Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in January 2007
<<   <   Page 2 / 2
SecureMac Releases Anti-Spyware
News  |  1/19/2007  | 
SecureMac is pleased to announce the release of MacScan 2.3
Commoditizing Malware
News  |  1/19/2007  | 
As tools and kits abound, are we on the threshold of McMalware?
TJX Breach Skewers Customers, Banks
News  |  1/18/2007  | 
Many banks report thefts from hack of major retailer
Five Unsolved Mysteries of Security
News  |  1/18/2007  | 
Not every security problem gets a quick solution - can these mysteries ever be solved?
Virus Is No Pandemic, Reports Sophos
News  |  1/18/2007  | 
Sophos has urged Windows users not to panic following reports of a worm that is said to have infected 'several million' computers across China
TippingPoint Measures Risk
News  |  1/18/2007  | 
Deal with Digital Defense combines IPS and risk assessment technologies
Errata Debuts Security Services
News  |  1/17/2007  | 
New services offer vulnerability reality-check - and exploits
How to Catch Computer Criminals
News  |  1/17/2007  | 
FBI issues guidelines to help local cops nail online bad guys
SecureWorks Blocks Hacker Attacks
News  |  1/17/2007  | 
SecureWorks blocked over 37 million Web app hacker attacks attempted against its banking, credit union, and utility clients in '06
Think Before You Strip
News  |  1/16/2007  | 
To strip or not to strip? Your choice could have a major impact on the viewer's experience
Spam Hidden in Email Newsletters
News  |  1/16/2007  | 
Spammers are now using 'wait and switch' techniques with templates of your favorite newsletters served with a spam popup
Putting App Security to the Test
News  |  1/12/2007  | 
Scanning your applications for vulnerabilities and problems beforehand is best, but not the norm yet
For Sale: Phishing Kit
News  |  1/12/2007  | 
RSA analyzes a new, universal package that lets attackers launch man-in-the-middle phishing exploits
Security's Simple Messages
News  |  1/12/2007  | 
Want users to stop acting so dumb? Then it's time to act smart
The Sting
News  |  1/12/2007  | 
What would you say if you met one of your attackers?
Sophos Acquires ENDFORCE
News  |  1/11/2007  | 
Sophos has acquired ENDFORCE, a leader in endpoint security policy compliance and NAC solutions for enterprise customers
Web-App Phobia
News  |  1/11/2007  | 
Multiple conditions have turned Web applications into a much riskier proposition
Fake VPN Purposely Tempts Fate
News  |  1/11/2007  | 
Two attackers have fallen into the Distributed Honeynet Project's trap
10 Ways to Get Users to Follow Security Policy
News  |  1/11/2007  | 
Here are 10 of the most effective ways security departments motivate users to follow the rules
iDefense Offers Bounty for Vista, IE7 Bugs
News  |  1/10/2007  | 
iDefense contest offers as much as $12,000 for zero-day bugs and exploits in Vista, IE7
Bluetooth Security Worse Than WiFi
News  |  1/10/2007  | 
Time to start taking Bluetooth security seriously, as device driver bugs and hacking tools abound
Concetto, OpenService Partner
News  |  1/9/2007  | 
OpenService and Concetto Security team to provide best-of-breed security information and event management solutions
White Hat Offers Trade-Up Program
News  |  1/9/2007  | 
WhiteHat Security announces risk-free competitive trade-up program
Sophos Intros WS1000
News  |  1/9/2007  | 
Sophos launched the WS1000,an all-in-one Web control platform to provide trusted content security, application control, and URL filtering
RSA AFCC Uncovers New Kit
News  |  1/9/2007  | 
RSA announced that its 24x7 Anti-Fraud Command Center (AFCC) has uncovered a new phishing kit being sold and used online by fraudsters
Anti-Malware Insurance
News  |  1/9/2007  | 
Prevx software analyzes malware behavior to pick up where antivirus products leave off
GRISOFT Extends Support on AVG
News  |  1/9/2007  | 
GRISOFT announced the extension of user product support for AVG Anti-Virus Free Edition 7.1 through February 18, 2007
Schneier On Schneier
News  |  1/9/2007  | 
Renowned security icon Bruce Schneier shares food for thought on security, fine dining, and disclosing and eating bugs
First 'WiFi Protected' Products Certified
News  |  1/8/2007  | 
New configuration standard projected to improve security in homes and remote offices
Untying the Bot Knot
News  |  1/8/2007  | 
How to tell if your machine is moonlighting on a botnet, the dangers that presents, and what you can (and can't) do about it
McAfee Expands Management Team
News  |  1/8/2007  | 
McAfee has expanded its senior management team with three appointments
Banking on Multifactor Authentication
News  |  1/5/2007  | 
Desert Schools Federal Credit Union is banking on multifactor authentication
HIPS Swing
News  |  1/5/2007  | 
The need for mobile security is pushing enterprises toward host intrusion prevention tools
Botnets Don Invisibility Cloaks
News  |  1/4/2007  | 
Botnet operators move their communications to the Web to cover their tracks
When Your PDF Reader Turns on You
News  |  1/4/2007  | 
A new XSS bug in Adobe's Acrobat Reader could give an attacker access to your hard drive
New Hacking Tools Bite Bluetooth
News  |  1/3/2007  | 
Researchers have released two Bluetooth hacking tools that let an attacker control a victim's machine
Rift Widens Over Bug Disclosure
News  |  1/3/2007  | 
Researchers in snipe-fest over propriety of bug disclosure initiatives
DNS Ratting You Out?
News  |  1/3/2007  | 
Use of whois or nslookup is just the beginning of hacker reconnaissance
Sophos Announces Top 10
News  |  1/3/2007  | 
Sophos has revealed the most prevalent malware threats and email hoaxes worldwide during December 2006
Feds Host Encryption Bakeoff
News  |  1/2/2007  | 
Vendors seek contract award for encryption of all government-owned laptops
Apple Bug Bites OS X, Windows
News  |  1/2/2007  | 
An exploit for a newly discovered critical flaw in Apple's QuickTime video app could mean trouble for Mac, PC users
<<   <   Page 2 / 2


Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Lessons from the NSA: Know Your Assets
Robert Lemos, Contributing Writer,  12/12/2019
4 Tips to Run Fast in the Face of Digital Transformation
Shane Buckley, President & Chief Operating Officer, Gigamon,  12/9/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19807
PUBLISHED: 2019-12-15
In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for ...
CVE-2014-8650
PUBLISHED: 2019-12-15
python-requests-Kerberos through 0.5 does not handle mutual authentication
CVE-2014-3536
PUBLISHED: 2019-12-15
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration
CVE-2014-3643
PUBLISHED: 2019-12-15
jersey: XXE via parameter entities not disabled by the jersey SAX parser
CVE-2014-3652
PUBLISHED: 2019-12-15
JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL.