Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in October 2006
Page 1 / 2   >   >>
Arxceo, JCI Team
News  |  10/31/2006  | 
Arxceo has completed the integration of its patented technologies, Plug and Protect and Tag-UR-IT into JCI's B-Mobile PHS product
Strato Offers Email Security
News  |  10/31/2006  | 
Strato introduces ServerSide Security, a service to combat spam, phishing, and email viruses
The Web App Security Gap
News  |  10/31/2006  | 
Attacks on applications quickly evolve in intelligence, but most enterprises' Web application security strategies are still stuck in the primordial ooze
MX Logic Issues Report
News  |  10/31/2006  | 
MX Logic announced a 40 percent increase in overall email traffic from July through September
IE7 Feature Goes Buggy
News  |  10/31/2006  | 
If your IE7 browser starts scarfing CPU when you hit Ajax-laden sites, you may need to disable your anti-phishing filter
Secure Computing Targets Spam
News  |  10/31/2006  | 
Secure Computing announced it is waging war against image spam, where spammers hide messages in image files to escape detection
Not Your Grandpa's Microsoft
News  |  10/30/2006  | 
Think you're being smart by waiting for Vista's SP 2? Think again
The Vista-Forefront Security Two-Step
News  |  10/30/2006  | 
Legacy apps - Microsoft and non-Microsoft - may not get Forefront and Vista security, security experts say
Criminals in the Call Center?
News  |  10/30/2006  | 
New reports say call center employees could be leaking personal customer information
Vernier, Kanematsu Partner
News  |  10/30/2006  | 
Kanematsu Electronics has selected Vernier's EdgeWall product family for its Network Access Control (NAC) solution
MySpace Under Siege
News  |  10/30/2006  | 
A weekend phishing attack and more XSS zero-day proof-of-concept code are testing the social networking site's security mettle
HSPD-12's Toothless Deadline
News  |  10/27/2006  | 
US federal government's mandate for physical and logical security plagued by confusion, lack of funding
Don't Blame the Browser
News  |  10/27/2006  | 
Not all Web bugs are in the browser - sometimes they're the result of the way the browser interacts with other apps
Mending Holes in the Blogosphere
News  |  10/27/2006  | 
Free Vox blogging service controls JavaScript, lets bloggers set privacy controls
A Public Snort
News  |  10/26/2006  | 
Sourcefire, maker of the popular open-source Snort security tool, files for an IPO
Sophos Extends Control
News  |  10/26/2006  | 
Sophos announced the ability to control employee use of distributed computing applications on corporate networks
New Browsers, New Bugs
News  |  10/25/2006  | 
Two have already been reported in the new Internet Explorer 7. Will Firefox 2.0 face the same fate?
'Crimeware' Defined
News  |  10/25/2006  | 
Anti-Phishing Working Group and Department of Homeland Security explain most prevalent forms of online attacks
MySpace Hacker: Fix Is Flawed
News  |  10/25/2006  | 
The researcher who published proof-of-concept code of a MySpace flaw explains why he developed it - and why MySpace's fix might not hold
Symantec Reports Q2
News  |  10/25/2006  | 
Symantec reported results for the second quarter of fiscal year 2007
Outpost Firewall Scores High
News  |  10/25/2006  | 
Outpost Firewall Pro 4.0 from Agnitum is the software firewall best able to defend itself from direct and brutal attacks
SurfControl Unveils Products
News  |  10/24/2006  | 
SurfControl's new set of product offerings enable customers to achieve greater levels of protection, flexibility and customization
It's the People, Stupid
News  |  10/24/2006  | 
After years of investing in technology, IT security departments are putting more effort - and dollars - in people and processes, study says
Zero Day Flaw Found in MySpace
News  |  10/24/2006  | 
A variant of an XSS vulnerability opens the door for worms, phishing, and port scans via the popular social networking site
Mutating Email Bugs Swarm
News  |  10/23/2006  | 
New variants of two old email-borne exploits illustrate how today's messaging bugs are becoming harder to kill
Webmail is Rife, & Risky
News  |  10/23/2006  | 
Survey says companies allow staff to access personal Web-based email accounts at work
Microsoft Promises Open Email Security
News  |  10/23/2006  | 
Microsoft pulled its Sender ID email authentication protocol under its OSP program to promote development of the once-controversial spec
