Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in November 2007
Page 1 / 3   >   >>
China Dismisses McAfee Cybercrime Findings
Quick Hits  |  11/30/2007  | 
Chinese official says China is the victim, not the aggressor
AV Vendor Adopts 'Herd' Intelligence
News  |  11/30/2007  | 
Panda Security on Monday will roll out new anti-malware solution that analyzes new malware 'in the cloud' rather than in the lab
When Projects Cause Security Failures
News  |  11/30/2007  | 
Some tips on how to balance the day-to-day and big projects in security
BitDefender Intros Nov. Top 10 Malware
News  |  11/29/2007  | 
November's list reveals trend toward lower-profile malware
FBI Nabs Eight in Second 'Bot Roast'
News  |  11/29/2007  | 
Bots totaled more than $20M in losses and harnessed more than a million PCs, feds say
Insecure Software Costs US $180B per Year
News  |  11/29/2007  | 
'Vulnerability tax' might be the answer, says SANS instructor and security expert David Rice
What's Behind Non-Compliance?
News  |  11/28/2007  | 
New study shows that many employees still don't know about critical policies - or believe those policies will be enforced
Free Qualys Security Scan Available
News  |  11/28/2007  | 
Free Qualys Security Scan available for the new SANS Top 20
Charity Hacker Used Employee Password
Quick Hits  |  11/28/2007  | 
Attacker who stole data from 92 charities had a valid password from their shared service provider
Akonix Tracks New IM Attacks
News  |  11/28/2007  | 
Akonix responds to complex botnets and criminal IM activity with aggressive policy updates
Client, Application Flaws Top SANS Vulnerability List
News  |  11/27/2007  | 
Gullible users, untrained developers are helping to make life easier for hackers, annual study says
Trust Digital Issues Holiday Smartphone Tips
News  |  11/27/2007  | 
Trust Digital: Smartphone stocking stuffers make IT departments suffer
Spam for the Holidays
Quick Hits  |  11/27/2007  | 
New pump-and-dump scheme decks email's halls with holiday-related messages
Core Security Discovers Vulnerability in Lotus Notes
News  |  11/27/2007  | 
Users vulnerable to attack when viewing corrupt Lotus 1-2-3 file attachments
Secure Computing Upgrades Portal
News  |  11/27/2007  | 
Secure Computing unveils the new TrustedSource.org
UK Retail Giant Breached by Insider
Quick Hits  |  11/26/2007  | 
Call center operator may have stolen credit card information from many customers at online giant Tesco
CompTIA: Spyware Problems Rise
News  |  11/26/2007  | 
Worms, viruses, browser-based attacks down
Cenzic Announces Record Growth for 2007
News  |  11/26/2007  | 
Cenzic announces record growth, prestigious awards, excellent product ratings
Webroot Merges With SaaS Firm Email Systems
News  |  11/26/2007  | 
Webroot moves aggressively to extend enterprise security capability - merges with SAAS firm Email Systems
UK Government Breach Exceeds Original Estimates
News  |  11/26/2007  | 
Officials may have lost eight more storage disks containing personal information on British citizens
The Right Stuff
News  |  11/26/2007  | 
An inexperienced systems administrator, combined with outdated Web apps, is a recipe for disaster
Buffer Overflows Are Top Threat, Report Says
News  |  11/26/2007  | 
Research data says buffer overflow bugs outnumber Web app vulnerabilities, and some severe Microsoft bugs are on the decline
BitDefender Products Sold at OfficeMax
News  |  11/25/2007  | 
BitDefender Internet security and antivirus products now available throughout the US at OfficeMax
Rethinking Desktop Security
News  |  11/21/2007  | 
New and built-in security technologies could soon make the PC safer than ever
Cybercriminals Ready for Banner Holiday Shopping Season
News  |  11/21/2007  | 
Black Friday and Cyber Monday will kick off a record run for online fraudsters, researchers say
Sophos: Trojan Spreads Wiretapping Scare
News  |  11/20/2007  | 
Emails from a private investigator lead to malware infection
Goodbye, Mr. CISSP
News  |  11/20/2007  | 
Losing a member of your security team is always tough, but good documentation can help ease the pain
Researchers Thankful for New Paypal Policy
Quick Hits  |  11/20/2007  | 
Immunity from legal action for researchers who follow site's responsible disclosure procedures
Phishers Steal DOJ's Identity
Quick Hits  |  11/20/2007  | 
New spam-based exploits also operate under guise of Better Business Bureau
MEGA International Acquires Control Metrics
News  |  11/19/2007  | 
MEGA International acquires Control Metrics, pioneer of internal control management systems
Working-Class SIM
News  |  11/19/2007  | 
After years of targeting the largest enterprises, netForensics goes where no security information management vendor has gone before: the mid-sized business
DNS Servers in Harm's Way
News  |  11/19/2007  | 
Security of Internet-facing Domain Name Service (DNS) servers often overlooked
UK Government in Uproar Following Data Loss
News  |  11/19/2007  | 
Misplaced disks contained personal information on 25 million taxpayers
The Aftermath of Identity Theft
Quick Hits  |  11/19/2007  | 
Loss of personal information continues to increase; stolen data often used to open lines of credit
Responsible Response
News  |  11/19/2007  | 
Responsible disclosure is one thing, but how do you respond when you're informed of a possibly compromised machine or vuln in your apps?
Risky Behavior Rises With Confidence
News  |  11/19/2007  | 
Trend Micro Internet Confidence and Safety Survey reveals consumer confidence in the Internet is on the rise in U.S. and Japan
Sentrigo Fights SQL Injection on Databases
News  |  11/19/2007  | 
Sentrigo announces new technique to combat zero-day SQL injection attacks on databases
Bank Implements Fraud Detection Solution
News  |  11/18/2007  | 
Skipton banks on Compliance Alert for AML and fraud detection
eIQnetworks Joins PCI Security Standards Council
News  |  11/18/2007  | 
Leading provider of integrated security, risk and audit management brings expertise to payment card industry standards body
Botnets: Whose Fault Are They?
News  |  11/16/2007  | 
Everybody's blaming somebody - and it isn't helping anybody
Financial Consulting Firm Fixes Security Flaws
News  |  11/16/2007  | 
InCharge Institute of America runs F5 Networks's BIG-IP Application Security Manager to shore up security
SecureMac, Tri Synergy Partner
News  |  11/15/2007  | 
Tri Synergy will now be publishing and distributing MacScan, SecureMac's cutting edge anti-spyware software for Macintosh computers
Incident Response Means Knowing Your Data
News  |  11/15/2007  | 
To keep data safe and protect forensic evidence, first responders must know how users operate
Many Retailers Open to Wireless Attacks
News  |  11/15/2007  | 
Penetration tests show that half of wireless networks at major mall stores could be easily hacked
MX Logic: Spam Levels to Spike Another 50%
News  |  11/15/2007  | 
New delivery methods and malware payloads strengthen impact of spam surge
Mirage NAC Stops Storm Worm & Variants
News  |  11/15/2007  | 
Mirage Networks stops Storm worm and variants that render other NAC solutions ineffective
Half Say They Piggyback on Others' WiFi
News  |  11/15/2007  | 
More than 50% of people polled admit they have stolen WiFi Internet access
Jilted Lover Jailed for Internet Monitoring
Quick Hits  |  11/15/2007  | 
The long arm of Texas law is cracking down on Internet, email spying
Life on the Fast Track
News  |  11/14/2007  | 
There's something to be said for applying experience and education to technology change, especially when it comes to security
Sophos Unveils Enhanced Email Security Appliance
News  |  11/14/2007  | 
Sophos email appliances set a new standard in efficient security management
Page 1 / 3   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41617
PUBLISHED: 2021-09-26
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with gro...
CVE-2021-3830
PUBLISHED: 2021-09-26
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.