Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in June 2006
Page 1 / 2   >   >>
Windows Flaw, Word Trojan Found
News  |  6/30/2006  | 
Microsoft is looking into another possible Windows hole, and a new Trojan rides in on Word docs
Group to Research ID Theft
News  |  6/29/2006  | 
Universities, law enforcement agencies, and vendors team to study fraud and identity theft
Cisco Seeks to Fill Security Gaps
News  |  6/28/2006  | 
Gaps between security products, and between IT and business groups, cause enterprise headaches, says Cisco's security CTO
Warning Users of Dangerous Clicks
News  |  6/28/2006  | 
MarkMonitor's buyout of Collective Trust could allow ISPs to warn users about dangerous clicks ahead
MarkMonitor Gets Collective Trust
News  |  6/28/2006  | 
MarkMonitor acquired CollectiveTrust to add their Zero-Hour fraud protection technology to MarkMonitor's anti-fraud solutions
AppSec Rolls Out Tool
News  |  6/27/2006  | 
Application Security announced immediate availability of a new PCI-DSS Toolkit
Startup Locks Down Apps
News  |  6/27/2006  | 
Firewall pioneer Pensak is behind another venture intent on hardening applications where they live
Mu Security Lands $10M
News  |  6/27/2006  | 
Mu Security announced the company has raised an additional $10 million in a Series B funding round
Symantec Bundles Security Services
News  |  6/26/2006  | 
Threat and Vulnerability Management Program blends security alerts with consulting
Fraud Monitoring Appliance on Tap
News  |  6/26/2006  | 
Cydelity appliance gives banks a detailed look at suspicious account activity
Lockdown Joins Microsoft Program
News  |  6/26/2006  | 
Lockdown announced the launch of its open iNAC architecture
Sensory, Vendors Partner
News  |  6/26/2006  | 
Sensory unveiled the industry's largest ecosystem of applications designed to run on Sensory's NodalCore acceleration platform
Data Loss Epidemic
News  |  6/23/2006  | 
Data losses at major corporations and government agencies are being reported almost every day now
Data Losses Hit Four More
News  |  6/22/2006  | 
The list of big-name organizations reporting security breaches just keeps growing
Sorry, No Naked World Cup
News  |  6/21/2006  | 
A new worm promises to show users photos of a nude soccer match, but it's a disappointing email address, sucker
New Phishing Exploits Emerge
News  |  6/21/2006  | 
Phishing experts are tracking a new school of exploits - and some of them are shark-scary
The Blue Flu?
News  |  6/21/2006  | 
It could be contagious for mobile devices, finds new survey of Bluetooth security
Microsoft Works Around Excel Bug
News  |  6/20/2006  | 
As Microsoft issues workarounds for last week's zero-day Excel attack, yet another hole is found in the spreadsheet program UPDATED 5:30 PM
Newcastle Uses Sealed
News  |  6/20/2006  | 
SealedMedia announced that Newcastle Building Society has chosen its software to protect the organisation's digitised intellectual capital
Thieves Nab AIG Customer Records
News  |  6/19/2006  | 
AIG is informing customers this week about the theft of a server containing personal data on about 970,000 customers
Google Site Hosts Trojan
News  |  6/19/2006  | 
The Google Pages Web hosting service was infected with a keylogger, but so far the impact has been light
Altera Provides Security
News  |  6/19/2006  | 
Altera announced the availability of a comprehensive Stratix II FPGA design security solution to protect IP
DC Workers' Personal Data Stolen
News  |  6/19/2006  | 
An unprotected laptop containing names, Social Security numbers, and other data on 13,000 District of Columbia employees was stolen last week
Social Engineering Gets Smarter
News  |  6/16/2006  | 
Good old-fashioned schmooze still the best way to get information and access, particularly if the target works in IT
Microsoft Vulnerabilities Hit Critical Levels
News  |  6/15/2006  | 
With patches out, Microsoft reveals critical vulnerabilities in Windows and associated apps
Desktop Ports: Leakage or Lockdown
News  |  6/14/2006  | 
Enterprises struggle to enforce security policies on thumb drives and other portable storage media
Hacked in Mid-Air
News  |  6/13/2006  | 
Flaw in next-gen air traffic control could let an attacker create as many as 50 phantom aircraft on the controller's screen
Barracuda Gets Bitten
News  |  6/13/2006  | 
Email was held up for a few hours today after spam firewall vendor inadvertently sent a bad virus definition
Microsoft Moves Security to 'Forefront'
News  |  6/12/2006  | 
Microsoft gives its security wares a bold new name and rolls out a new security gateway at Tech Ed 2006
Bug Hits Popular IP-PBX Apps
News  |  6/12/2006  | 
Asterisk PBX and IAXclient, two of the most popular open-source VOIP applications, are vulnerable to attack
Red Seal Gathers Up Risk Data
News  |  6/12/2006  | 
Less predictive in nature, the risk management box is supposed to help improve decision making when things go wrong
Microsoft Prepares to Patch Things Up
News  |  6/9/2006  | 
Microsoft gave a heads up on its latest security updates for Windows, IE, Office, and Exchange
Flaw Found in Linux Statistics App
News  |  6/9/2006  | 
Cross-site scripting vulnerability in a popular Linux log file app could lead to remote code execution
UTM Protects Children
News  |  6/9/2006  | 
Bullard Independent School District's Technology Director Lee Sleeper installed Lightspeed System's Total Traffic Control v6.0 in Mar '06
Futbol, You Bet
News  |  6/9/2006  | 
IT security managers are kind of like goalkeepers when it comes to protecting their networks and their companies from attacks and exploits
Sophos Method Used to Crack Trojan
News  |  6/8/2006  | 
The spyware tool in Sophos's new Endpoint Security product was built on the same 'genotyping' tech used to crack this week's 'ransomware' Trojan
Exploit Shares Results
News  |  6/8/2006  | 
Exploit Prevention Labs released findings from monthly survey to measure the rise of Internet-borne exploits and zero-day attacks
Deep-Packet Offerings Proliferate
News  |  6/8/2006  | 
Ellacoya, Sandvine join Allot in launching new tools for deep packet inspection
Vulnerability Crosses Browser Boundaries
News  |  6/8/2006  | 
A newly-reported flaw makes Internet Explorer and Mozilla browsers equally vulnerable
Two Charged in VOIP Hacking Scandal
News  |  6/8/2006  | 
Authorities say two men ran a wholesale VOIP business using allegedly fake codes to load call traffic onto unsuspecting VOIP networks
New Service Seeks Out Security Gaps
News  |  6/7/2006  | 
SekCheck has launched a new service that audits security infrastructures and compares them against those of other enterprises
Allot Goes Deep on Packets
News  |  6/7/2006  | 
Vendor's deep packet inspection lets service providers track user behavior
Rendezvous at Risk
News  |  6/7/2006  | 
Holes in Tibco's Rendezvous messaging middleware can leave applications vulnerable to denial-of-service attacks
Comodo Releases Monkey
News  |  6/7/2006  | 
Comodo announced the immediate availability of NOC Monkey 2.0 beta 1
Social Engineering, the USB Way
News  |  6/7/2006  | 
Those thumb drives can turn external threats into internal ones in two easy steps
Healthcare Firms Unite for Safety
News  |  6/7/2006  | 
The newly-formed eHealth Vulnerability Reporting Program brings together major healthcare companies in an effort to identify and eliminate security threats
At MedAvant, Security Helps Pay the Bills
News  |  6/7/2006  | 
Healthcare billing and payment processing company implements PortAuthority software to stop unauthorized traffic
NCircle, Cybertrust Team Up
News  |  6/6/2006  | 
Cybertrust will offer nCircle's vulnerability and risk management solutions and use nCircle IP360 profiling and scanning technology in its portfolio of services
StillSecure, Patchlink Partner
News  |  6/6/2006  | 
StillSecure partners with Patchlink to simplify end-to-end vulnerability lifecycle management
NCircle Debuts MSSP
News  |  6/5/2006  | 
NCircle announced today the debut of its Managed Security Service Provider (MSSP) Program
Page 1 / 2   >   >>


Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: How do you like our new spear phishing email solution?
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprise
Assessing Cybersecurity Risk in Today's Enterprise
Security leaders are struggling to understand their organizations risk exposure. While many are confident in their security strategies and processes, theyre also more concerned than ever about getting breached. Download this report today and get insights on how today's enterprises assess and perceive the risks they face in 2019!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18881
PUBLISHED: 2019-11-12
WSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in the dashboard user profile.
CVE-2019-18882
PUBLISHED: 2019-11-12
WSO2 IS as Key Manager 5.7.0 allows stored XSS in download-userinfo.jag because Content-Type is mishandled.
CVE-2019-18873
PUBLISHED: 2019-11-12
FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the pa...
CVE-2019-18874
PUBLISHED: 2019-11-12
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
CVE-2019-18862
PUBLISHED: 2019-11-11
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.