Metasploit to Go Wireless
News  |  10/23/2006  | 
Wireless device-driver software set to emerge as the next big petri dish for exploits, attacks
JavaScript Malware Strikes Firewalls
News  |  10/23/2006  | 
It's a security hole no one knows how to fix, except by degrading Web browsing to little more than a text-based experience
WhiteHat Debuts Sentinel 3.0
News  |  10/23/2006  | 
WhiteHat Security announced WhiteHat Sentinel 3.0, the only continuous vulnerability assessment, management service for Websites
Consentry Secures LAN
News  |  10/23/2006  | 
ConSentry Networks announced today that Canaras Capital Management has purchased ConSentry's LANShield Switch
Reconnex Adds Capabilities
News  |  10/23/2006  | 
Reconnex adds new capabilities for protecting intellectual property and private data before, during, and after exposure
Database Threat Intensifies
News  |  10/20/2006  | 
Attackers are pulling out the stops to break into Oracle databases
Spammers Turn the Tables Again
News  |  10/20/2006  | 
SpamThru trojan pirates AV software, encrypts it, then uses P2P to keep sophisticated botnet alive
Just When You Thought It Was Safe
News  |  10/19/2006  | 
Think those old security problems are all solved? Dark Reading's 'Ten Most Dangerous Things Users Do Online' may make you think again
Phishers' Catch: Better Than Expected
News  |  10/19/2006  | 
A new study from the University of Indiana indicates that phishers are more successful at catching users than most industry estimates suggest
ISPs Plan Security Push
News  |  10/18/2006  | 
New opportunities, public criticism drive service providers to develop more comprehensive security services
Viruses Without Borders
News  |  10/18/2006  | 
Hackers test a new generation of malware that attacks multiple platforms simultaneously
Trojan Poses as IE7 Download
News  |  10/18/2006  | 
Spoofed email contains link to trojan downloader disguised as a link to Internet Explorer upgrade
AirGuard Intros Antidote
News  |  10/18/2006  | 
Airwide Solutions unveiled an antidote for the new and growing epidemic of mobile messaging threats
ScanSafe Releases Report
News  |  10/18/2006  | 
ScanSafe released its latest Global Threat Report on Web filtering, spyware, and viruses
Malware: The Undead
News  |  10/17/2006  | 
Thanks to cache servers, some malicious code lives on - even after it has supposedly been eradicated
CSRF Vulnerability: A 'Sleeping Giant'
News  |  10/17/2006  | 
A mostly unknown Web vulnerability called Cross-Site Request Forgery could be the next attack vector on your Website
Cybercrime: Better Than Drugs
News  |  10/16/2006  | 
Cybercrime is becoming even more lucrative than the drug trade - and even operates on a similar model, says one researcher
Attacks on Consumers Intensify
News  |  10/16/2006  | 
Attackers are no longer waiting to steal data coming out of your computer - they're going in and taking it
PreEmptive Adds Partners
News  |  10/16/2006  | 
PreEmptive Solutions' Entrepreneur Program expands to include over 60 companies in its first four months
Power Pay
News  |  10/13/2006  | 
As the 2006 holiday season looms, retailers consider bypassing credit cards in favor of more secure online payment options
AV Vendors Need Not Fear Microsoft
News  |  10/13/2006  | 
That from an ex-Microsoft security manager who says Redmond's antivirus moves will mostly help, not hinder, the market
A-Listing Your Apps
News  |  10/12/2006  | 
Enterprises enlist app whitelisting to combat malware and unauthorized tools, but the approach has a dark side
Google Searchers Find Malware
News  |  10/12/2006  | 
Hackers create a lookalike Google Italy site and lure users to download malicious apps
Page 1 / 2   >   >>


AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at Zscaler,  9/10/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-14540
PUBLISHED: 2019-09-15
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
CVE-2019-16332
PUBLISHED: 2019-09-15
In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject JavaScript code, aka XSS.
CVE-2019-16333
PUBLISHED: 2019-09-15
GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in admin/theme-edit.php.
CVE-2019-16334
PUBLISHED: 2019-09-15
In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. NOTE: this may overlap CVE-2017-16636.
CVE-2019-16335
PUBLISHED: 2019-09-15
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.