Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in May 2007
Page 1 / 2   >   >>
Guerrilla Storage
News  |  5/31/2007  | 
Hackers could use your computers to house their data, Symantec researchers say
Spamless in Seattle
News  |  5/31/2007  | 
My spam filter didn't get the memo
Beware of the Quiet Ones
News  |  5/31/2007  | 
Vulnerability report for '06 shows XSS still number one, but lesser-known bugs making inroads
Compromised Site Causes Trouble
News  |  5/31/2007  | 
Malicious Java Script makes user's browser download, execute Trojan
How to Stop Political Attacks
News  |  5/30/2007  | 
Experts advise users on how to defend themselves against cyber-terrorism, cyber wars, and hacktivism
Monty Python's Flying Backup
News  |  5/30/2007  | 
If all vendors' presentations were this funny, we'd invite them over more often
Finjan CTO to List Web Threats
News  |  5/30/2007  | 
Finjan CTO to list latest Web threats at Gartner IT Security Summit
Bug Disclosures Decline
News  |  5/30/2007  | 
The rate of vulnerabilities disclosed publicly has dropped drastically so far this year, but don't exhale yet
SecureMac Rolls Anti-Spyware Tool
News  |  5/30/2007  | 
SecureMac released MacScan 2.4.1, the latest version of the company's industry leading anti-spyware package for Macintosh computers
New Laws Don't Solve Global Problems
News  |  5/29/2007  | 
US, Germany advance legislation against spyware, spam - but can't do much to stop foreign exploits
Security With a Native Touch
News  |  5/29/2007  | 
Outsourcing overseas is a great idea, as long as a native-born local can bridge the cultural - and legal - gaps
Akonix Intros IM Security Appliance
News  |  5/29/2007  | 
Akonix addresses instant messaging security and compliance concerns of smaller businesses
FlexiSPY Spills BlackBerry Secrets
News  |  5/29/2007  | 
Vervata has released new versions of its controversial FlexiSPY mobile phone spy software
Webroot Cautions Online Betters
News  |  5/29/2007  | 
Webroot Software advises caution for online betters during Epsom Derby
New Security Suite on a USB Stick
News  |  5/29/2007  | 
Yoggie revolutionizes computer security by launching the world's first full security suite on a USB stick
Fed Workers Still in the Dark
News  |  5/27/2007  | 
Despite completing awareness courses, majority of government workers say they've never heard of key guidelines
Microsoft Takes Aim at Endpoint
News  |  5/25/2007  | 
Microsoft says Network Access Protection (NAP), SSL VPN gateway will play nicely together
NAC Vendors in the Hot Seat
News  |  5/24/2007  | 
Cisco, Microsoft shared the dais, and their thoughts on NAC, here yesterday at Interop
SophosLabs Launches 24-Hour Blog
News  |  5/24/2007  | 
Sophos announced the launch of a new security blog designed to provide breaking news, insight, and commentary on emerging security threats
New Spec Could Cut Phishing, Spam
News  |  5/23/2007  | 
IETF approves email signature standard pioneered by Yahoo!, Cisco
Open Source Pitfalls
News  |  5/23/2007  | 
Innovation abounds with open source, but some code gets left behind on a virtual compost heap
Startup to Ship Sweetened Honeypot
News  |  5/23/2007  | 
New, real-time, AI-based forensics appliance uses virtualized honeypot technology and interfaces with IDS/IPSes
Cisco, EMC Team on Fabric Encryption
News  |  5/23/2007  | 
Cisco unveils plans for switch fabric encryption, skeptical users may take some convincing
RTTS, SPI Dynamics Join Forces
News  |  5/23/2007  | 
RTTS announced its new strategic partnership with SPI Dynamics
Spyware Hides in Plain Sight
News  |  5/23/2007  | 
Those innocuous little toolbars could be leaking your corporate data
VoIPshield Security Suite Debuts
News  |  5/23/2007  | 
VoIPshield Systems a comprehensive set of VOIP security applications purpose-built to protect VOIP networks
Vendors Get Their NAC Together
News  |  5/22/2007  | 
Interoperability pact between Microsoft, TCG breaks down endpoint security barriers
Promisec Offers Free Audit
News  |  5/22/2007  | 
Promisec intros a service for VARs, allowing security product resellers to provide customers with insight into their security condition
