Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content posted in July 2007
Page 1 / 4   >   >>
Logic Intros Smart-TPS Payment Page
News  |  7/31/2007  | 
Secure transaction payment specialist The Logic Group launches Smart-TPS Payment Page, a secure, hosted online trading facility
Spammers Capitalize on Simpsons Movie
News  |  7/31/2007  | 
SPAMFighter finds spammers taking advantage of the release of The Simpsons movie to find live email addresses
Report: Rise in Web App Vulnerabilities
News  |  7/31/2007  | 
Cenzic released its Application Security Trends Report - Q2 2007
LSI Looks Ahead
News  |  7/31/2007  | 
LSI looks to a future full of SAS, Solid State Disk, and security
File Formats: A Moving Target
News  |  7/31/2007  | 
Which types of files are most in danger of attack? Experts - and attackers - frequently change their minds
Google Desktop: Too Risky?
News  |  7/31/2007  | 
Recently-exposed vulnerabilities leave many IT experts feeling queasy about using the search engine's latest feature
Utimaco Intros Crypt 3.50
News  |  7/31/2007  | 
Utimaco has developed SafeGuard LAN Crypt 3.50 to target the requirements of system administrators and security officers
SecureDoc Earns Certification
News  |  7/31/2007  | 
WinMagic is proud to announce that SecureDoc has earned Common Criteria Evaluation Assurance Level 4 Certification
PCI SVA Announces Election Results
News  |  7/31/2007  | 
The Payment Card Industry Security Vendor Alliance announces its newest board members and committee chairs
Redemtech Acquires PC Asset Recovery
News  |  7/31/2007  | 
Redemtech announced the acquisition of PC Asset Recovery
ForeScout Adds Enterprise NAC Accounts
News  |  7/31/2007  | 
ForeScout Technologies announced strong results for the first half of 2007
XSS Book Published
News  |  7/31/2007  | 
WhiteHat Security announced the availability of Jeremiah Grossman's book - Cross-Site Scripting Attacks: XSS Exploits and Attacks
Tool Stops XSS, SQL Injection Attacks
News  |  7/31/2007  | 
Core Labs researchers to release free tool to protect PHP-based Web apps
Researcher Barred From US
News  |  7/30/2007  | 
Renowned security expert Halvar Flake denied travel from Germany after his Black Hat presentation is found in search
BreakingPoint Offers Same-Day 0-Days
News  |  7/30/2007  | 
Startup to announce general availability of its new BPS-1000 testing tool, controversial vulnerability disclosure policy
BreakingPoint Systems Ships
News  |  7/30/2007  | 
BreakingPoint Systems launches next-generation network test equipment for content aware networks
Fighting Forensics
News  |  7/30/2007  | 
New research exploits vulnerabilities found in popular computer forensics tools
Survey: Zero-Day Bugs Biggest Concern
News  |  7/30/2007  | 
Zero-day vulnerabilities are the top security concern for the majority of IT professionals, according to a survey conducted by PatchLink
Black Hat: How to Hack IPS Signatures
News  |  7/30/2007  | 
Errata Security says attackers are already reverse-engineering IPS vendors' zero-day signatures like TippingPoint's to wage attacks, bypass IPSs
NetPro Ships AD Log Tool
News  |  7/30/2007  | 
NetPro Computing announced the general availability of LogADmin 2.0, its new event log consolidation, analysis and storage solution for Windows
Anchiva Gets 750,000 Malware Signatures
News  |  7/30/2007  | 
Anchiva's Rapid RxLabs is now delivering over 750,000 signatures to detect and prevent malware from entering enterprise networks
Ion Intros VPN Alternative
News  |  7/30/2007  | 
ION Networks announced the release of the SA5600 1.2 Secure Appliance
Sipera to Demo New VOIP Exploit at Black Hat
News  |  7/30/2007  | 
Sipera Systems announced Sipera VIPER Lab will demonstrate a VOIP exploit at the Black Hat USA 2007 conference
Robot Genius Offers Free Anti-Malware Download
News  |  7/30/2007  | 
Robot Genius announced the availability of its new anti-malware download/plug-in, RGguard
Alcatel-Lucent Deploys SSL VPN
News  |  7/30/2007  | 
NeoAccel announced that Alcatel-Lucent has deployed NeoAccel's SSL VPN-Plus solution
iS3 Rolls Out Version 5.0 of STOPzilla
News  |  7/30/2007  | 
iS3 announced the availability of STOPzilla Version 5.0
Core Releases Impact 7.0
News  |  7/30/2007  | 
Core Security announced CORE IMPACT v7, the most comprehensive product for performing enterprise security assurance testing
eSoft Adds Under $1K Firewall/UTM Line
News  |  7/30/2007  | 
eSoft announced that it has launched the InstaGate 404e Internet Security Gateway, a sub-$1,000 Firewall/UTM appliance
Virtualization's New Benchmark
News  |  7/27/2007  | 
Consortium gives recommendations for securing emerging virtualized technology
Aflac Loses Data on 152,000
News  |  7/27/2007  | 
Company quacks 'fowl!' over theft of laptop in Japan
Secure Computing Reports 2Q
News  |  7/27/2007  | 
Secure Computing Corporation announced second quarter GAAP revenue of $57.6 million
DriveLock Prevents Data Theft
News  |  7/27/2007  | 
CenterTools launches DriveLock 5.0 device and application control software
Attack of the Black Hats
News  |  7/27/2007  | 
Get ready, Vegas - with this crew in town, even the slot machines aren't safe
Open Source Bots
News  |  7/27/2007  | 
With most botnets based on open source, it may be time to rethink just what gets open-sourced
Third Parties Fumble Data Handoffs
News  |  7/26/2007  | 
Your company's data breach may result from a partner's mistakes
Cybercriminal Innovation Will Continue To Drive The IT Security Market
Commentary  |  7/26/2007  | 
The creativity and ambition of cybercriminals all but ensure for years to come there will be a market not only for security technology but for individual security components provided by a multiplicity of vendors.
Startup to Take on PayPal
News  |  7/26/2007  | 
Pmints could go where PayPal won't, including porn and gambling
It's More Than JavaScript
News  |  7/26/2007  | 
There are lots of other ways an attacker can have fun with your Web applications
Email Certificates: Firefox, Vista Compatible
News  |  7/26/2007  | 
Comodo announced that its email certificates are now Vista and Firefox compatible
Hedge Funds' Best Practices in Security
News  |  7/26/2007  | 
TekFinancial Solutions created a list of factors hedge funds should consider when selecting network technology
Symantec's Mixed Bag
News  |  7/26/2007  | 
Profits fall, but revenue rises, as Symantec gears up for a tussle with Google
Insightix Gets Investment From SoftBank
News  |  7/26/2007  | 
Insightix announced that the company has secured strategic investment from SoftBank Capital
IGF Passes Liberty Alliance Milestone
News  |  7/26/2007  | 
Liberty Alliance announced two key milestones for the Identity Governance Framework
Startup Locks Down Mobile Linux
News  |  7/26/2007  | 
New version of mobile OS verifies apps, firmware, and encrypts data
Hacking Without Exploits
News  |  7/25/2007  | 
Researcher HD Moore to show at Black Hat and Defcon ways to hack a fully patched system
nCircle Announces New Releases
News  |  7/25/2007  | 
nCircle announced new versions of its flagship agentless product line, nCircle IP360 v6.7 and nCircle Configuration Compliance Manager v5.0
Bank of the West Selects RSA
News  |  7/25/2007  | 
Bank of the West has implemented the RSA Adaptive Authentication for Web and joined the RSA eFraudNetwork community
80% of Websites With Malware Are Legit
News  |  7/25/2007  | 
Sophos has published new research on the first six months of cybercrime in 2007
Comodo Tool Deploys EV SSL
News  |  7/25/2007  | 
Comodo announced that its patent-pending EV AUTO-Enhancer is now available for Microsoft Internet Information Services
BigFix Upgrades AntiThreat
News  |  7/25/2007  | 
BigFix announced the availability of two new anti-malware solution packs designed to deliver IT
Page 1 / 4   >   >>


I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps,  11/19/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-13157
PUBLISHED: 2019-11-22
nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive.
CVE-2012-2079
PUBLISHED: 2019-11-22
A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.
CVE-2019-11325
PUBLISHED: 2019-11-21
An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.
CVE-2019-18887
PUBLISHED: 2019-11-21
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
CVE-2019-18888
PUBLISHED: 2019-11-21
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. T...