News & Commentary

Content posted in July 2007
Page 1 / 4   >   >>
Logic Intros Smart-TPS Payment Page
News  |  7/31/2007  | 
Secure transaction payment specialist The Logic Group launches Smart-TPS Payment Page, a secure, hosted online trading facility
Spammers Capitalize on Simpsons Movie
News  |  7/31/2007  | 
SPAMFighter finds spammers taking advantage of the release of The Simpsons movie to find live email addresses
Report: Rise in Web App Vulnerabilities
News  |  7/31/2007  | 
Cenzic released its Application Security Trends Report - Q2 2007
LSI Looks Ahead
News  |  7/31/2007  | 
LSI looks to a future full of SAS, Solid State Disk, and security
File Formats: A Moving Target
News  |  7/31/2007  | 
Which types of files are most in danger of attack? Experts - and attackers - frequently change their minds
Google Desktop: Too Risky?
News  |  7/31/2007  | 
Recently-exposed vulnerabilities leave many IT experts feeling queasy about using the search engine's latest feature
Utimaco Intros Crypt 3.50
News  |  7/31/2007  | 
Utimaco has developed SafeGuard LAN Crypt 3.50 to target the requirements of system administrators and security officers
SecureDoc Earns Certification
News  |  7/31/2007  | 
WinMagic is proud to announce that SecureDoc has earned Common Criteria Evaluation Assurance Level 4 Certification
PCI SVA Announces Election Results
News  |  7/31/2007  | 
The Payment Card Industry Security Vendor Alliance announces its newest board members and committee chairs
Redemtech Acquires PC Asset Recovery
News  |  7/31/2007  | 
Redemtech announced the acquisition of PC Asset Recovery
ForeScout Adds Enterprise NAC Accounts
News  |  7/31/2007  | 
ForeScout Technologies announced strong results for the first half of 2007
XSS Book Published
News  |  7/31/2007  | 
WhiteHat Security announced the availability of Jeremiah Grossman's book - Cross-Site Scripting Attacks: XSS Exploits and Attacks
Tool Stops XSS, SQL Injection Attacks
News  |  7/31/2007  | 
Core Labs researchers to release free tool to protect PHP-based Web apps
Researcher Barred From US
News  |  7/30/2007  | 
Renowned security expert Halvar Flake denied travel from Germany after his Black Hat presentation is found in search
BreakingPoint Offers Same-Day 0-Days
News  |  7/30/2007  | 
Startup to announce general availability of its new BPS-1000 testing tool, controversial vulnerability disclosure policy
BreakingPoint Systems Ships
News  |  7/30/2007  | 
BreakingPoint Systems launches next-generation network test equipment for content aware networks
Fighting Forensics
News  |  7/30/2007  | 
New research exploits vulnerabilities found in popular computer forensics tools
Survey: Zero-Day Bugs Biggest Concern
News  |  7/30/2007  | 
Zero-day vulnerabilities are the top security concern for the majority of IT professionals, according to a survey conducted by PatchLink
Black Hat: How to Hack IPS Signatures
News  |  7/30/2007  | 
Errata Security says attackers are already reverse-engineering IPS vendors' zero-day signatures like TippingPoint's to wage attacks, bypass IPSs
NetPro Ships AD Log Tool
News  |  7/30/2007  | 
NetPro Computing announced the general availability of LogADmin 2.0, its new event log consolidation, analysis and storage solution for Windows
Anchiva Gets 750,000 Malware Signatures
News  |  7/30/2007  | 
Anchiva's Rapid RxLabs is now delivering over 750,000 signatures to detect and prevent malware from entering enterprise networks
Ion Intros VPN Alternative
News  |  7/30/2007  | 
ION Networks announced the release of the SA5600 1.2 Secure Appliance
Sipera to Demo New VOIP Exploit at Black Hat
News  |  7/30/2007  | 
Sipera Systems announced Sipera VIPER Lab will demonstrate a VOIP exploit at the Black Hat USA 2007 conference
Robot Genius Offers Free Anti-Malware Download
News  |  7/30/2007  | 
Robot Genius announced the availability of its new anti-malware download/plug-in, RGguard
Alcatel-Lucent Deploys SSL VPN
News  |  7/30/2007  | 
NeoAccel announced that Alcatel-Lucent has deployed NeoAccel's SSL VPN-Plus solution
iS3 Rolls Out Version 5.0 of STOPzilla
News  |  7/30/2007  | 
iS3 announced the availability of STOPzilla Version 5.0
Core Releases Impact 7.0
News  |  7/30/2007  | 
Core Security announced CORE IMPACT v7, the most comprehensive product for performing enterprise security assurance testing
eSoft Adds Under $1K Firewall/UTM Line
News  |  7/30/2007  | 
eSoft announced that it has launched the InstaGate 404e Internet Security Gateway, a sub-$1,000 Firewall/UTM appliance
Virtualization's New Benchmark
News  |  7/27/2007  | 
Consortium gives recommendations for securing emerging virtualized technology
Aflac Loses Data on 152,000
News  |  7/27/2007  | 
Company quacks 'fowl!' over theft of laptop in Japan
Secure Computing Reports 2Q
News  |  7/27/2007  | 
Secure Computing Corporation announced second quarter GAAP revenue of $57.6 million
DriveLock Prevents Data Theft
News  |  7/27/2007  | 
CenterTools launches DriveLock 5.0 device and application control software
Attack of the Black Hats
News  |  7/27/2007  | 
Get ready, Vegas - with this crew in town, even the slot machines aren't safe
Open Source Bots
News  |  7/27/2007  | 
With most botnets based on open source, it may be time to rethink just what gets open-sourced
Third Parties Fumble Data Handoffs
News  |  7/26/2007  | 
Your company's data breach may result from a partner's mistakes
Cybercriminal Innovation Will Continue To Drive The IT Security Market
Commentary  |  7/26/2007  | 
The creativity and ambition of cybercriminals all but ensure for years to come there will be a market not only for security technology but for individual security components provided by a multiplicity of vendors.
Startup to Take on PayPal
News  |  7/26/2007  | 
Pmints could go where PayPal won't, including porn and gambling
It's More Than JavaScript
News  |  7/26/2007  | 
There are lots of other ways an attacker can have fun with your Web applications
Email Certificates: Firefox, Vista Compatible
News  |  7/26/2007  | 
Comodo announced that its email certificates are now Vista and Firefox compatible
Hedge Funds' Best Practices in Security
News  |  7/26/2007  | 
TekFinancial Solutions created a list of factors hedge funds should consider when selecting network technology
Symantec's Mixed Bag
News  |  7/26/2007  | 
Profits fall, but revenue rises, as Symantec gears up for a tussle with Google
Insightix Gets Investment From SoftBank
News  |  7/26/2007  | 
Insightix announced that the company has secured strategic investment from SoftBank Capital
IGF Passes Liberty Alliance Milestone
News  |  7/26/2007  | 
Liberty Alliance announced two key milestones for the Identity Governance Framework
Startup Locks Down Mobile Linux
News  |  7/26/2007  | 
New version of mobile OS verifies apps, firmware, and encrypts data
Hacking Without Exploits
News  |  7/25/2007  | 
Researcher HD Moore to show at Black Hat and Defcon ways to hack a fully patched system
nCircle Announces New Releases
News  |  7/25/2007  | 
nCircle announced new versions of its flagship agentless product line, nCircle IP360 v6.7 and nCircle Configuration Compliance Manager v5.0
Bank of the West Selects RSA
News  |  7/25/2007  | 
Bank of the West has implemented the RSA Adaptive Authentication for Web and joined the RSA eFraudNetwork community
80% of Websites With Malware Are Legit
News  |  7/25/2007  | 
Sophos has published new research on the first six months of cybercrime in 2007
Comodo Tool Deploys EV SSL
News  |  7/25/2007  | 
Comodo announced that its patent-pending EV AUTO-Enhancer is now available for Microsoft Internet Information Services
BigFix Upgrades AntiThreat
News  |  7/25/2007  | 
BigFix announced the availability of two new anti-malware solution packs designed to deliver IT
Page 1 / 4   >   >>


Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
SEC: Companies Must Disclose More Info on Cybersecurity Attacks & Risks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/22/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.