Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in October 2007
<<   <   Page 2 / 3   >   >>
Core Appoints New VP of Product Management
News  |  10/22/2007  | 
Security industry veteran joins security testing software leader
BitDefender, Tribeka Team Up
News  |  10/22/2007  | 
BitDefender and Tribeka partner for security software delivery
Ounce Labs Expands Into Europe
News  |  10/22/2007  | 
Ounce Labs extends application security leadership with worldwide expansion
Spammers Convicted in $2M Loan Fraud Scheme
News  |  10/19/2007  | 
Fraudsters collected 'advance fees' from borrowers who couldn't get conventional loans
Advantage: Bad Guys
News  |  10/19/2007  | 
As long as rules and practices leave loopholes, it's a cybercriminal's market
Study: ID Fraud Varies With Victims' Income Level
News  |  10/18/2007  | 
'Economic divide' may lead businesses to develop more customized defenses for different customer types, Javelin research says
Tangent Adds Real-Time Content Filtering
News  |  10/18/2007  | 
Tangent announces Web Hawk 3.0 - low-cost content filtering, now with real-time content recognition technology
Spammers Pump & Dump With Tunes
News  |  10/18/2007  | 
Sophos: In new twist, criminals adopt bizarre audio technique in attempt to inflate share prices
No Breach, No Foul
News  |  10/17/2007  | 
Businesses may not be required to fix vulnerabilities on their Websites - until it's too late
Small Business: Hackers' Low-Hanging Fruit
News  |  10/17/2007  | 
With few IT resources and even fewer security skills, mom-and-pop shops increasingly look like juicy targets for the bad guys
Thieves Help Themselves to Home Depot Laptop
Quick Hits  |  10/17/2007  | 
Personal information of 10,000 employees at risk, hardware chain says
Phishing's Future Scapegoats
News  |  10/17/2007  | 
If they don't act soon, frequently-phished companies may be held liable for crimes committed in their names
Wolves in IT Administrators' Clothing?
News  |  10/16/2007  | 
Enterprises, vendors move to safeguard their systems from rogue systems administrators
Akonix Supports MS Office Server 2007
News  |  10/16/2007  | 
Akonix drives innovation in the compliance and risk management market
eBay, PayPal Phishing Exploits Plummet
Quick Hits  |  10/16/2007  | 
Sophos says 21 percent of phishing emails target eBay and PayPal, down from 85 percent last year
'Secret' Workshop Explores Future of Malware
News  |  10/16/2007  | 
Malware will get worse before it gets better
Schwarzenegger Terminates CA Retail Data Security Law
News  |  10/15/2007  | 
Minnesota remains only state to outlaw retention of credit card data
Debugging Your Bug Software
News  |  10/15/2007  | 
How can you be sure your applications and security tools don't have bugs when you buy them? Here are a few tips
Lumension, KACE Partner
News  |  10/15/2007  | 
KACE and Lumension Security forge partnership to deliver comprehensive patch management for the medium enterprise
Corps. Don't Trust Web App Security
News  |  10/15/2007  | 
In a recent Cenzic survey, data breach is the No. 1 Web application security concern
WhiteHat: 90% Websites Have Vulnerabilities
News  |  10/15/2007  | 
WhiteHat Security issues latest Website security statistics report
Symantec to Announce Purchase of DLP Vendor Vontu
Quick Hits  |  10/15/2007  | 
Deal could seal the role of big AV vendors in DLP space
Obstacles Nick NAC, But Growth Continues
News  |  10/12/2007  | 
Most companies are getting network access control, but cost and lack of integration still are pain points
IGN Locks Down Endpoints
News  |  10/12/2007  | 
IGN Entertainment uses technology from Bit9 to control what its end users can access - and what they can't
Imperva Outlines Security for Web Retailers
News  |  10/12/2007  | 
Imperva presents free Webinar and demo for online retailers on preventing identity theft
'Spammer Murder' Is a Hoax
Quick Hits  |  10/12/2007  | 
Reported 'mob hit' against major spammer turns out to be one big Russian yarn
Another 'Cross' to Bear
