Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in November 2007
Page 1 / 3   >   >>
China Dismisses McAfee Cybercrime Findings
Quick Hits  |  11/30/2007  | 
Chinese official says China is the victim, not the aggressor
AV Vendor Adopts 'Herd' Intelligence
News  |  11/30/2007  | 
Panda Security on Monday will roll out new anti-malware solution that analyzes new malware 'in the cloud' rather than in the lab
When Projects Cause Security Failures
News  |  11/30/2007  | 
Some tips on how to balance the day-to-day and big projects in security
BitDefender Intros Nov. Top 10 Malware
News  |  11/29/2007  | 
November's list reveals trend toward lower-profile malware
FBI Nabs Eight in Second 'Bot Roast'
News  |  11/29/2007  | 
Bots totaled more than $20M in losses and harnessed more than a million PCs, feds say
Insecure Software Costs US $180B per Year
News  |  11/29/2007  | 
'Vulnerability tax' might be the answer, says SANS instructor and security expert David Rice
What's Behind Non-Compliance?
News  |  11/28/2007  | 
New study shows that many employees still don't know about critical policies - or believe those policies will be enforced
Free Qualys Security Scan Available
News  |  11/28/2007  | 
Free Qualys Security Scan available for the new SANS Top 20
Charity Hacker Used Employee Password
Quick Hits  |  11/28/2007  | 
Attacker who stole data from 92 charities had a valid password from their shared service provider
Akonix Tracks New IM Attacks
News  |  11/28/2007  | 
Akonix responds to complex botnets and criminal IM activity with aggressive policy updates
Client, Application Flaws Top SANS Vulnerability List
News  |  11/27/2007  | 
Gullible users, untrained developers are helping to make life easier for hackers, annual study says
Trust Digital Issues Holiday Smartphone Tips
News  |  11/27/2007  | 
Trust Digital: Smartphone stocking stuffers make IT departments suffer
Spam for the Holidays
Quick Hits  |  11/27/2007  | 
New pump-and-dump scheme decks email's halls with holiday-related messages
Core Security Discovers Vulnerability in Lotus Notes
News  |  11/27/2007  | 
Users vulnerable to attack when viewing corrupt Lotus 1-2-3 file attachments
Secure Computing Upgrades Portal
News  |  11/27/2007  | 
Secure Computing unveils the new TrustedSource.org
UK Retail Giant Breached by Insider
Quick Hits  |  11/26/2007  | 
Call center operator may have stolen credit card information from many customers at online giant Tesco
CompTIA: Spyware Problems Rise
News  |  11/26/2007  | 
Worms, viruses, browser-based attacks down
Cenzic Announces Record Growth for 2007
News  |  11/26/2007  | 
Cenzic announces record growth, prestigious awards, excellent product ratings
Webroot Merges With SaaS Firm Email Systems
News  |  11/26/2007  | 
Webroot moves aggressively to extend enterprise security capability - merges with SAAS firm Email Systems
UK Government Breach Exceeds Original Estimates
News  |  11/26/2007  | 
Officials may have lost eight more storage disks containing personal information on British citizens
The Right Stuff
News  |  11/26/2007  | 
An inexperienced systems administrator, combined with outdated Web apps, is a recipe for disaster
Buffer Overflows Are Top Threat, Report Says
News  |  11/26/2007  | 
Research data says buffer overflow bugs outnumber Web app vulnerabilities, and some severe Microsoft bugs are on the decline
BitDefender Products Sold at OfficeMax
News  |  11/25/2007  | 
BitDefender Internet security and antivirus products now available throughout the US at OfficeMax
Rethinking Desktop Security
News  |  11/21/2007  | 
New and built-in security technologies could soon make the PC safer than ever
Cybercriminals Ready for Banner Holiday Shopping Season
News  |  11/21/2007  | 
Black Friday and Cyber Monday will kick off a record run for online fraudsters, researchers say
Sophos: Trojan Spreads Wiretapping Scare
News  |  11/20/2007  | 
