Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in December 2007
<<   <   Page 2 / 3   >   >>
Four in 10 IT Execs Call Their Networks Insecure
News  |  12/12/2007  | 
Email viruses and Internet downloads considered to be the greatest threat to network security for SMBs
Sipera Reveals Top Five VOIP Vulnerabilities
News  |  12/12/2007  | 
Remote eavesdropping and VOIP hopping, vishing, skype worm, and toll fraud threaten users, enterprises, and service providers
AppliCure Seeks N.A. Resellers of Its WAF
News  |  12/12/2007  | 
Applicure seeks North American channel partners for SANS-highlighted Web application firewall software
Arbor: 2008 Year of iPhone Hacks
News  |  12/11/2007  | 
The iPhone will be a primary target for hackers in 2008
Secure64 Touts DNS
News  |  12/11/2007  | 
Leading security researchers find Secure64 SourceT Micro OS immune to all known rootkits and malware
Study: Personal Data Exposed Frequently
News  |  12/11/2007  | 
Eighty-five percent of privacy and security professionals say a reportable data breach occurred in their organizations in the last year
Small Businesses Feel Security's Burn
News  |  12/11/2007  | 
Nearly one third of SMBs have experienced system compromise in the past year, study says
Ask.com Won't Tell
Quick Hits  |  12/11/2007  | 
New privacy control feature in search engine lets users ensure their requests get automatically purged, not stored
IBM Rolls Out Tools for Safer Software
News  |  12/11/2007  | 
New IBM technologies help developers build safer software
Sophos Adds to Email Security and Control
News  |  12/11/2007  | 
Sophos debuts a powerful new weapon in the fight against spam
BitDefender Antivirus 2008 Gets Certified
News  |  12/11/2007  | 
Polymorphic file infectors and rampant false positives keep half of entrants uncertified
Abaca Provides Email Protection for Higher Ed
News  |  12/11/2007  | 
Innovative anti-spam solution ensures campus-wide security with minimal IT support
Real Data in App Testing Poses Real Risks
News  |  12/10/2007  | 
Simulated or 'anonymized' data is a better option than exposing live data to outside sources
Success Through Automation
News  |  12/10/2007  | 
It's good to simplify repetitive processes, but be sure you keep security in mind
End Users Flout Enterprise Security Policies
News  |  12/10/2007  | 
Separate studies show many users understand rules, but they break them anyway
Study: Users Have False Sense of Security
Quick Hits  |  12/10/2007  | 
Over 90% think they're pretty safe on the Internet, but about half of them are at risk, Verizon says
MessageLabs Announces Annual Report
News  |  12/10/2007  | 
Report highlights how 2007 has been a year of diversity due to the vast number of tactics, techniques, and Trojans entering the security market
Finjan Identifies New Genre of Crimeware Trojans
News  |  12/10/2007  | 
In Web security trends report, Finjan explores 'Trojan 2.0' attacks that utilize regular Web 2.0 technology to exploit legitimate Web services
Cenzic Integrates VMWare
News  |  12/10/2007  | 
Cenzic introduces automated security assessment of Web applications in production through virtualization
Klocwork Partners With Japanese Firm
News  |  12/10/2007  | 
CEC to provide Klocwork's products and services through its PROVEQ Source Code Verification Brand
DOE Lab Break-in May Be Tip of the Iceberg
News  |  12/7/2007  | 
Data breach at Oak Ridge National Laboratory part of a series of cyberattacks - possibly out of China - on US laboratories and institutions
Server-Jacking
News  |  12/7/2007  | 
Don't forget to secure your server hardware in case of physical theft
AV Gets a Facelift
News  |  12/7/2007  | 
New features such as whitelisting take the spotlight in next generation of endpoint protection products
Lessons From High School
News  |  12/7/2007  | 
Old-school, no-tech mistakes can lead to data leakage
Vendor Threatens Secunia With Legal Action if It Reports Bug
Quick Hits  |  12/7/2007  | 
Autonomy says vulnerability already fixed, Secunia says it's not
Websense Predicts Top 10 Threats for '08
News  |  12/6/2007  | 
Olympics, online advertisements, and Web 2.0 threats top hacker's to-do lists
Peering Inside the IRC Botnet
News  |  12/6/2007  | 
New report by Chinese and German researchers provides bird's eye view of how an Internet Relay Chat botnet operates
BitDefender Gets $7M for Expansion
News  |  12/6/2007  | 
BitDefender receives funding to support global expansion and advance leadership position in antivirus software and data security
Avinti Sees Surge in Blended Threat Emails
News  |  12/6/2007  | 
NEWT blocks email attacks that link to Web-based malware
'Prevention' Can Give Hackers a Shot in the Arm
News  |  12/6/2007  | 
Intrusion prevention systems may help attackers to evolve
Better-Behaved AV Testing
News  |  12/5/2007  | 
The newly formed Anti-Malware Testing Working Group will determine how best to conduct behavioral tests
Ranum's Wild Security Ride
News  |  12/5/2007  | 
Marcus Ranum dispels firewall myths, revives Medieval horsemanship, and rants about researchers
US Air Force Selects Cigital
News  |  12/5/2007  | 
Air Force selects Cigital to provide expert guidance in software assurance
Calyptix Adds to Sales & Development
News  |  12/5/2007  | 
Calyptix builds staff to meet market demand
Shavlik Names New CTO
News  |  12/5/2007  | 
Shavlik Technologies announced the appointment of Eric Schultze to the position of chief technology officer
WhiteHat Rolls Out Sentinel SE
News  |  12/4/2007  | 
New addition to WhiteHat Sentinel family provides broad access to Web application security for enterprise and PCI 6.6 customers
Grisoft Buys Exploit Prevention Labs
News  |  12/4/2007  | 
Grisoft acquires Exploit Prevention Labs, developer of LinkScanner safe surfing technology
TJX Settles With Banks for $41 Million
News  |  12/4/2007  | 
More than 100 million account records were breached, retail giant reveals
MU Security Adds Experts to Advisory Board
News  |  12/4/2007  | 
Addition of Byres Security CTO Eric Byres and Neohapsis CTO Greg Shipley complements existing board's experience
Microsoft's Wireless Keyboard Hacked
News  |  12/4/2007  | 
Researchers crack encryption, 'own' 27MHz keyboards
DARPA Looking for a Few Good Networks
Quick Hits  |  12/4/2007  | 
Defense Advanced Research Projects Agency seeks network security proving ground for cyberwar tactics
IronPort Releases '07 Trends, '08 Predictions
News  |  12/3/2007  | 
IronPort reports on spam, viruses, and malware highlights trends of 2007 and predictions for 2008
Old Worm Rebounds in Sophos Top 10
News  |  12/3/2007  | 
Rise of old-timer indicates too many users failing to protect their systems
eIQ Achieves Profitability in Q2
News  |  12/3/2007  | 
eIQnetworks achieves profitability and record growth for Q2, fiscal 2008
Study Reveals Overlooked Sources of Leaks
News  |  12/3/2007  | 
After you've secured your electronic perimeter, it's time to check the copier and the front door, ISF report says
Social-Engineering Employees
News  |  12/3/2007  | 
A financial institution's accommodating employees let 'bad guys' in the door, into the conference room, and onto their machines with U3 thumb drives
New DNS Technology Flags Bad Guys Before They Act
News  |  12/3/2007  | 
DNSstuff has filed for a patent for the new security technology
Is It Time to Revisit Your Breach Response Plan?
News  |  12/3/2007  | 
Response to sensitive-data breaches should involve legal, PR departments
Tapping Hackers' 'Phones'
Quick Hits  |  12/3/2007  | 
By indexing IRC traffic, startup threatens privacy on hackers' favorite communications network
Kaspersky Releases Malware Evolution Report
News  |  12/3/2007  | 
Report highlights inner workings of a Kaspersky Lab virus investigation
<<   <   Page 2 / 3   >   >>


Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18198
PUBLISHED: 2019-10-18
In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753.
CVE-2019-18197
PUBLISHED: 2019-10-18
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclo...
CVE-2019-4409
PUBLISHED: 2019-10-18
HCL Traveler versions 9.x and earlier are susceptible to cross-site scripting attacks. On the Problem Report page of the Traveler servlet pages, there is a field to specify a file attachment to provide additional problem details. An invalid file name returns an error message that includes the entere...
CVE-2019-13545
PUBLISHED: 2019-10-18
In Horner Automation Cscape 9.90 and prior, improper validation of data may cause the system to write outside the intended buffer area, which may allow arbitrary code execution.
CVE-2019-13541
PUBLISHED: 2019-10-18
In Horner Automation Cscape 9.90 and prior, an improper input validation vulnerability has been identified that may be exploited by processing files lacking user input validation. This may allow an attacker to access information and remotely execute arbitrary code.