Sourcefire, Insecure.org Team Up
News  |  5/22/2007  | 
Sourcefire and Insecure.org announced a licensing agreement for the parties to jointly develop open source vulnerability scanning technology
New Rules May Ease SOX Audits
News  |  5/21/2007  | 
Proposed guidelines could lower SOX costs, lessen auditors' influence
Bugs With No Bite
News  |  5/21/2007  | 
Microsoft, industry researchers say not all security vulnerabilities reported are exploitable
Many Governments Censor Internet Content
News  |  5/18/2007  | 
Filtering prevents many citizens from seeing what officials don't want them to see, study finds
Seven Habits of Highly Malicious Hackers
News  |  5/18/2007  | 
Interop session details the anatomy of a hacker attack, step-by-step
Spammers Stymie UK Email
News  |  5/17/2007  | 
British ISP forced to shut down Web mail service due to 'unpatchable' vulnerability
iDefense Offers Bucks for New Bugs
News  |  5/17/2007  | 
The latest zero-day bug-hunting contest goes after core Internet and intranet applications
Flaws Found in Airline Screening Process
News  |  5/16/2007  | 
Blinding insights to the glaringly obvious: GAO says passenger screening inefficient, may violate privacy rights
Microsoft Meets Xbox Hacker
News  |  5/16/2007  | 
At Blue Hat Security Briefings, hackers school Microsoft on threats
Exploit Prevention Labs Exploits Survey
News  |  5/16/2007  | 
Exploit Prevention Labs released the results of its April 2007 Exploit Prevalence Survey
IBM, Symantec Tackle Compliance
News  |  5/15/2007  | 
New tools and strategies promise to cut costs, speed projects; now they have to deliver
Up Close With David Maynor
News  |  5/15/2007  | 
The hacker talks tribe, Macbooks, and surprises in store for next Black Hat
Bumpy Road Ahead
News  |  5/15/2007  | 
We can't always anticipate security issues... But we can try
Invisible Things Comes to Light
News  |  5/15/2007  | 
Joanna Rutkowska gives the lowdown on what her new company will do
Sipera Viper Lab Finds VOIP Vulnerabilities
News  |  5/15/2007  | 
Sipera Viper Lab disclosed six threat advisories, and potential solutions, for SIP-based VOIP phones from Aastra, Polycom, and Snom
Data Privacy Assessment Service Launched
News  |  5/15/2007  | 
Fidelis Security Systems announced the availability of the FidelisProtect Data Privacy Assessment
BitDefender, Ingram Micro Team
News  |  5/14/2007  | 
BitDefender enters into distribution agreement with Ingram Micro Canada for antivirus software and data security solutions
Fortify Updates Rulepacks
News  |  5/14/2007  | 
Fortify Software announced the release of a major update to the Fortify Secure Coding Rulepacks
Profit-Minded Trojans
News  |  5/11/2007  | 
Majority of Trojan attacks now designed for financial gain, researchers say
Security Treadmill
News  |  5/11/2007  | 
Despite rapid change, many old security problems just keep coming back around
Mommy Guilt
News  |  5/10/2007  | 
Nothing says 'Happy Mother's Day' like a gift purchased from a spammer
California Hammers on E-Voting
News  |  5/10/2007  | 
Comprehensive audit and penetration test designed to end voters' fears about electronic voting
Page 1 / 2   >   >>


When It Comes To Security Tools, More Isn't More
Lamont Orange, Chief Information Security Officer at Netskope,  1/11/2021
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25533
PUBLISHED: 2021-01-15
An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can construct ...
CVE-2021-3162
PUBLISHED: 2021-01-15
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation.
CVE-2021-21242
PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untrusted data from the `Attachment-Support` header. This Servlet does not enforce any authentication or a...
CVE-2021-21245
PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified location (`request.getHeader("File-Name")`). This issue may lead to arbitrary file upload which can be used to u...
CVE-2021-21246
PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list user details. However for the `/users/` endpoint there are no security checks enforced so it is possible to retrieve ar...