Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in January 2007
Page 1 / 2   >   >>
Vendors Prep for Database Security War
News  |  1/31/2007  | 
New products set to roll as enterprises look to safeguard their most sensitive data
Reveleus Unveils GRC Framework
News  |  1/31/2007  | 
Reveleus unveils the first governance, risk, and compliance framework for the financial services industry
Symantec CEO to Keynote at RSA
News  |  1/31/2007  | 
Symantec announced that John W. Thompson will keynote at the RSAR Conference 2007
Outer Limits of IPS
News  |  1/30/2007  | 
Anomaly- and rules-based protections are nice, but they have their limitations
More Thefts From TJX Breach
News  |  1/30/2007  | 
Retail giant out of compliance with PCI security requirements, according to Visa alert
US Military Roadmap: 'Fight the Net'
News  |  1/30/2007  | 
Declassified Defense Department document reveals US military's strategy for using information as a weapon
Shavlik Makes Acquisition
News  |  1/30/2007  | 
Shavlik acquires UpdateExpert from St. Bernard Software
MessageLabs Reports Findings
News  |  1/30/2007  | 
MessageLabs announced the results of its MessageLabs Intelligence Report for January 2007
IBM Reports Survey Results
News  |  1/30/2007  | 
IBM announced the highlights of its 2006 security statistics report
Radware Unveils Security Strategy
News  |  1/30/2007  | 
Radware unveils advanced behavioral security strategy for enterprises and carriers
Symantec, HP Extend Relationship
News  |  1/30/2007  | 
Symantec announced the signing of a multi-year extension to its existing contract with HP, the worldwide PC sales leader
Savant Unveils Hybrid Malware Solution
News  |  1/29/2007  | 
Savant Protection unveils the industry's first hybrid malware solution
Sophos Relocates North American HQ
News  |  1/29/2007  | 
Sophos announced the relocation of its North American headquarters to Burlington
A Free Database Scanner
News  |  1/29/2007  | 
Imperva's new free Scuba database scanner tool dives deep into the database to pinpoint weaknesses
ScanSafe Reports Spyware Surge
News  |  1/29/2007  | 
ScanSafe, the leading global provider of Web Security-as-a-Service, issued its Annual Global Threat Report
Symantec Buys Altiris for $830M
News  |  1/29/2007  | 
Security giant plans to take on Microsoft in desktop management, end-point security
Seven Ways to Be Mistaken for a Spammer
News  |  1/29/2007  | 
How to keep your organization's mail from being caught in the spam filter
SPI Unveils Phoenix Architecture
News  |  1/29/2007  | 
SPI Dynamics announced the company's Phoenix architecture
Symantec Adds to Board
News  |  1/29/2007  | 
Symantec appoints Frank E. Dangeard to the board of directors
EEye Adds AV to Blink
News  |  1/28/2007  | 
EEye Digital Security incorporates antivirus protection into Blink Professional, its endpoint security product
IBM's 'Need to Know' Software
News  |  1/26/2007  | 
IBM's Idemix application lets consumers do business on the Web without giving away unnecessary personal data
Microsoft's 'Secret' Security Summit
News  |  1/26/2007  | 
Microsoft hosts meeting of security experts, who are plotting to wrest control of the Internet back from the bad guys
Should IT Block iPhone?
News  |  1/26/2007  | 
Developing hardware policies is an important part of the security organization's strategic role
SIM/Net Management Combo on Tap
News  |  1/26/2007  | 
eIQnetworks is about to release a new tool that integrates security and network management info
Shivering in Their Breaches
News  |  1/26/2007  | 
Afraid of bad publicity, large organizations delay in warning customers of major security failures
Radware Protects Customers From Worm
News  |  1/26/2007  | 
Radware announced the immediate protection against the W32.Rahack.W worm
Cybertrust Enters EV SSL Fray
News  |  1/25/2007  | 
Experts question whether new browser security will make Internet users any safer
Service Providers Team to Fight Spam
News  |  1/25/2007  | 
Messaging Anti-Abuse Working Group to collaborate against spam, botnets, and zombies
Bradford Intros Product Family
News  |  1/25/2007  | 
New NAC Director delivers comprehensive access control for wired, wireless, and VPN connections
CSOs, On the Wagon
News  |  1/25/2007  | 
Even chief security officers have their vices - and need a 12-step program
Webroot Finds Weaknesses
News  |  1/25/2007  | 
Webroot threat researchers find Vista anti-spyware component fails to block 84 percent of most common spyware
DOD Certifies nCircle
News  |  1/24/2007  | 
Provider of security risk and compliance management solutions receives DITSCAP certification from the US Department of Defense
Search Engine Lists Stolen Data
News  |  1/24/2007  | 
TrustedID launches free service to help consumers find out if their data has been compromised
Intrusic Shuttered
News  |  1/24/2007  | 
Internal threat detection firm undone by complicated technology, competition
Symantec Reports Results
News  |  1/24/2007  | 
Symantec reported results for the third quarter of fiscal year 2007, ended Dec. 29, 2006
Pushback on Chargebacks
News  |  1/24/2007  | 
User data inside browser could hold the key to reducing online fraud and losses
Calyptix Protects Customers From Trojan
News  |  1/24/2007  | 
Calyptix has successfully protected its customers from a new email virus widely known as the Storm Trojan, without reliance on static signatures
Q&A: 'Weld Pond' Talks Secure Software
News  |  1/23/2007  | 
Chris Wysopal sheds light on how his revolutionary testing technology saw the light of day, and discusses his new book, and his security fears
Exploit Releases Survey
News  |  1/23/2007  | 
Exploit package dominates with 70.9% of all occurrences
Mobile Commerce: Hackers' Next Target?
News  |  1/23/2007  | 
Tower Group says financial services industry is overlooking the prospect of mobile malware
Living Off the Grid
News  |  1/23/2007  | 
Planning for disaster recovery before you're stuck with a crippled cable service
PhishTank Looks to Expand
News  |  1/23/2007  | 
PhishTank's operators are looking for a few good developers to expand and grow the anti-phishing site
Cloudmark Helps Stem Spam
News  |  1/23/2007  | 
Latest Cloudmark release lets ISPs deliver unprecedented accuracy, virtually eliminating spam
Perimeter Offers Free Scan
News  |  1/23/2007  | 
Perimeter eSecurity announced that it will provide free vulnerability scans now through March 2, 2007
Sophos Publishes Report
News  |  1/22/2007  | 
Sophos has published its Security Threat Report 2007, examining the threat landscape during 2006, and predicting developments for 2007
26 IRS Computer Tapes Missing
News  |  1/22/2007  | 
Taxpayer data delivered to city of Kansas City in August still has not been found, agency says
Security Startups Make Debut
News  |  1/22/2007  | 
Veracode debuts on-demand software security analysis service, and Provilla, endpoint data-leakage appliance
Cisco's New Opportunity
News  |  1/19/2007  | 
IronPort acquisition could open up possibilities that go well beyond messaging security
Data Losses Strike Three More Firms
News  |  1/19/2007  | 
Banks in Sweden and Canada join TJX, Moneygram in reporting exposure of private customer data
Company Cuts Privileges to Cut Malware
News  |  1/19/2007  | 
Gwinnett Health Systems stripped its client machines of admin and power-user rights and has seen a reduction in malware
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Attacker Dwell Time: Ransomware's Most Important Metric
Ricardo Villadiego, Founder and CEO of Lumu,  9/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25288
PUBLISHED: 2020-09-30
An issue was discovered in MantisBT before 2.24.3. When editing an Issue in a Project where a Custom Field with a crafted Regular Expression property is used, improper escaping of the corresponding form input's pattern attribute allows HTML injection and, if CSP settings permit, execution of arbitra...
CVE-2020-25781
PUBLISHED: 2020-09-30
An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly.
CVE-2020-25830
PUBLISHED: 2020-09-30
An issue was discovered in MantisBT before 2.24.3. Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when attempting to update said custom field via bug_actiongroup_page.php.
CVE-2020-26159
PUBLISHED: 2020-09-30
In Oniguruma 6.9.5_rev1, an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat_opt_exact_str in src/regcomp.c .
CVE-2020-6654
PUBLISHED: 2020-09-30
A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.