Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in October 2006
Page 1 / 2   >   >>
Arxceo, JCI Team
News  |  10/31/2006  | 
Arxceo has completed the integration of its patented technologies, Plug and Protect and Tag-UR-IT into JCI's B-Mobile PHS product
Strato Offers Email Security
News  |  10/31/2006  | 
Strato introduces ServerSide Security, a service to combat spam, phishing, and email viruses
The Web App Security Gap
News  |  10/31/2006  | 
Attacks on applications quickly evolve in intelligence, but most enterprises' Web application security strategies are still stuck in the primordial ooze
MX Logic Issues Report
News  |  10/31/2006  | 
MX Logic announced a 40 percent increase in overall email traffic from July through September
IE7 Feature Goes Buggy
News  |  10/31/2006  | 
If your IE7 browser starts scarfing CPU when you hit Ajax-laden sites, you may need to disable your anti-phishing filter
Secure Computing Targets Spam
News  |  10/31/2006  | 
Secure Computing announced it is waging war against image spam, where spammers hide messages in image files to escape detection
Not Your Grandpa's Microsoft
News  |  10/30/2006  | 
Think you're being smart by waiting for Vista's SP 2? Think again
The Vista-Forefront Security Two-Step
News  |  10/30/2006  | 
Legacy apps - Microsoft and non-Microsoft - may not get Forefront and Vista security, security experts say
Criminals in the Call Center?
News  |  10/30/2006  | 
New reports say call center employees could be leaking personal customer information
Vernier, Kanematsu Partner
News  |  10/30/2006  | 
Kanematsu Electronics has selected Vernier's EdgeWall product family for its Network Access Control (NAC) solution
MySpace Under Siege
News  |  10/30/2006  | 
A weekend phishing attack and more XSS zero-day proof-of-concept code are testing the social networking site's security mettle
HSPD-12's Toothless Deadline
News  |  10/27/2006  | 
US federal government's mandate for physical and logical security plagued by confusion, lack of funding
Don't Blame the Browser
News  |  10/27/2006  | 
Not all Web bugs are in the browser - sometimes they're the result of the way the browser interacts with other apps
Mending Holes in the Blogosphere
News  |  10/27/2006  | 
Free Vox blogging service controls JavaScript, lets bloggers set privacy controls
A Public Snort
News  |  10/26/2006  | 
Sourcefire, maker of the popular open-source Snort security tool, files for an IPO
Sophos Extends Control
News  |  10/26/2006  | 
Sophos announced the ability to control employee use of distributed computing applications on corporate networks
New Browsers, New Bugs
News  |  10/25/2006  | 
Two have already been reported in the new Internet Explorer 7. Will Firefox 2.0 face the same fate?
'Crimeware' Defined
News  |  10/25/2006  | 
Anti-Phishing Working Group and Department of Homeland Security explain most prevalent forms of online attacks
MySpace Hacker: Fix Is Flawed
News  |  10/25/2006  | 
The researcher who published proof-of-concept code of a MySpace flaw explains why he developed it - and why MySpace's fix might not hold
Symantec Reports Q2
News  |  10/25/2006  | 
Symantec reported results for the second quarter of fiscal year 2007
Outpost Firewall Scores High
News  |  10/25/2006  | 
Outpost Firewall Pro 4.0 from Agnitum is the software firewall best able to defend itself from direct and brutal attacks
SurfControl Unveils Products
News  |  10/24/2006  | 
SurfControl's new set of product offerings enable customers to achieve greater levels of protection, flexibility and customization
It's the People, Stupid
News  |  10/24/2006  | 
After years of investing in technology, IT security departments are putting more effort - and dollars - in people and processes, study says
Zero Day Flaw Found in MySpace
News  |  10/24/2006  | 
A variant of an XSS vulnerability opens the door for worms, phishing, and port scans via the popular social networking site
Mutating Email Bugs Swarm
News  |  10/23/2006  | 
New variants of two old email-borne exploits illustrate how today's messaging bugs are becoming harder to kill
Webmail is Rife, & Risky
News  |  10/23/2006  | 
Survey says companies allow staff to access personal Web-based email accounts at work
Microsoft Promises Open Email Security
News  |  10/23/2006  | 
Microsoft pulled its Sender ID email authentication protocol under its OSP program to promote development of the once-controversial spec
Metasploit to Go Wireless
News  |  10/23/2006  | 
Wireless device-driver software set to emerge as the next big petri dish for exploits, attacks
JavaScript Malware Strikes Firewalls
News  |  10/23/2006  | 
It's a security hole no one knows how to fix, except by degrading Web browsing to little more than a text-based experience
WhiteHat Debuts Sentinel 3.0
News  |  10/23/2006  | 
WhiteHat Security announced WhiteHat Sentinel 3.0, the only continuous vulnerability assessment, management service for Websites
Consentry Secures LAN
News  |  10/23/2006  | 
ConSentry Networks announced today that Canaras Capital Management has purchased ConSentry's LANShield Switch
Reconnex Adds Capabilities
News  |  10/23/2006  | 
Reconnex adds new capabilities for protecting intellectual property and private data before, during, and after exposure
Database Threat Intensifies
News  |  10/20/2006  | 
Attackers are pulling out the stops to break into Oracle databases
Spammers Turn the Tables Again
News  |  10/20/2006  | 
SpamThru trojan pirates AV software, encrypts it, then uses P2P to keep sophisticated botnet alive
Just When You Thought It Was Safe
News  |  10/19/2006  | 
Think those old security problems are all solved? Dark Reading's 'Ten Most Dangerous Things Users Do Online' may make you think again
Phishers' Catch: Better Than Expected
News  |  10/19/2006  | 
A new study from the University of Indiana indicates that phishers are more successful at catching users than most industry estimates suggest
ISPs Plan Security Push
News  |  10/18/2006  | 
New opportunities, public criticism drive service providers to develop more comprehensive security services
Viruses Without Borders
News  |  10/18/2006  | 
Hackers test a new generation of malware that attacks multiple platforms simultaneously
Trojan Poses as IE7 Download
News  |  10/18/2006  | 
Spoofed email contains link to trojan downloader disguised as a link to Internet Explorer upgrade
AirGuard Intros Antidote
News  |  10/18/2006  | 
Airwide Solutions unveiled an antidote for the new and growing epidemic of mobile messaging threats
ScanSafe Releases Report
News  |  10/18/2006  | 
ScanSafe released its latest Global Threat Report on Web filtering, spyware, and viruses
Malware: The Undead
News  |  10/17/2006  | 
Thanks to cache servers, some malicious code lives on - even after it has supposedly been eradicated
CSRF Vulnerability: A 'Sleeping Giant'
News  |  10/17/2006  | 
A mostly unknown Web vulnerability called Cross-Site Request Forgery could be the next attack vector on your Website
Cybercrime: Better Than Drugs
News  |  10/16/2006  | 
Cybercrime is becoming even more lucrative than the drug trade - and even operates on a similar model, says one researcher
Attacks on Consumers Intensify
News  |  10/16/2006  | 
Attackers are no longer waiting to steal data coming out of your computer - they're going in and taking it
PreEmptive Adds Partners
News  |  10/16/2006  | 
PreEmptive Solutions' Entrepreneur Program expands to include over 60 companies in its first four months
Power Pay
News  |  10/13/2006  | 
As the 2006 holiday season looms, retailers consider bypassing credit cards in favor of more secure online payment options
AV Vendors Need Not Fear Microsoft
News  |  10/13/2006  | 
That from an ex-Microsoft security manager who says Redmond's antivirus moves will mostly help, not hinder, the market
A-Listing Your Apps
News  |  10/12/2006  | 
Enterprises enlist app whitelisting to combat malware and unauthorized tools, but the approach has a dark side
Google Searchers Find Malware
News  |  10/12/2006  | 
Hackers create a lookalike Google Italy site and lure users to download malicious apps
Page 1 / 2   >   >>


How Attackers Could Use Azure Apps to Sneak into Microsoft 365
Kelly Sheridan, Staff Editor, Dark Reading,  3/24/2020
Malicious USB Drive Hides Behind Gift Card Lure
Dark Reading Staff 3/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10940
PUBLISHED: 2020-03-27
Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service.
CVE-2020-10939
PUBLISHED: 2020-03-27
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
CVE-2020-6095
PUBLISHED: 2020-03-27
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2020-10817
PUBLISHED: 2020-03-27
The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued.
CVE-2020-10952
PUBLISHED: 2020-03-27
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.