Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in November 2006
<<   <   Page 2 / 2
Centennial Unveils Tool
News  |  11/13/2006  | 
Centennial Software, developer of IT asset discovery and endpoint security solutions, today announced the availability of Security.Advisor
SurfControl Warns of Spoof
News  |  11/13/2006  | 
SurfControl warns Internet users of a malicious Trojan keylogger inside spoofed Adobe email message
Startups Push Security Management
News  |  11/13/2006  | 
Security management is the theme with two new startups that are launching this week
Ovum Warns of Risk
News  |  11/13/2006  | 
Security over VOIP: threat still unknown but risk very real, warns Ovum
Symantec Opens Phish Report
News  |  11/13/2006  | 
Symantec announced the opening of the Symantec Phish Report Network to consumers worldwide
Max Secure Unveils 2.0
News  |  11/12/2006  | 
Max Secure Software announced the unveiling of Max Spyware Detector 2.0, the world's fastest anti-spyware software
Phishing Continues Meteoric Rise
News  |  11/10/2006  | 
Phishing's chart is on a hockey-stick curve, and users are the ones getting pucked
'Hacker Safe': Safe for Hackers
News  |  11/10/2006  | 
Hackers are finding a home in 'Hacker Safe'-certified Websites
Authentium Rejects iDefense
News  |  11/9/2006  | 
Authentium rejected claims made by Virginia-based iDefense earlier this week that the antivirus industry had responded slowly to 'Stration'
There Ought to Be a Law
News  |  11/9/2006  | 
Even with Congressional shakeup, experts don't expect any fast moves on compliance or computer crime law
Qualys Launches PCI Platform
News  |  11/9/2006  | 
Launches the QualysGuard PCI On Demand platform
Attackers Exploiting New Windows Bug
News  |  11/9/2006  | 
Russian attackers are hammering away with this bug, but is this the first such attack?
The Truth About User Privileges
News  |  11/8/2006  | 
Denying your users full system privileges is in style
Shavlik Rolls Out 5.8
News  |  11/7/2006  | 
Shavlik Technologies announced the general availability of Shavlik NetChk Protect 5.8
E-Voting Hacks Facts
News  |  11/7/2006  | 
What every security pro should know about the potential for e-voting hackery
Malware, by the Script
News  |  11/7/2006  | 
Malicious scripts are yet another danger for Web apps, namely Web 2.0-based ones
Attention, Online Shoppers: Where R U?
News  |  11/7/2006  | 
Security worries are slowing online shopping and banking, but consumers should be afraid of that POS instead, Gartner says
Tumbleweed Intros AIF
News  |  11/7/2006  | 
Tumbleweed introduced its Adaptive Image Filtering (AIF) technology, specifically designed to combat the ever-increasing amount of image spam
A First Look Into the PhishTank
News  |  11/6/2006  | 
PhishTank's first monthly report shows the US as the main source of phishing exploits and lists the top ten ISPs hosting phishers
Microsoft Beckons to Early Adopters
News  |  11/6/2006  | 
Vista and Forefront are just around the corner, as customers weigh risks against maintaining the status quo
NAC-in-the-Box, Jump Up
News  |  11/6/2006  | 
Vernier, ConSentry launch improvements to their Network Access Control appliances
Let's Party Together
News  |  11/6/2006  | 
Disjointed efforts are a big reason why the criminals are winning
Sophos Unveils 'Dirty Dozen'
News  |  11/6/2006  | 
null
Anti-Spam's United Nations
News  |  11/3/2006  | 
StopSpam Alliance aims to bring regional anti-spam efforts together
Security Management in Flux
News  |  11/3/2006  | 
More integrated products mean tougher buying decisions and management challenges, CSI speaker says
Malware Pair Boosts Bots
News  |  11/2/2006  | 
The infamous Warezov/Stration and SpamThru are behind the latest mega-surge in spam and botnet activity, according to MessageLabs
Built-in Headaches
News  |  11/1/2006  | 
PC hardware vendors are building security capabilities into their systems, but those features may present compatibility problems for IT
When a Picture Paints a Thousand SSNs
News  |  11/1/2006  | 
As forensics investigators breathe down their necks, data thieves are getting more creative in hiding their booty
Kernel Bugs Come Marchin' In
News  |  11/1/2006  | 
Day one of the Month of Kernel Bugs is under way, and an Apple Mac OS X and wireless exploit kicks it off
<<   <   Page 2 / 2


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-32411
PUBLISHED: 2022-07-01
An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.
CVE-2022-32412
PUBLISHED: 2022-07-01
An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.
CVE-2022-34903
PUBLISHED: 2022-07-01
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
CVE-2022-32324
PUBLISHED: 2022-07-01
PDFAlto v0.4 was discovered to contain a heap buffer overflow via the component /pdfalto/src/pdfalto.cc.
CVE-2022-32325
PUBLISHED: 2022-07-01
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.