Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in October 2007
Page 1 / 3   >   >>
Report: Al Qaeda Schedules Cyber Jihad for Nov. 11
News  |  10/31/2007  | 
Unconfirmed report raises questions, sets bloggers blogging
Hole-y Leopard!
News  |  10/31/2007  | 
A first-hand look at the problems with the new OS X OS's firewall
BitDefender Reports Top 10 Malware
News  |  10/31/2007  | 
Peed Trojan, aka Storm worm, remains in the top spot
MX Logic Filters Attachment-Based Spam
News  |  10/31/2007  | 
MX Logic adds a new layer to its security filtering process
Halloween Spam Storms Inboxes
News  |  10/31/2007  | 
Marshal: Dancing skeleton spam is Halloween Storm Trojan
ESET Adds Antispyware, Antispam, Firewall
News  |  10/30/2007  | 
Integrated solution couples new version of ESET NOD32 Antivirus with anti-spyware, anti-spam, and firewall features
Website Security Seals Get a Boost
News  |  10/30/2007  | 
McAfee's purchase of ScanAlert could bring more big players, and better technology, to Website security seal programs
Huge Breach Causes Little Pain at TJX
News  |  10/30/2007  | 
Despite exposing nearly 100M credit cards, retailer continues to do brisk business
Industry Hears First 'Singing Spam'
News  |  10/30/2007  | 
Spammers hide messages in MP3 files to avoid detection
SecureMac Intros MacScan 2.5
News  |  10/30/2007  | 
SecureMac announce the release of anti-spyware security for Leopard
Astaro Reports on IT Security Trends
News  |  10/30/2007  | 
Astaro global market survey provides Insight into future IT security trends
Signage Company Deploys Fortinet
News  |  10/30/2007  | 
Leading signage company deploys Fortinet to secure network
eIQnetworks Updates SecureVue
News  |  10/30/2007  | 
eIQnetworks combines GRC Audit Management with next-generation SIM to streamline IT assurance
Abaca Adds AV to Email Protection Gateway
News  |  10/30/2007  | 
Abaca partners with Authentium to add antivirus security to its Email Protection Gateway
Bots Rise in the Enterprise
News  |  10/29/2007  | 
Bot infections in enterprises underestimated, bigger than thought
Researchers Fear Reprisals From Storm
News  |  10/29/2007  | 
Massive botnet can launch denial-of-service attacks on those who threaten it
When Penetration Tests Backfire
News  |  10/29/2007  | 
Be careful how you handle that proof-of-concept code
NSN to Use Source Code Analysis
News  |  10/29/2007  | 
Klocwork continues to extend its market leadership amongst source code analysis solutions in the networking and telecom equipment marketplace
Data393 Adds IPS
News  |  10/29/2007  | 
'Threat Manager' boosts Data393's IT security packages
BitDefender Captures Election Spam
News  |  10/29/2007  | 
Spammer plugs Ron Paul for president
Credit Card Holders Suffer for Their Art
Quick Hits  |  10/29/2007  | 
Break-in at popular Art.com Website nets card data for thieves
Sophos Supports Leopard
News  |  10/29/2007  | 
Endpoint security and control provides centralized control for businesses upgrading to Mac OS X 10.5
Researcher: Vonage Vulnerable
News  |  10/26/2007  | 
Popular VOIP service could be subject to spoofing, eavesdropping, and denial of service, Sipera warns
What Not to Do After a Security Breach
News  |  10/26/2007  | 
Expert familiar with TD Ameritrade, TJX cases discusses the mistakes enterprises often make following a breach
Logs: App Security's Chief Building Block
News  |  10/26/2007  | 
Developers should log all access and errors, and operators should track source and destination traffic
Upstart Vendors Question Everything
News  |  10/26/2007  | 
New technologies rethink the way today's security products work
Feds: 30 Security Incidents per Day
Quick Hits  |  10/26/2007  | 
Personal information exposures have doubled in last four months, OMB exec says
Researcher Finds Flood of PDF Spam
News  |  10/26/2007  | 
Malicious PDF files being spammed out in volume
Phoenix Partners With Rutkowska in Securing Hypervisor
News  |  10/25/2007  | 
