Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in November 2006
Page 1 / 2   >   >>
Grisoft Adds Rescue CD
News  |  11/30/2006  | 
Grisoft, the developer of AVG security software, introduced AVG Rescue CD
Month of Kernel Bugs Ends in Controversy
News  |  11/30/2006  | 
The MOKB forced several vendors to patch their wireless drivers, but it concluded today with a debate over the validity of a Mac OS X flaw
New Threats Loom for 2007
News  |  11/30/2006  | 
Password-stealing sites, video malware, and a parasitic comeback top McAfee's list of predicted threats for new year
Security Appliance Delivers for Kenco
News  |  11/30/2006  | 
Logistics company gets the bigger picture with new appliance, software for security management
Symantec Manages Exchange
News  |  11/30/2006  | 
Symantec will offer market-leading, end-to-end messaging management support for customers migrating to Exchange Server 2007
Sophos Reveals Top Ten
News  |  11/29/2006  | 
Sophos announced the top ten viruses plaguing computer users worldwide during November 2006
TriCipher Hires Exec
News  |  11/29/2006  | 
TriCipher announced that Vatsal Sonecha has joined its executive team as vice president of strategy and business development
Stop Wasting My Time
News  |  11/29/2006  | 
Dark Reading survey shows frustrated security pros spend too much time on drudgery, not enough on important tasks
The 10 Most Overlooked Aspects of Security
News  |  11/29/2006  | 
Think your organization has all its security bases covered? You might think twice after checking out this list
MessageLabs Intros Services
News  |  11/29/2006  | 
MessageLabs announced the launch of MessageLabs Small Business Solutions
Banking on Security
News  |  11/29/2006  | 
No tellers were harmed, no cash was removed... This social engineer was after logins and passwords
F-Secure Protects Corporate Data
News  |  11/29/2006  | 
At the beginning of 2007 the new F-Secure Client Security 7 will take the protection of corporate PCs to a new level
McAfee Predicts '07 Trends
News  |  11/29/2006  | 
McAfee announced its top ten predictions for security threats in 2007 from McAfee Avert Labs
Netragard Unveils Vulnerabilities
News  |  11/29/2006  | 
NETRAGARD announced that its SRT uncovered two potentially critical vulnerabilities with Hewlett-Packard's Tru64 Operating System
Cartus Earns Cybertrust Certification
News  |  11/28/2006  | 
Cartus has obtained Cybertrust Security Management Program (SMP) Enterprise Certification for the fourth year in a row
ESET Protects USD
News  |  11/28/2006  | 
Deer Valley USD has selected ESET NOD32 Antivirus software as the default antivirus solution for its 36 K-12 schools
Hackers and Humbugs
News  |  11/28/2006  | 
Spread some holiday cheer with your own Month of Bugs
Where the Bugs Are
News  |  11/28/2006  | 
New data from White Hat reveals vulnerabilities in major Web-based applications
Spam Victims Get the Picture
News  |  11/28/2006  | 
Vendors warn of growing threat of spam embedded with image files that circumvent filters
Mu Finds Vulnerability
News  |  11/28/2006  | 
Mu identifies pre-authentication vulnerability in Mac OS X kernel PPP driver
Looking Over the Overlooked
News  |  11/27/2006  | 
Some honorable mentions that didn't make our 'Top 10 Most Overlooked Aspects of IT Security' story
Startup to Take Measure of Security
News  |  11/27/2006  | 
Errata will security-test and certify software and managed security services
McAfee Offers Program
News  |  11/27/2006  | 
McAfee announced that it is offering special incentives to customers of IBM Internet Security Systems to switch to McAfee solutions
Online Shopping to Soar
News  |  11/27/2006  | 
Record shopping expected online this holiday, and Sophos urges surfers to play it safe
Symantec Releases 360
News  |  11/22/2006  | 
Symantec launched the public beta of its new all-in-one consumer security service
The End of Password Post-Its
News  |  11/22/2006  | 
Milliman's new federated identity management architecture protects user IDs, simplifies client interaction
Video: The New Attack Frontier
News  |  11/21/2006  | 
Attackers are starting to send their payload by video
Researchers Bugging Oracle
News  |  11/21/2006  | 
Researchers are giving Oracle database customers an early Christmas gift - a zero-day bug a day for one week
ESET, Matrix Games Team
News  |  11/21/2006  | 
ESET NOD32 offers continuous, unobtrusive protection to reverse trend of gamers disabling antivirus protection
F5, Secure Computing Team
News  |  11/20/2006  | 
F5 Networks and Secure Computing Corporation jointly announced the industry's first reputation-based network edge security module
Hackers Train Sights on Vista, Forefront
News  |  11/20/2006  | 
Despite all advance testing, hackers aren't worried Microsoft's new security products will cut into their livelihood
Data That Doesn't Drip... Drip... Drip...
