Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in December 2006
2007: Trouble Ahead
News  |  12/29/2006  | 
Dark Reading gives you the lowdown on the main security threats to look out for in '07
ESET Touts Advanced+ Rating
News  |  12/28/2006  | 
ESET's NOD32 receives Advanced+ rating from AV-comparatives
The Six Dirtiest Tricks of 2006
News  |  12/27/2006  | 
Dark Reading remembers six of the sneakiest exploits of the year, as rated by readers
SEC Exposes Online Fraudster
News  |  12/26/2006  | 
Estonian disguises his identity, uses stolen electronic IDs in classic 'pump and dump' scheme
VOIP More Vulnerable
News  |  12/20/2006  | 
Hear that? That's the sound of hackers starting to wield the latest VOIP hacking tools
Nike Bares Its Sole
News  |  12/20/2006  | 
New combination of running shoes with Apple iPod leaves joggers open to electronic surveillance
Building Trust
News  |  12/19/2006  | 
Security pros see the impact of security on business reputation, but many higher-level execs don't
Perimeter Suggests Resolutions
News  |  12/19/2006  | 
While AI has come a long way, computer users are still the ones charged with security of their data, networks, and computers
Spam Service Shuttered
News  |  12/19/2006  | 
The last vestiges of old-school spam techniques signed off today with the demise of the Open Relay Database (ORDB)
An Apple (Bug) a Day
News  |  12/19/2006  | 
Happy New Year from your favorite hackers
Vulnerability Tools Get Teeth
News  |  12/18/2006  | 
Vulnerability assessment tools are merging with configuration management, penetration testing, and even NAC
Marshal Attacks Spam
News  |  12/18/2006  | 
Marshal announces a successful first year of independent operation following its December 2005 management buy-out from NetIQ
Phishing Attacks on Rise
News  |  12/18/2006  | 
Cloudmark has seen a substantial increase in attacks on European banking brands, with increases of nearly 300% in a month in some cases
Risk Management's New Bell Curve
News  |  12/18/2006  | 
New report from McAfee points to need for insurance-like business model for IT security
Phishing Your Own Users
News  |  12/18/2006  | 
New anti-phishing upgrades raise the profile of client-side attacks
McAfee Protects USDA
News  |  12/18/2006  | 
McAfee has been selected to protect the US Department of Agriculture's messaging system from spam, phishing, spyware, and virus attacks
PHP Security Expert Quits
News  |  12/15/2006  | 
'Communications issues' cited as Stefan Esser resigns
'Not Much Resistance at the Door'
News  |  12/15/2006  | 
Website security hasn't improved much over the past year, according to a survey of Web app security pros
EEye Discovers Worm/Botnet
News  |  12/15/2006  | 
EEye Digital Security has discovered Big Yellow, a non-Microsoft-based malware that has both worm and botnet characteristics
Authentium Unveils ESP
News  |  12/14/2006  | 
Authentium announced availability of the Authentium Extensible Service Platform (ESP) for Enterprise
How Much Is That Exploit in the Window?
News  |  12/14/2006  | 
Researcher relays sticker prices for some of today's hottest hacks
IBM Intros Consulting Service
News  |  12/14/2006  | 
IBM announced a first-of-its-kind consulting service designed to measure the way businesses govern data
DNSstuff.com Adds Service
News  |  12/13/2006  | 
DNSstuff.com has launched a new membership option with enhanced tools
Startup Finds Phish in Browsers
News  |  12/13/2006  | 
New company could help banks, other service providers to warn users when they've been phished
nCircle Launches Trade-Up Program
News  |  12/12/2006  | 
nCircle announced a program for enterprises who want to upgrade their security program to include security risk and compliance management
F-Secure Goes Virtual
News  |  12/12/2006  | 
F-Secure announced the availability of its next-generation messaging security solutions, F-Secure Messaging Security Gateway appliance
Report: Phish Jump
News  |  12/12/2006  | 
The number of phishing sites grew dramatically from September to October, as phishers got savvier
Worms Get Smarter
News  |  12/12/2006  | 
A new generation of worm exploits hitting MySpace and other social net sites is using the latest in attack vectors. Why you should worry
Burton Announces Changes
News  |  12/12/2006  | 
Burton Group has released a three-part research series to help enterprise organizations build a full spectrum defense against malware
TRACE Reports Spam Surge
News  |  12/12/2006  | 
Phishing emails from Asia and holiday spam skyrocket
Open-Source NAC
News  |  12/11/2006  | 
PacketFence initiative offers public-domain alternative for network access control
Two Sides of Single Sign-On
News  |  12/11/2006  | 
The answer to password maintenance problems, or inherently insecure? Talk back to us
MIME Vulnerabilities Rear Up Again
News  |  12/8/2006  | 
Years after the ubiquitous email standard was developed, researchers are still finding security flaws in it
Credit Union Authenticates 'Bio-Rhythms'
News  |  12/8/2006  | 
New biometrics tool measures typing rhythms to authenticate users
Oracle Spurs Single Sign-On Surge
News  |  12/7/2006  | 
Venerable technology prepares for rebirth with emergence of cross-domain identity management technologies
CloudShield Stops Attack
News  |  12/7/2006  | 
CloudShield has helped stop a major DDOS attack aimed at EveryDNS
DNS Attacks on the Rise
News  |  12/6/2006  | 
The old reliable DNS server is becoming a popular target of botnets and other attacks
Bull Market for Cybercriminals
News  |  12/6/2006  | 
Fraudsters add online twists to time-tested stock and securities scams
Deck the Halls, Not the WAP
News  |  12/6/2006  | 
Those red and green decorations could give the blues to your wireless network
IBM Buys Into Security Compliance
News  |  12/5/2006  | 
Acquisition of Consul gives Big Blue a new weapon in match between enterprises and security auditors
Webroot Intros Small Biz Solution
News  |  12/5/2006  | 
Webroot announced the availability of Webroo SME Security
Arxceo Adds Excecs
News  |  12/5/2006  | 
Arxceo has opened offices in Atlanta and Tokyo
EEye Intros Web Tracker
News  |  12/4/2006  | 
EEye is offering the first vulnerability tracking site that focuses exclusively on zero-day vulnerabilities
DNS Service Under DDOS Attack
News  |  12/4/2006  | 
A stubborn distributed denial-of-service attack is hammering away at a free DNS service and has disrupted tens of thousands of its customers
Compliance Keys: Money, Monitoring
News  |  12/4/2006  | 
New study shows direct relationship between compliance success and security investment, monitoring
WatchGuard Adds UTM
News  |  12/3/2006  | 
WatchGuard Technologies has added UTM protection to its Firebox X Edge e-Series line of integrated security appliances
The Great Creeping Time-Suck
News  |  12/1/2006  | 
Peripheral tasks and distractions keep IT security people from doing their real jobs
Hacker Cuts Swath Through US Government Computers
News  |  12/1/2006  | 
Romanian man indicted for breaking into more than 150 federal government systems, violating live NASA data
Spying on Spyware
News  |  12/1/2006  | 
A new patent-pending antispyware technology 'listens' for spyware based on its network behavior
Kaspersky Posts Top Twenty
News  |  12/1/2006  | 
Kaspersky Labs posts virus Top Twenty for November 2006


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVE-2020-12525
PUBLISHED: 2021-01-22
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVE-2020-12511
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.