Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in January 2007
Page 1 / 2   >   >>
Vendors Prep for Database Security War
News  |  1/31/2007  | 
New products set to roll as enterprises look to safeguard their most sensitive data
Reveleus Unveils GRC Framework
News  |  1/31/2007  | 
Reveleus unveils the first governance, risk, and compliance framework for the financial services industry
Symantec CEO to Keynote at RSA
News  |  1/31/2007  | 
Symantec announced that John W. Thompson will keynote at the RSAR Conference 2007
Outer Limits of IPS
News  |  1/30/2007  | 
Anomaly- and rules-based protections are nice, but they have their limitations
More Thefts From TJX Breach
News  |  1/30/2007  | 
Retail giant out of compliance with PCI security requirements, according to Visa alert
US Military Roadmap: 'Fight the Net'
News  |  1/30/2007  | 
Declassified Defense Department document reveals US military's strategy for using information as a weapon
Shavlik Makes Acquisition
News  |  1/30/2007  | 
Shavlik acquires UpdateExpert from St. Bernard Software
MessageLabs Reports Findings
News  |  1/30/2007  | 
MessageLabs announced the results of its MessageLabs Intelligence Report for January 2007
IBM Reports Survey Results
News  |  1/30/2007  | 
IBM announced the highlights of its 2006 security statistics report
Radware Unveils Security Strategy
News  |  1/30/2007  | 
Radware unveils advanced behavioral security strategy for enterprises and carriers
Symantec, HP Extend Relationship
News  |  1/30/2007  | 
Symantec announced the signing of a multi-year extension to its existing contract with HP, the worldwide PC sales leader
Savant Unveils Hybrid Malware Solution
News  |  1/29/2007  | 
Savant Protection unveils the industry's first hybrid malware solution
Sophos Relocates North American HQ
News  |  1/29/2007  | 
Sophos announced the relocation of its North American headquarters to Burlington
A Free Database Scanner
News  |  1/29/2007  | 
Imperva's new free Scuba database scanner tool dives deep into the database to pinpoint weaknesses
ScanSafe Reports Spyware Surge
News  |  1/29/2007  | 
ScanSafe, the leading global provider of Web Security-as-a-Service, issued its Annual Global Threat Report
Symantec Buys Altiris for $830M
News  |  1/29/2007  | 
Security giant plans to take on Microsoft in desktop management, end-point security
Seven Ways to Be Mistaken for a Spammer
News  |  1/29/2007  | 
How to keep your organization's mail from being caught in the spam filter
SPI Unveils Phoenix Architecture
News  |  1/29/2007  | 
SPI Dynamics announced the company's Phoenix architecture
Symantec Adds to Board
News  |  1/29/2007  | 
Symantec appoints Frank E. Dangeard to the board of directors
EEye Adds AV to Blink
News  |  1/28/2007  | 
EEye Digital Security incorporates antivirus protection into Blink Professional, its endpoint security product
IBM's 'Need to Know' Software
News  |  1/26/2007  | 
IBM's Idemix application lets consumers do business on the Web without giving away unnecessary personal data
Microsoft's 'Secret' Security Summit
News  |  1/26/2007  | 
Microsoft hosts meeting of security experts, who are plotting to wrest control of the Internet back from the bad guys
Should IT Block iPhone?
News  |  1/26/2007  | 
Developing hardware policies is an important part of the security organization's strategic role
SIM/Net Management Combo on Tap
News  |  1/26/2007  | 
eIQnetworks is about to release a new tool that integrates security and network management info
Shivering in Their Breaches
News  |  1/26/2007  | 
Afraid of bad publicity, large organizations delay in warning customers of major security failures
Radware Protects Customers From Worm
News  |  1/26/2007  | 
Radware announced the immediate protection against the W32.Rahack.W worm
Cybertrust Enters EV SSL Fray
News  |  1/25/2007  | 
Experts question whether new browser security will make Internet users any safer
Service Providers Team to Fight Spam
News  |  1/25/2007  | 
Messaging Anti-Abuse Working Group to collaborate against spam, botnets, and zombies
Bradford Intros Product Family
News  |  1/25/2007  | 
New NAC Director delivers comprehensive access control for wired, wireless, and VPN connections
CSOs, On the Wagon
News  |  1/25/2007  | 
Even chief security officers have their vices - and need a 12-step program
Webroot Finds Weaknesses
News  |  1/25/2007  | 
Webroot threat researchers find Vista anti-spyware component fails to block 84 percent of most common spyware
DOD Certifies nCircle
News  |  1/24/2007  | 
Provider of security risk and compliance management solutions receives DITSCAP certification from the US Department of Defense
Search Engine Lists Stolen Data
News  |  1/24/2007  | 
TrustedID launches free service to help consumers find out if their data has been compromised
Intrusic Shuttered
News  |  1/24/2007  | 
Internal threat detection firm undone by complicated technology, competition
Symantec Reports Results
News  |  1/24/2007  | 
Symantec reported results for the third quarter of fiscal year 2007, ended Dec. 29, 2006
Pushback on Chargebacks
News  |  1/24/2007  | 
User data inside browser could hold the key to reducing online fraud and losses
Calyptix Protects Customers From Trojan
News  |  1/24/2007  | 
Calyptix has successfully protected its customers from a new email virus widely known as the Storm Trojan, without reliance on static signatures
Q&A: 'Weld Pond' Talks Secure Software
News  |  1/23/2007  | 
Chris Wysopal sheds light on how his revolutionary testing technology saw the light of day, and discusses his new book, and his security fears
Exploit Releases Survey
News  |  1/23/2007  | 
Exploit package dominates with 70.9% of all occurrences
Mobile Commerce: Hackers' Next Target?
News  |  1/23/2007  | 
Tower Group says financial services industry is overlooking the prospect of mobile malware
Living Off the Grid
News  |  1/23/2007  | 
Planning for disaster recovery before you're stuck with a crippled cable service
PhishTank Looks to Expand
News  |  1/23/2007  | 
PhishTank's operators are looking for a few good developers to expand and grow the anti-phishing site
Cloudmark Helps Stem Spam
News  |  1/23/2007  | 
Latest Cloudmark release lets ISPs deliver unprecedented accuracy, virtually eliminating spam
Perimeter Offers Free Scan
News  |  1/23/2007  | 
Perimeter eSecurity announced that it will provide free vulnerability scans now through March 2, 2007
Sophos Publishes Report
News  |  1/22/2007  | 
Sophos has published its Security Threat Report 2007, examining the threat landscape during 2006, and predicting developments for 2007
26 IRS Computer Tapes Missing
News  |  1/22/2007  | 
Taxpayer data delivered to city of Kansas City in August still has not been found, agency says
Security Startups Make Debut
News  |  1/22/2007  | 
Veracode debuts on-demand software security analysis service, and Provilla, endpoint data-leakage appliance
Cisco's New Opportunity
News  |  1/19/2007  | 
IronPort acquisition could open up possibilities that go well beyond messaging security
Data Losses Strike Three More Firms
News  |  1/19/2007  | 
Banks in Sweden and Canada join TJX, Moneygram in reporting exposure of private customer data
Company Cuts Privileges to Cut Malware
News  |  1/19/2007  | 
Gwinnett Health Systems stripped its client machines of admin and power-user rights and has seen a reduction in malware
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...
CVE-2020-15504
PUBLISHED: 2020-07-10
A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 (named MR-1-Build396) and the v17.5 MR13 release. All other version...
CVE-2020-8190
PUBLISHED: 2020-07-10
Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.
CVE-2020-8191
PUBLISHED: 2020-07-10
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Scripting (XSS).