Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in November 2007
<<   <   Page 2 / 3   >   >>
Dissecting Malware
News  |  11/14/2007  | 
How to analyze code that's behaving badly or oddly
Researchers 'Spy' on Web Attackers
News  |  11/14/2007  | 
'Undercover' research finds banner ad/click-fraud, spam - and automated attacks - dominate
Litchfield: 500,000 Database Servers Have No Firewall
Quick Hits  |  11/14/2007  | 
UK security guru set to expose vulnerabilities in DB servers across the Web
Imperva CTO to Unveil New Web 2.0 Exploits
News  |  11/14/2007  | 
Imperva CTO Amichai Shulman to present at AppSec 2007 Conference
New 'Safer' Social Networking Site Debuts
News  |  11/14/2007  | 
Zubby.com heralds new approach to Social Networking, eschews music for maturity
ESET Adds Linux Support
News  |  11/14/2007  | 
ESET introduces malware protection for enterprise and SMB Linux environments
Report: Korean Execs Stole $1.8B in Trade Secrets
News  |  11/13/2007  | 
Company leaders allegedly defected to rival company with 900 documents loaded onto USB drives
Shavlik Integrates Patch Management With VMware
News  |  11/13/2007  | 
Shavlik patch management now available for VMware customers
Antivirus, IDS/IPS Tools Can Be Used for Attacks
Quick Hits  |  11/13/2007  | 
Little-known vulnerabilities in AV, host-based IDS/IPS can be used by attackers to bypass the tools
IBM Upgrades Watchfire Web App Scanning Tool
News  |  11/13/2007  | 
New IBM security scanning software protects businesses from hackers
BitDefender Now Supports Linux
News  |  11/12/2007  | 
BitDefender approved for compliance with Linux operating systems
IBM Adds CSRF Scanning to Watchfire Tool
News  |  11/12/2007  | 
AppScan Standard Edition 7.7 is designed for QA and IT pros as well as security experts, and tests for cross-site request forgery bugs
It Takes One to Know One
News  |  11/12/2007  | 
Thanks to a bit of paranoia, attack on ha.ckers.org is fended off
ID Thief Admits Using Botnets to Steal Data
News  |  11/12/2007  | 
Man pleads guilty to four felonies, admits building botnets as large as 250,000 nodes
Visa Gave TJX a Pass on PCI in 2005
Quick Hits  |  11/12/2007  | 
Retailer got some slack on security compliance - and got hacked in the interim
Spam Jumps in September
News  |  11/12/2007  | 
Thousands of college PCs turned into zombies according to St. Bernard's Threat Center
DDOS Defense Tool Debuts
News  |  11/12/2007  | 
CloudShield protects e-commerce sites during holiday shopping seasons
Verdasys Upgrades DLP
News  |  11/12/2007  | 
Verdasys announced the general availability of Digital Guardian 5
Agiliance, Oracle Partner on Risk Assessment
News  |  11/11/2007  | 
Agiliance announced that it has joined the Oracle PartnerNetwork
App Security's Evolution
News  |  11/9/2007  | 
Combination of run-time vulnerability scanning and detailed code analysis could help close gaps in apps
The World's Biggest Botnets
News  |  11/9/2007  | 
What makes three of today's largest botnets tick, what they're after - and a peek at the 'next' Storm
Upstart Vendor Promises Compliance, Risk Management
News  |  11/9/2007  | 
Securityworks software can prescribe compliance controls, monitor security posture, and help set IT priorities
Grand Jury Busts 17 in Internet Crime Ring
Quick Hits  |  11/8/2007  | 
Two-year investigation uncovers 95,000 stolen credit cards and more than $4 million in fraud
Cisco: Federal IT Worried About Security
News  |  11/8/2007  | 
Federal IT decision makers report lower confidence in security
Honeynet Project: Attackers Know Where You Live
News  |  11/7/2007  | 
Bad guys find ways to make Web exploits more efficient, targeted, and lucrative, new report says
Trustix Intros Free Firewall for Enterprises
News  |  11/7/2007  | 
Trustix Enterprise Firewall delivers free security for enterprise networks
What You Don't Know About ID Fraud
Quick Hits  |  11/7/2007  | 
New study of real fraud cases debunks myths, theories about identity theft
Half of Cos. Block Social Networking Sites
News  |  11/7/2007  | 
MySpace and Facebook are targets of Web surfing restrictions at work
Thousands Scammed by Online Ads
News  |  11/7/2007  | 
SecureWorks reports: Hackers scam thousands of PC users through online ads touting rogue antispyware
DuPont Data Thief Sentenced to 18 Months
News  |  11/7/2007  | 
Gary Min must also pay fine, restitution after stealing $400M in trade secrets from chemical giant
Phoenix Launches Secure Hypervisor Platform
News  |  11/7/2007  | 
New platform from Phoenix will transform the user experience with new levels of security, reliability, ease of use, and low power consumption
Asierus Adds Fortinet for Virtualized Managed Security
News  |  11/6/2007  | 
Leading MSSP and its customers benefit from unified threat management protection in a virtualized model
Symantec Seals $350M Acquisition of Vontu
News  |  11/6/2007  | 
Mega-buyout is part of vendor's roadmap toward 'information-centric' security strategy, execs say
Maverick Reports Threat to US Power Grid
News  |  11/6/2007  | 
Simulated cyberattack shows hackers blasting away at the US power grid
Tizor, Vericept, Protegrity, Protiviti Host Webinar
News  |  11/5/2007  | 
Vericept, Protegrity, and Protiviti join Tizor for Webinar on developing the right data security strategy to address both risk and regulations
Mu Security Upgrades Analyzer Appliance
News  |  11/5/2007  | 
Cox Communications adds use cases
F-Secure Supplies GM Dealer Equipment
News  |  11/5/2007  | 
General Motors Dealer Equipment protects US dealerships with F-Secure
The Devils in the Design
News  |  11/5/2007  | 
Are your software developers sabotaging your company's application code? How do you know?
Learning From Tylenol
News  |  11/5/2007  | 
Are you prepared for your next security crisis? Learn these lessons before you hit the panic button
Trend Micro Rolls Out Mobile Security
News  |  11/5/2007  | 
Trend Micro announces all-in-one enterprise security for mobile devices
BMC Selects Klocwork
News  |  11/5/2007  | 
Klocwork integration with Microsoft Visual Studio enables BMC developers to analyze source code at the desktop
Why Cops Can't Catch Cybercriminals
Quick Hits  |  11/5/2007  | 
Hurdles in digital forensics systems create obstacle for law enforcement, says top fed
Bots, Bots Everywhere
News  |  11/2/2007  | 
Implementing firewall rules at both the host and the perimeter could stop a lot of bot infections
Threats That Go 'Hack' in the Night
News  |  11/2/2007  | 
Some of these exploits are pretty scary in the daytime too
Healthcare Provider Adopts Next-Gen Firewall
News  |  11/2/2007  | 
Mercy Medical Center tightens up user access with Palo Alto Networks's PA-4000
NAC's Painful Realities
Quick Hits  |  11/2/2007  | 
Solving the endpoint security problem means cutting through the NAC hype, expert says
Spoofed Prez Candidate Sites Have Malware
News  |  11/1/2007  | 
Internet users fooled into downloading malware from spoofed presidential candidate Websites
Have You Got the Winning Bug?
Quick Hits  |  11/1/2007  | 
iDefense contest offers up to $12,000 for security bug plus exploit code
Archer Updates Risk Management Dashboard
News  |  11/1/2007  | 
Archer Technologies releases version 4.0 of the award-winning Archer SmartSuite framework
PDFs Led Malware Threats in Oct.
News  |  11/1/2007  | 
Malicious PDF files accounted for up to two thirds of infected email in three-day spam campaign
<<   <   Page 2 / 3   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-33035
PUBLISHED: 2021-09-23
Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the all...
CVE-2021-34767
PUBLISHED: 2021-09-23
A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 (L2) loop in a configured VLAN, resulting in a denial of service (DoS) condition for that V...
CVE-2021-34768
PUBLISHED: 2021-09-23
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected dev...
CVE-2021-34769
PUBLISHED: 2021-09-23
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected dev...
CVE-2021-34770
PUBLISHED: 2021-09-23
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to execute arbitrary code with administrative privileges or cause a deni...