | 
Application Security announced immediate availability of a new PCI-DSS Toolkit
Startup Locks Down Apps
News  |  6/27/2006  | 
Firewall pioneer Pensak is behind another venture intent on hardening applications where they live
SafeNet Updates
News  |  6/27/2006  | 
SafeNet announced a major upgrade of the industry-leading QuickSec IPSec VPN product line
Broadcom Debuts RFID
News  |  6/27/2006  | 
Broadcom Corporation introduced the world's first secure processor with integrated radio frequency identification (RFID) technology
Oversight Releases Survey
News  |  6/27/2006  | 
Companies are embracing the concept of enterprise risk management but continue to struggle with implementation
Mu Security Lands $10M
News  |  6/27/2006  | 
Mu Security announced the company has raised an additional $10 million in a Series B funding round
Symantec Bundles Security Services
News  |  6/26/2006  | 
Threat and Vulnerability Management Program blends security alerts with consulting
Fraud Monitoring Appliance on Tap
News  |  6/26/2006  | 
Cydelity appliance gives banks a detailed look at suspicious account activity
Symantec Streamlines Security Biz
News  |  6/26/2006  | 
Cuts investment in its hardware business amid plans for next-gen security software
GraniteEdge Updates ESP
News  |  6/26/2006  | 
GraniteEdge announced its latest release of GraniteEdge ESP - the only solution that automatically visualizes network behavior
MessageLabs Unveils Services
News  |  6/26/2006  | 
MessageLabs announced the launch of version 2.0 of its Web Security Services
Lockdown Joins Microsoft Program
News  |  6/26/2006  | 
Lockdown announced the launch of its open iNAC architecture
Iron Mountain Adds Protection
News  |  6/26/2006  | 
Iron Mountain introduced the PC Data Protection Suite
Datamonitor Lauds Crypto
News  |  6/26/2006  | 
A new technology report titled has acknowledged Cryptomathic as 'a leading supplier of strong security solutions'
Sensory, Vendors Partner
News  |  6/26/2006  | 
Sensory unveiled the industry's largest ecosystem of applications designed to run on Sensory's NodalCore acceleration platform
CSI/FBI: Small Firms Pay Big For Security
News  |  6/23/2006  | 
The per-user cost of security is much higher in small enterprises than in large ones, according to the forthcoming annual survey from the Computer Security Institute and the FBI
Phish Bait
News  |  6/23/2006  | 
A security company is testing the effects of a phishing exploit that comes from inside the corporate network
Blue Coat Grabs NetApp's NetCache
News  |  6/23/2006  | 
Proxy vendor Blue Coat eliminates a prime competitor by gaining funding and buying the NetCache Web content and security appliance line from Network Appliance for $23 million
Data Loss Epidemic
News  |  6/23/2006  | 
Data losses at major corporations and government agencies are being reported almost every day now
Data Losses Hit Four More
News  |  6/22/2006  | 
The list of big-name organizations reporting security breaches just keeps growing
Bit9 Recants Flaw
News  |  6/22/2006  | 
Bit9 issued a report announcing what it found to be the top 15 applications with known vulnerabilities
Vericept Upgrades Platform
News  |  6/22/2006  | 
Vericept announced version 8.0 of the Vericept 360 Risk Management Platform
No Easy Fix for Branch Office Blues
News  |  6/22/2006  | 
Branch offices spell IT trouble, says Arun Taneja, and need an 'arsenal' to fix things
Enterprise FMC's a Win-Win
News  |  6/22/2006  | 
Enterprise-focused FMC initiatives could have a major positive impact on wireless carriers finds the latest report Unstrung Insider
Page 1 / 4   >   >>


Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-28042
PUBLISHED: 2021-03-05
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.
CVE-2021-28041
PUBLISHED: 2021-03-05
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
CVE-2021-3377
PUBLISHED: 2021-03-05
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0.
CVE-2021-3420
PUBLISHED: 2021-03-05
A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buffer overflow.
CVE-2020-29020
PUBLISHED: 2021-03-05
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware.