Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in February 2007
<<   <   Page 2 / 2
New Method Traps 'Fast' Worms
News  |  2/12/2007  | 
Penn State researchers devise new technique for ID, prevention of worm attacks
Sophos: Valentine's Spam Increases
News  |  2/12/2007  | 
Sophos reports that in the run-up to Valentine's Day, spam campaigns selling romantic gift continue to increase
McAfee: Malware Attacks on Rise
News  |  2/11/2007  | 
McAfee announced findings from new research that reveals mobile operators globally are experiencing more mobile malware attacks
Pirated Software's Problem
News  |  2/9/2007  | 
In developing nations, at least, illegal copies of software, music, and movies are riddled with malware
Encryption Set to Go Mainstream
News  |  2/9/2007  | 
Study: Data breaches, new laws drive enterprises to build encryption into infrastructure, processes
Are 'Sealed' Websites Any Safer?
News  |  2/9/2007  | 
Website seals are designed to make buyers feel safer. But are sites with seals really more secure?
DNSstuff.com Responds to Attacks
News  |  2/8/2007  | 
DNSstuff.com issued a warning and called for greater preparedness as a result of the recent attack targeting root servers
VeriSign Ups the DNS Ante
News  |  2/8/2007  | 
Tenfold capacity increase to DNS infrastructure, tighter security intended to blunt future DDOS attacks
VeriSign to Increase Capacity Tenfold
News  |  2/8/2007  | 
VeriSign announced a major initiative to expand and diversify the capacity of its global Internet infrastructure by ten times by 2010
Sophos Adds Mobile Security
News  |  2/8/2007  | 
Sophos announced the Sophos Mobile Security to protect organizations against the growing number of malware attacks aimed at Windows Mobile
IBM's Stealthy Security Play
News  |  2/8/2007  | 
After being acquired by IBM in August, ISS is doubling in size, tripling its customer pipeline, and laying the groundwork for a major security push by Big Blue, top exec says
Skype, Symantec Ink Deal
News  |  2/7/2007  | 
Skype announced a relationship to deliver PC security solutions to small office and home office Skype users for a secure PC environment
Third Brigade Expands in US
News  |  2/7/2007  | 
Third Brigade announced the addition of key systems integrators and resellers in New York, Washington, and Chicago
RSA Devices Open to Attack
News  |  2/7/2007  | 
AirDefense unveiled results from its wireless airwave monitoring on Tuesday, February 6 at the RSA Conference
DNS Attack: Only a Warning Shot?
News  |  2/7/2007  | 
Yesterday's DDOS attack on the Internet's DNS root servers may have been a trial run for a bigger attack
Symantec Licenses Liquid Machines
News  |  2/7/2007  | 
Symantec has licensed Liquid Machine's ERM technology as part of Symantec's Enterprise Vault content management, archival, and retrieval system
Symantec Reveals NAC Upgrades
News  |  2/6/2007  | 
Symantec has extended its Symantec NAC software with new features that enable enterprises to more easily enforce NAC across endpoints
Spirent Announces Test Solution
News  |  2/6/2007  | 
Spirent Communications announced the release of ThreatEx 2.50, which offers the most powerful security testing functionality available
Microsoft Vision Raises Questions
News  |  2/6/2007  | 
Past developments suggest that Microsoft's future security road may be a bumpy ride
It's All in Your Head
News  |  2/6/2007  | 
Sometimes spam is in the eye of the beholder
PayPal CSO: Phishing Threat Overstated
News  |  2/6/2007  | 
Chief security officer at one of phishers' favorite targets says phishing isn't among the top five threats to his company's bottom line
AppSecInc Debuts Security Suite
News  |  2/6/2007  | 
Application Security unveiled DbProtect, the industry's most comprehensive database security solution
Browsers Gone Bad
News  |  2/6/2007  | 
XSS can turn your desktop against you, and possibly even implicate you in malware creation
Grisoft Enhances Reseller Program
News  |  2/6/2007  | 
Grisoft announced an enhanced AVG Reseller Merit Program providing more benefits and revenue-building support
Third Brigade Upgrades HIPS
News  |  2/5/2007  | 
Third Brigade unveiled Deep Security 5 to detect and prevent known and zero-day attacks targeting mission critical servers
Attackers Take Trojans to the Bank
News  |  2/5/2007  | 
Rapidly mutating malware threatens to overwhelm its financial services targets
Color-Coding Web Searches
News  |  2/5/2007  | 
New ScanSafe Web filtering feature gives users the green light to visit sites in their search results, providing they are safe
Cisco to Integrate Security Tools
News  |  2/5/2007  | 
Cisco to announce it will unite individual point products, enhance its Self-Defending Network concept
nCircle Intros nTellect for McAfee
News  |  2/5/2007  | 
nCircle announces nTellect for McAfee IntruShield to identify and prioritize network attacks
On the Dark Side of ISP Nets
News  |  2/4/2007  | 
Arbor Networks's new Atlas service provides ISPs and enterprises with a global view of botnets, malware, and other threats
NAC: Can't Get No Satisfaction
News  |  2/2/2007  | 
Vendors prepare to shore up the shortcomings of network access control at RSA conference next week
RSA Preview: Shutting Down Insiders
News  |  2/2/2007  | 
With the insider threat on the rise, data leakage technology takes higher profile at show
Schneier: In Touch With Security's Sensitive Side
News  |  2/1/2007  | 
Security icon's latest work explores the psychology, brain chemistry of security
To Enter, Act Like Yourself
News  |  2/1/2007  | 
Behavior-based biometrics to ID you by the way you speak, type, move your mouse, and more
Sophos Unveils Top 10 Threats
News  |  2/1/2007  | 
Sophos revealed the most prevalent malware threats causing problems for computer users around the world during January 2007
McAfee Intros Mobile Security Risk Mgt
News  |  2/1/2007  | 
McAfee announced the launch of McAfee Mobile Security Risk Management
<<   <   Page 2 / 2


Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-35198
PUBLISHED: 2021-05-12
An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
CVE-2021-23872
PUBLISHED: 2021-05-12
Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOTL interface.
CVE-2021-23891
PUBLISHED: 2021-05-12
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense.
CVE-2021-23892
PUBLISHED: 2021-05-12
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitra...
CVE-2020-36289
PUBLISHED: 2021-05-12
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and fro...