Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in June 2007
Page 1 / 2   >   >>
Hacker Smackdown
News  |  6/28/2007  | 
Researchers at odds over whether virtualized rootkits are detectable
Not One Size Fits All
News  |  6/28/2007  | 
One man's firewall is another man's kludge
Akonix: 80% Increase in Harmful IM Activity
News  |  6/28/2007  | 
Akonix Systems announced its IM Security Center researchers tracked 36 malicious code attacks over IM networks during the month of June
Vulnerability Management Grows Up
News  |  6/27/2007  | 
Tools are evolving to handle more than patch check-boxes, Burton Group says
Comodo Touts HackerGuardian
News  |  6/27/2007  | 
Comodo offers PCI and vulnerability scanning suite that provides both compliancy and security for $99
BitDefender Expands D&H Agreement
News  |  6/27/2007  | 
BitDefender expands distribution agreement with D&H to include BitDefender's licensed products
ZEN for the Endpoint
News  |  6/27/2007  | 
Novell rolls out endpoint security management to protect machines at the office and on the road
CSRF Bug Runs Rampant
News  |  6/26/2007  | 
Vulnerabilty found in Check Point, various firewalls, UTM appliances, routers, storage systems, and other devices managed with Web interfaces
App Security Evaluated for Common Criteria
News  |  6/26/2007  | 
Application Security is under evaluation for Common Criteria certification through Science Applications International Corporation
Pain in the Bot
News  |  6/26/2007  | 
There's no sure-fire way yet to de-zombify bots
Modified MDAC Exploit Tops Survey
News  |  6/26/2007  | 
Exploit Prevention Labs released the results of its May 2007 Exploit Prevalence Survey
Anchiva Delivers Malware Signatures
News  |  6/26/2007  | 
Anchiva Systems's Rapid RxLabs is now delivering over 700,000 signatures to detect and prevent malware from entering enterprise networks
Trend Micro: Users Are Not Secure
News  |  6/26/2007  | 
Trend Micro announced findings of a study into corporate end user perceptions of and experiences with security threats
Two Men Charged With Obscene Spam
News  |  6/26/2007  | 
Sophos has welcomed news that two men have been found guilty for their part in an international spam gang
Killing That 'Man in the Browser'
News  |  6/26/2007  | 
TriCipher to unveil transaction security tool today
New Open Source Security Gateway
News  |  6/26/2007  | 
Untangle, the pioneer in open source network gateway platforms, launched the Untangle Gateway Platform
Marshal: Pump & Dump Spam Drops
News  |  6/26/2007  | 
Marshal announced pump 'n dump spam has dropped significantly
Black Ops & Grandma
News  |  6/25/2007  | 
Renowned researcher Dan Kaminsky talks about his latest Black Ops research, first meeting Mudge, and his grandma the 'hacker'
Japan ISP Uses nCircle
News  |  6/25/2007  | 
nCircle announced that NTTPC will launch a security service based on nCircle's suite of advanced security products
Hacking Truckers
News  |  6/25/2007  | 
Researchers discover that the contents of a truck's haul are wide open to hackers via RFID
Suspected Virus Author Arrested
News  |  6/25/2007  | 
Sophos has welcomed news that Spanish authorities have arrested a man suspected of writing and distributing a mobile phone virus
eSoft Intros ThreatWall
News  |  6/25/2007  | 
eSoft announces the availability of its new ThreatWall Web Security Gateways
Mi5's Not-So-Secret Weapon
News  |  6/22/2007  | 
New Web gateway promises to control botnet infections as well as Web-borne malware
Rethinking Security Technology
News  |  6/22/2007  | 
Emerging products find new approaches to some old security problems
Security Fears Slow Virtualization
News  |  6/22/2007  | 
A new study indicates that many enterprises fear the security dangers that virtualization technology may introduce
'You're Now Free to Move About the Company'
News  |  6/21/2007  | 
American Airlines pilots discover major vulnerability in company's intranet
Old Dogs Can Still Do Dirty Tricks
News  |  6/21/2007  | 
Vulnerabilities can remain dangerous even after they've been discovered and patched
Most Antivirus Products Don't Stop New Attacks
News  |  6/21/2007  | 
Most antivirus products are ill-equipped to stop new hacker attacks, according to Independent Security Evaluators lab test
Securing the 'Company Jewels'
News  |  6/21/2007  | 
Enterprises struggle with how to define their intellectual property - and how to keep it safe from the bad guys
People, Not Passwords, Are the Problem
News  |  6/20/2007  | 
UK government study says end users still don't know how to protect their passwords online
Throwing Out an Idea
News  |  6/20/2007  | 
Government's right to surveillance should stop at my recycling bin
Hackers Create Nuclear Bomb Scare
News  |  6/20/2007  | 
Realistic mushroom-cloud explosion causes stir in Czech Republic
Stop, Thief!