News  |  10/11/2007  | 
Cross-site scripting, cross-site request forgery - and now, cross-build injection (CBI)
Hackers Attack Apps While Still in Development
News  |  10/11/2007  | 
'Cross-build injection' gives attackers a way to infect apps while they are being written
Former IT Admin Convicted of Sabotage
News  |  10/11/2007  | 
Disgruntled staffer faces 10 years in jail after destroying payroll and HR files at Pentastar
Online Games & the Law
News  |  10/11/2007  | 
US law struggles to keep up with new capabilities in collaborative computing environments
Mu Security to Participate in Plugfest III
News  |  10/11/2007  | 
Mu Security to advance IMS robustness by participating in IMS Forum Plugfast III interoperability event
Shavlik Announces Integration Into Juniper's UAC
News  |  10/11/2007  | 
Shavlik Technologies announces integration of its advanced security assessment capabilities into Juniper's Unified Access Control solution
Email Interception a Real Risk for UK Law Firms
News  |  10/11/2007  | 
Survey highlights mistaken belief that antivirus and spam prevention solutions provide adequate email protection
Experts: Security Flaws Vary on Social Networking Sites
News  |  10/10/2007  | 
Though often lumped together, MySpace, Facebook, and LinkedIn each have their own security weaknesses
FTC Comes Down Hard on Spammers
News  |  10/10/2007  | 
In separate cases, agency slaps complaints on defendants for identity trafficking, bogus product claims
How to Turn Your Browser Into a Weapon
News  |  10/10/2007  | 
Add these extensions to Firefox when you're looking to do some hacking
Are 'Geek' Services a Big Scam?
Quick Hits  |  10/10/2007  | 
Undercover study by Canadian news organization finds that many consumer-oriented IT services are more sneaky than geeky
Businesses Divided Over Who Poses Biggest Threat
News  |  10/10/2007  | 
Network access control needed to secure all desktop, mobile, and guest network users
Unified Communications Poses Risks in '08
News  |  10/10/2007  | 
Akonix forecasts 2008 real-time communications trends
St. Bernard: Spam Uptick Predicted After Summer
News  |  10/10/2007  | 
St. Bernard tracks summer slowdown in spam and virus activity warns of increase in viruses and zombies from student PCs
Cisco Folds Security Research Group
News  |  10/9/2007  | 
Cisco's Critical Infrastructure Assurance Group (CIAG) restructured
Security Spending on the Rise, CompTIA Says
News  |  10/9/2007  | 
Security now accounts for 20 percent of IT technology and training budget, according to new survey
Webwasher Scores High in AV Test Labs
News  |  10/9/2007  | 
Webwasher employs technology to provide superior detection in a rapidly evolving threat environment
Varonis Crosses 100th Customer Milestone
News  |  10/9/2007  | 
Varonis completes Q3, crossing 100th Customer Milestone
US: Biggest Phishing Host of All
Quick Hits  |  10/9/2007  | 
New data from PhishTank shows most phishing sites over the past 12 months were hosted here in the US
Guardium Offers Visibility Into Mainframe DB2 Blind Spot
News  |  10/9/2007  | 
Guardium to add its database security monitoring software for the DB2 mainframe environment
OWASP Preps Framework for Website Security Certification
News  |  10/8/2007  | 
But critics say getting all the necessary players on board may be too tall an order
Three Hot Defensive Firefox Extensions
News  |  10/8/2007  | 
A look at my favorite Firefox browser extensions
Over 5,000 Swedish Websites Hacked in a Week
Quick Hits  |  10/8/2007  | 
Likely in protest of controversial Swedish newspaper drawing of the Prophet Muhammad
An Extra Layer of Phishing Protection
News  |  10/8/2007  | 
Blue Coat adds real-time analysis of potential phishing sites
<<   <   Page 2 / 3   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/&lt;id&gt;.html allows authenticated attackers to delete all users.
CVE-2016-6555
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in ver...
CVE-2016-6556
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This iss...