News  |  11/20/2006  | 
With mobile users and an increase in targeted attacks, it's time to reassess your risk of data seepage
Security's One-Man Bands
News  |  11/19/2006  | 
They say no man is an island, but a lot of security pros get pretty dang close
Swisscom Mobile Deploys ArcSight
News  |  11/19/2006  | 
Swisscom Mobile deploys ArcSight to detect viruses and malware
IBM Adds Antivirus Features
News  |  11/19/2006  | 
IBM Internet Security Systems expands desktop protection with additional antivirus and anti-spyware features
The 10 Most Dangerous Things Users Do Online
News  |  11/17/2006  | 
If your end users only knew how much damage they could cause when they - well, maybe you should send them this article
It's About Time
News  |  11/17/2006  | 
Dark Reading's latest reader survey asks how you'd like to spend your day - and how you actually do
F-Secure Offers Mobile Security
News  |  11/16/2006  | 
F-Secure announced the launch of its latest mobile product, called F-Secure Mobile Security
Study: SQL Server Is Safest DB
News  |  11/16/2006  | 
Research finds significantly fewer vulnerabilities in SQL Server database than in Oracle
Ex-IT Chief Busted for Hacking
News  |  11/16/2006  | 
Could former security-privileged employees be targeting your environment as well?
ScanSafe: Online Gambling Up
News  |  11/16/2006  | 
ScanSafe released its latest Global Threat Report on Web and instant messaging (IM), spyware and Web viruses
White Hat to Provide Risk Report
News  |  11/15/2006  | 
WhiteHat announced the availability of its inaugural Web Application Security Risk Report
Zero-Days Top 2006 Attack List
News  |  11/15/2006  | 
Attackers' fondest desire is to develop an exploit that hasn't been patched yet, experts say
From Script Kiddie to CTO
News  |  11/15/2006  | 
eEye co-founder, CTO and chief hacking officer Marc Maiffret talks phreaking, FBI raids, and zero-day attacks
Jury's Out on Email Scrutiny
News  |  11/15/2006  | 
Securities firms claim email surveillance lets them better stay on top of risk exposure, but is it really that effective?
ESET, Tri Synergy Team Up
News  |  11/15/2006  | 
ESET and Tri Synergy, a computer and video game co-publishing company, announced the formation of a strategic alliance
Agnitum Licenses Outpost
News  |  11/14/2006  | 
Bullguard and CAT are licensing award-winning Outpost firewall technology from the computer security experts at Agnitum
FTC Hammers on Freeware Distributor
News  |  11/14/2006  | 
Federal Trade Commission shuts down company accused of distributing spyware with its free goodies
800-Pound Gorilla Sits on AV
News  |  11/14/2006  | 
Incumbent antivirus vendors try to sound nonchalant with Microsoft's Forefront Client in beta and Vista just a couple weeks away
ESET Upgrades Antivirus
News  |  11/13/2006  | 
Version 2.7 of ESET's NOD32 Antivirus software offers support for Windows Vista and enhanced rootkit protection
Page 1 / 2   >   >>


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We need more votes, check the obituaries.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4889
PUBLISHED: 2021-01-26
IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.
CVE-2020-4949
PUBLISHED: 2021-01-26
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.
CVE-2021-21275
PUBLISHED: 2021-01-25
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...
CVE-2021-21272
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...