News & Commentary

Content tagged with Compliance posted in June 2006
Group to Research ID Theft
News  |  6/29/2006  | 
Universities, law enforcement agencies, and vendors team to study fraud and identity theft
Fraud Monitoring Appliance on Tap
News  |  6/26/2006  | 
Cydelity appliance gives banks a detailed look at suspicious account activity
Data Losses Hit Four More
News  |  6/22/2006  | 
The list of big-name organizations reporting security breaches just keeps growing
Thieves Nab AIG Customer Records
News  |  6/19/2006  | 
AIG is informing customers this week about the theft of a server containing personal data on about 970,000 customers
DC Workers' Personal Data Stolen
News  |  6/19/2006  | 
An unprotected laptop containing names, Social Security numbers, and other data on 13,000 District of Columbia employees was stolen last week
Social Engineering Gets Smarter
News  |  6/16/2006  | 
Good old-fashioned schmooze still the best way to get information and access, particularly if the target works in IT
Desktop Ports: Leakage or Lockdown
News  |  6/14/2006  | 
Enterprises struggle to enforce security policies on thumb drives and other portable storage media
RSA to Access Mid-Sized Businesses
News  |  6/12/2006  | 
RSA's new Access Manager 6.0 is aimed at organizations under the compliance microscope
Microsoft Moves Security to 'Forefront'
News  |  6/12/2006  | 
Microsoft gives its security wares a bold new name and rolls out a new security gateway at Tech Ed 2006
Microsoft Serves Up Security Services
News  |  6/6/2006  | 
Live Labs services hit developer hot buttons like authentication and peer-to-peer apps
Lancope Digs Into User Behavior
News  |  6/5/2006  | 
New user identity tracking capabilities will open up new security troubleshooting opportunities, vendor says
Security Spending Shifts
News  |  6/2/2006  | 
Merrill Lynch survey: Security spending up, overall IT spending down amid broader economic concerns
Securify Pinpoints Insider Threats
News  |  6/1/2006  | 
New tool tracks end user behavior in real time, helping IT spot potential trouble

The Case for Integrating Physical Security & Cybersecurity
Paul Kurtz, CEO & Cofounder, TruSTAR Technology,  3/20/2018
A Look at Cybercrime's Banal Nature
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/20/2018
City of Atlanta Hit with Ransomware Attack
Dark Reading Staff 3/23/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.