News  |  6/19/2007  | 
Major data breaches occur when storage media are physically stolen
PatchLink Buys SecureWave
News  |  6/19/2007  | 
Deal merges endpoint security with patch management, vulnerability assessment
Sipera Identifies VOIP Phone Vulnerabilities
News  |  6/19/2007  | 
Sipera VIPER Lab disclosed seven threat advisories, and potential solutions, for SIP-based soft phones from AOL, Avaya, MSN, and Nortel
80% of Companies Unknowingly Send Spam
News  |  6/19/2007  | 
Email traffic from individual organizations has over 80% of their sent mail sent from IP addresses outside of their domain
Tumbleweed Unveils Software
News  |  6/19/2007  | 
Tumbleweed Communications announced new MailGate capabilities that will reduce accidental email data leaks and botnet-driven threats
Stonesoft Seeks to Open Up VPNs
News  |  6/18/2007  | 
New SSL VPN products don't discriminate against mobile devices, non-employees
Startup Puts New Spin on Firewalls
News  |  6/18/2007  | 
Palo Alto Networks's PA-4000 can recognize - and restrict - more than 400 types of application traffic
Server Room Follies
News  |  6/18/2007  | 
In which pizza and soda are shown to be more powerful than a crowbar for breaking and entering
Avinti Warns of Targeted Attack
News  |  6/15/2007  | 
Avinti has issued a security alert to corporate users of a new targeted attack disguised as invoice attachment from Beckman Coulter
A New Approach to Database Security
News  |  6/15/2007  | 
Startup Sentrigo prepares to launch Hedgehog, a new tool that works at the cache memory level
Eight Vulnerabilities You May Have Missed
News  |  6/15/2007  | 
With all the security vulnerabilities in the news, here's a look at some dangers that few are talking about
Prophetic Warnings
News  |  6/15/2007  | 
Just days after a university researcher warned of the dangers of P2P, Pfizer felt the vulnerability's wrath
Inside-Out Security
News  |  6/14/2007  | 
Basic defenses that lack depth create needless vulnerabilities - internal and external
Feds Launch Operation Bot Roast
News  |  6/14/2007  | 
Initiative aims to find bot herders and bring them to justice
Pop-Ups Fake Security Alerts
News  |  6/13/2007  | 
Pop-ups try to fake users into downloading 'security software,' Trend Micro says
Survey: 1 in 4 WLANs Unsecured
News  |  6/13/2007  | 
RSA survey finds more WLANs, but not much security
Name Calling
News  |  6/13/2007  | 
Are enterprises put off by the term 'researcher'?
Trust Gets Buggy
News  |  6/13/2007  | 
Whether a flaw or a feature, Microsoft's attitude suggests bugs don't have to be fixed
Page 1 / 2   >   >>


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We need more votes, check the obituaries.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4889
PUBLISHED: 2021-01-26
IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.
CVE-2020-4949
PUBLISHED: 2021-01-26
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.
CVE-2021-21275
PUBLISHED: 2021-01-25
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...
CVE-2021-21272
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...