Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in December 2006
2007: Trouble Ahead
News  |  12/29/2006  | 
Dark Reading gives you the lowdown on the main security threats to look out for in '07
ESET Touts Advanced+ Rating
News  |  12/28/2006  | 
ESET's NOD32 receives Advanced+ rating from AV-comparatives
The Six Dirtiest Tricks of 2006
News  |  12/27/2006  | 
Dark Reading remembers six of the sneakiest exploits of the year, as rated by readers
SEC Exposes Online Fraudster
News  |  12/26/2006  | 
Estonian disguises his identity, uses stolen electronic IDs in classic 'pump and dump' scheme
VOIP More Vulnerable
News  |  12/20/2006  | 
Hear that? That's the sound of hackers starting to wield the latest VOIP hacking tools
Nike Bares Its Sole
News  |  12/20/2006  | 
New combination of running shoes with Apple iPod leaves joggers open to electronic surveillance
Building Trust
News  |  12/19/2006  | 
Security pros see the impact of security on business reputation, but many higher-level execs don't
Perimeter Suggests Resolutions
News  |  12/19/2006  | 
While AI has come a long way, computer users are still the ones charged with security of their data, networks, and computers
Spam Service Shuttered
News  |  12/19/2006  | 
The last vestiges of old-school spam techniques signed off today with the demise of the Open Relay Database (ORDB)
An Apple (Bug) a Day
News  |  12/19/2006  | 
Happy New Year from your favorite hackers
Vulnerability Tools Get Teeth
News  |  12/18/2006  | 
Vulnerability assessment tools are merging with configuration management, penetration testing, and even NAC
Marshal Attacks Spam
News  |  12/18/2006  | 
Marshal announces a successful first year of independent operation following its December 2005 management buy-out from NetIQ
Phishing Attacks on Rise
News  |  12/18/2006  | 
Cloudmark has seen a substantial increase in attacks on European banking brands, with increases of nearly 300% in a month in some cases
Risk Management's New Bell Curve
News  |  12/18/2006  | 
New report from McAfee points to need for insurance-like business model for IT security
Phishing Your Own Users
News  |  12/18/2006  | 
New anti-phishing upgrades raise the profile of client-side attacks
McAfee Protects USDA
News  |  12/18/2006  | 
McAfee has been selected to protect the US Department of Agriculture's messaging system from spam, phishing, spyware, and virus attacks
PHP Security Expert Quits
News  |  12/15/2006  | 
'Communications issues' cited as Stefan Esser resigns
'Not Much Resistance at the Door'
News  |  12/15/2006  | 
Website security hasn't improved much over the past year, according to a survey of Web app security pros
EEye Discovers Worm/Botnet
News  |  12/15/2006  | 
EEye Digital Security has discovered Big Yellow, a non-Microsoft-based malware that has both worm and botnet characteristics
Authentium Unveils ESP
News  |  12/14/2006  | 
Authentium announced availability of the Authentium Extensible Service Platform (ESP) for Enterprise
How Much Is That Exploit in the Window?
News  |  12/14/2006  | 
Researcher relays sticker prices for some of today's hottest hacks
IBM Intros Consulting Service
News  |  12/14/2006  | 
IBM announced a first-of-its-kind consulting service designed to measure the way businesses govern data
DNSstuff.com Adds Service
News  |  12/13/2006  | 
DNSstuff.com has launched a new membership option with enhanced tools
Startup Finds Phish in Browsers
News  |  12/13/2006  | 
New company could help banks, other service providers to warn users when they've been phished
nCircle Launches Trade-Up Program
News  |  12/12/2006  | 
nCircle announced a program for enterprises who want to upgrade their security program to include security risk and compliance management
F-Secure Goes Virtual
News  |  12/12/2006  | 
F-Secure announced the availability of its next-generation messaging security solutions, F-Secure Messaging Security Gateway appliance
Report: Phish Jump
News  |  12/12/2006  | 
The number of phishing sites grew dramatically from September to October, as phishers got savvier
Worms Get Smarter
News  |  12/12/2006  | 
A new generation of worm exploits hitting MySpace and other social net sites is using the latest in attack vectors. Why you should worry
Burton Announces Changes
News  |  12/12/2006  | 
Burton Group has released a three-part research series to help enterprise organizations build a full spectrum defense against malware
TRACE Reports Spam Surge
News  |  12/12/2006  | 
Phishing emails from Asia and holiday spam skyrocket
Open-Source NAC
News  |  12/11/2006  | 
PacketFence initiative offers public-domain alternative for network access control
Two Sides of Single Sign-On
News  |  12/11/2006  | 
The answer to password maintenance problems, or inherently insecure? Talk back to us
MIME Vulnerabilities Rear Up Again
News  |  12/8/2006  | 
Years after the ubiquitous email standard was developed, researchers are still finding security flaws in it
Credit Union Authenticates 'Bio-Rhythms'
News  |  12/8/2006  | 
New biometrics tool measures typing rhythms to authenticate users
Oracle Spurs Single Sign-On Surge
News  |  12/7/2006  | 
Venerable technology prepares for rebirth with emergence of cross-domain identity management technologies
CloudShield Stops Attack
News  |  12/7/2006  | 
CloudShield has helped stop a major DDOS attack aimed at EveryDNS
DNS Attacks on the Rise
News  |  12/6/2006  | 
The old reliable DNS server is becoming a popular target of botnets and other attacks
Bull Market for Cybercriminals
News  |  12/6/2006  | 
Fraudsters add online twists to time-tested stock and securities scams
Deck the Halls, Not the WAP
News  |  12/6/2006  | 
Those red and green decorations could give the blues to your wireless network
IBM Buys Into Security Compliance
News  |  12/5/2006  | 
Acquisition of Consul gives Big Blue a new weapon in match between enterprises and security auditors
Webroot Intros Small Biz Solution
News  |  12/5/2006  | 
Webroot announced the availability of Webroo SME Security
Arxceo Adds Excecs
News  |  12/5/2006  | 
Arxceo has opened offices in Atlanta and Tokyo
EEye Intros Web Tracker
News  |  12/4/2006  | 
EEye is offering the first vulnerability tracking site that focuses exclusively on zero-day vulnerabilities
DNS Service Under DDOS Attack
News  |  12/4/2006  | 
A stubborn distributed denial-of-service attack is hammering away at a free DNS service and has disrupted tens of thousands of its customers
Compliance Keys: Money, Monitoring
News  |  12/4/2006  | 
New study shows direct relationship between compliance success and security investment, monitoring
WatchGuard Adds UTM
News  |  12/3/2006  | 
WatchGuard Technologies has added UTM protection to its Firebox X Edge e-Series line of integrated security appliances
The Great Creeping Time-Suck
News  |  12/1/2006  | 
Peripheral tasks and distractions keep IT security people from doing their real jobs
Hacker Cuts Swath Through US Government Computers
News  |  12/1/2006  | 
Romanian man indicted for breaking into more than 150 federal government systems, violating live NASA data
Spying on Spyware
News  |  12/1/2006  | 
A new patent-pending antispyware technology 'listens' for spyware based on its network behavior
Kaspersky Posts Top Twenty
News  |  12/1/2006  | 
Kaspersky Labs posts virus Top Twenty for November 2006

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Practical Network Security Approaches for a Multicloud, Hybrid IT World
The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-05-09
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
PUBLISHED: 2022-05-09
In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to tra...
PUBLISHED: 2022-05-08
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
PUBLISHED: 2022-05-08
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
PUBLISHED: 2022-05-08
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.