Emails from a private investigator lead to malware infection
Goodbye, Mr. CISSP
News  |  11/20/2007  | 
Losing a member of your security team is always tough, but good documentation can help ease the pain
Researchers Thankful for New Paypal Policy
Quick Hits  |  11/20/2007  | 
Immunity from legal action for researchers who follow site's responsible disclosure procedures
Phishers Steal DOJ's Identity
Quick Hits  |  11/20/2007  | 
New spam-based exploits also operate under guise of Better Business Bureau
MEGA International Acquires Control Metrics
News  |  11/19/2007  | 
MEGA International acquires Control Metrics, pioneer of internal control management systems
Working-Class SIM
News  |  11/19/2007  | 
After years of targeting the largest enterprises, netForensics goes where no security information management vendor has gone before: the mid-sized business
DNS Servers in Harm's Way
News  |  11/19/2007  | 
Security of Internet-facing Domain Name Service (DNS) servers often overlooked
UK Government in Uproar Following Data Loss
News  |  11/19/2007  | 
Misplaced disks contained personal information on 25 million taxpayers
The Aftermath of Identity Theft
Quick Hits  |  11/19/2007  | 
Loss of personal information continues to increase; stolen data often used to open lines of credit
Responsible Response
News  |  11/19/2007  | 
Responsible disclosure is one thing, but how do you respond when you're informed of a possibly compromised machine or vuln in your apps?
Risky Behavior Rises With Confidence
News  |  11/19/2007  | 
Trend Micro Internet Confidence and Safety Survey reveals consumer confidence in the Internet is on the rise in U.S. and Japan
Sentrigo Fights SQL Injection on Databases
News  |  11/19/2007  | 
Sentrigo announces new technique to combat zero-day SQL injection attacks on databases
Bank Implements Fraud Detection Solution
News  |  11/18/2007  | 
Skipton banks on Compliance Alert for AML and fraud detection
eIQnetworks Joins PCI Security Standards Council
News  |  11/18/2007  | 
Leading provider of integrated security, risk and audit management brings expertise to payment card industry standards body
Botnets: Whose Fault Are They?
News  |  11/16/2007  | 
Everybody's blaming somebody - and it isn't helping anybody
Financial Consulting Firm Fixes Security Flaws
News  |  11/16/2007  | 
InCharge Institute of America runs F5 Networks's BIG-IP Application Security Manager to shore up security
SecureMac, Tri Synergy Partner
News  |  11/15/2007  | 
Tri Synergy will now be publishing and distributing MacScan, SecureMac's cutting edge anti-spyware software for Macintosh computers
Incident Response Means Knowing Your Data
News  |  11/15/2007  | 
To keep data safe and protect forensic evidence, first responders must know how users operate
Many Retailers Open to Wireless Attacks
News  |  11/15/2007  | 
Penetration tests show that half of wireless networks at major mall stores could be easily hacked
MX Logic: Spam Levels to Spike Another 50%
News  |  11/15/2007  | 
New delivery methods and malware payloads strengthen impact of spam surge
Mirage NAC Stops Storm Worm & Variants
News  |  11/15/2007  | 
Mirage Networks stops Storm worm and variants that render other NAC solutions ineffective
Half Say They Piggyback on Others' WiFi
News  |  11/15/2007  | 
More than 50% of people polled admit they have stolen WiFi Internet access
Jilted Lover Jailed for Internet Monitoring
Quick Hits  |  11/15/2007  | 
The long arm of Texas law is cracking down on Internet, email spying
Life on the Fast Track
News  |  11/14/2007  | 
There's something to be said for applying experience and education to technology change, especially when it comes to security
Sophos Unveils Enhanced Email Security Appliance
News  |  11/14/2007  | 
Sophos email appliances set a new standard in efficient security management
Page 1 / 3   >   >>


Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.