New ultra-thin hypervisor will benefit from further Blue Pill research
Free Software Tests for Bot Infections
News  |  10/25/2007  | 
PineApp's free zombie test instantly discovers whether business computer networks have been hijacked
Sprint Adds Laptop Security to Mobile Broadband
News  |  10/25/2007  | 
Wireless carrier is first to distribute Alcatel-Lucent's Laptop Guardian connection card
Trend Micro to Buy Provilla
News  |  10/25/2007  | 
Trend Micro will augment content-security solutions with the addition of innovative data leak prevention experts, technology, and products
Actimize Adds Partner Certification Program
News  |  10/25/2007  | 
Unisys supports deployment certification program as a premier member
Startup Unveils Reputation-Based Spam Fighter
Quick Hits  |  10/25/2007  | 
New software rates messages based on user's propensity to receive spam
ExploitMe: Free Firefox Plug-Ins Test Web Apps
News  |  10/24/2007  | 
Tools run directly on the browser and target pervasive XSS, SQL injection vulnerabilities in Web apps
Webroot Rebrands Its Consumer Products
News  |  10/24/2007  | 
PC Magazine Editor's Choice award winner expands to include self-configuring firewall
Weaponizing All Browsers
News  |  10/24/2007  | 
More Web hacking tools to help you become a Web app security master
Is NAC Dying?
News  |  10/24/2007  | 
Frustrated with complexity and cost, many enterprises are retrenching their NAC strategies
VOIP Users at Risk of Eavesdropping, DOS
News  |  10/24/2007  | 
Threat advisories cite issues exposing residential and SMB VOIP customers to multiple exploits and service interruptions
US Still No. 1 Spam-Relayer
News  |  10/24/2007  | 
US captures high-profile spammers, but general computer security remains worryingly lax
Denial-of-Rockies-Tickets Attack
Quick Hits  |  10/24/2007  | 
Ticket-sales system unable to thwart DDOS attack, leaving many Colorado Rockies fans empty-handed
Researchers Create New 'Fingerprinting' Method
News  |  10/23/2007  | 
New tool to be released in conjunction with SecTor conference in Toronto next month
BitDefender Adds Detection for iPhone
News  |  10/23/2007  | 
Antivirus protection for users who 'unlock' their phone
200,000 Notified of Lost Backup Tape
News  |  10/23/2007  | 
West Virginia Public Employees Insurance says tape contains names, addresses, Social Security information
'Fiendish' Trojan Creates Parallel eBay Universe
Quick Hits  |  10/23/2007  | 
Exploit even creates fake third-party validation sites
ForeScout Opens NAC Training Centers
News  |  10/23/2007  | 
ForeScout Technologies establishes training centers across US in response to high demand for NAC deployments
Upstart Takes New Tack on Digital Signatures
News  |  10/22/2007  | 
TriCipher's new MySignatureBook enables multiple signers to authorize a single document electronically
Forensics Tools: A Closer Look
News  |  10/22/2007  | 
Low-cost and open-source tools may significantly expand your forensics options
Online Poker World Rocked by Hack
Quick Hits  |  10/22/2007  | 
Chief of Absolute Poker site says 'consultant' developed method to look at others' hole cards without their knowledge
Fortify Upgrades SCA
News  |  10/22/2007  | 
Fortify Software sets the industry standard for secure code development with introduction of Fortify SCA 5.0
Page 1 / 3   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-20691
PUBLISHED: 2021-09-27
An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files.
CVE-2020-20692
PUBLISHED: 2021-09-27
GilaCMS v1.11.4 was discovered to contain a SQL injection vulnerability via the $_GET parameter in /src/core/controllers/cm.php.
CVE-2020-20693
PUBLISHED: 2021-09-27
A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenticated attackers to arbitrarily add administrator accounts.
CVE-2020-20695
PUBLISHED: 2021-09-27
A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
CVE-2020-20696
PUBLISHED: 2021-09-27
A cross-site scripting (XSS) vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Tags field.