Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in June 2007
<<   <   Page 2 / 2
Security Charlatan
News  |  6/12/2007  | 
Founder of LifeLock, an identity protection service, steps down amid charges of identity theft
Pfizer Falls Victim to P2P Hack
News  |  6/12/2007  | 
Attackers access personal information on 17,000 employees via laptop vulnerability
Enterprises Mull Own Bug Research
News  |  6/12/2007  | 
To bug hunt or not to bug hunt - that's the question enterprises face
Anti-Spam Group Under Attack
News  |  6/12/2007  | 
Spammers launch denial of service exploit against Spamhaus
Architect's Many Identities
News  |  6/11/2007  | 
Dale Olds, creator of Novell's eDirectory, talks open-source ID, tuba photography, and how not to configure your home firewall
Phishers: No Points for Originality
News  |  6/11/2007  | 
More than 90 percent of phishing attacks come from kits, ISS researcher says
Attackers Break Into UVA Database
News  |  6/11/2007  | 
Personal data on nearly 6,000 former and current faculty members at the University of Virginia was compromised
Crossbeam Launches Security Switch
News  |  6/11/2007  | 
Crossbeam launches next generation X-Series security switch
SPI Dynamics to Give Presentations
News  |  6/11/2007  | 
SPI Dynamics to give Web app security presentations at HP conferences
Acunetix Upgrades Web Vulnerability Scanner
News  |  6/11/2007  | 
New version 5 of Acunetix Web Vulnerability Scanner ensures companies meet PCI compliancy
P2P's Unintended Leaks
News  |  6/8/2007  | 
Or, how file-hungry music and video fans might download business-sensitive data
New Software Detects Spyware
News  |  6/8/2007  | 
System SoftLab has announced the immediate availability of Security Process Detector 3.00
Security's Dollar Daze
News  |  6/8/2007  | 
Getting resources for security means making a savvy business case
Laws Threaten Security Researchers
News  |  6/8/2007  | 
New Computer Security Institute report reveals how some computer security laws inadvertently hurt the good guys
Privacy Premium Doesn't Faze Buyers
News  |  6/7/2007  | 
CMU study shows online shoppers will pay more for products guarded by a well-met privacy policy
A Multitude of SIMs
News  |  6/6/2007  | 
All the emerging security info management options may overwhelm IT buyers, but here's how to start sorting them out
Pop-Up Predicament
News  |  6/6/2007  | 
Amero's new trial is a victory for parents and kids who end up on the wrong screen
Protegrity Unveils Software Suite
News  |  6/6/2007  | 
Protegrity launches Defiance Security Software Suite 4.3
Firewall Wish List
News  |  6/5/2007  | 
Or, why you should absolutely perform outbound firewall filtering
Security's Soft Underbelly
News  |  6/5/2007  | 
Many companies secure the walls, but databases remain the soft, chewy center
Using Bugs as Leverage
News  |  6/5/2007  | 
Vulnerability research, scanning can give enterprises an edge, experts say
Vendors Tighten Up Security
News  |  6/5/2007  | 
NetIQ, MessageLabs, and Proofpoint roll out new products, market data at Gartner summit
Microsoft Unwraps Security Platform
News  |  6/5/2007  | 
Next-generation Forefront product to bring broad array of security tools under one umbrella
VeriSign to Launch Wireless IPS Service
News  |  6/4/2007  | 
VeriSign to team up with AirMagnet to offer WLAN managed security service
Imperva Secures Databases
News  |  6/4/2007  | 
Imperva introduces ADC Insight Services to enable organizations to quickly and easily secure databases and meet regulatory pressures
AirMagnet Upgrades Analyzer
News  |  6/4/2007  | 
Announces AirMagnet Handheld Analyzer 7.0; latest release introduces support for the 802.11g wireless LAN protocol
Security's Sea Change
News  |  6/4/2007  | 
The security boom is over... Long live the security boom
Oakley Combines User Monitoring, Forensics
News  |  6/4/2007  | 
Oakley Networks SureView 5.0 integrates network and desktop insider threat detection and remediation
Scottrade Deploys Source-Code Analysis
News  |  6/4/2007  | 
Leading online brokerage Scottrade makes application security a priority with Fortify Software
Ounce Labs Upgrades Tool
News  |  6/4/2007  | 
Ounce Labs announces Ounce 5.0; enterprise-level security enhancements and support for critical industry regulations and best practices
MessageLabs Reports Phishing Increase
News  |  6/4/2007  | 
MessageLabs announced the findings of its MessageLabs Intelligence Report for May 2007
WhiteHat Summer Speaking Tour
News  |  6/4/2007  | 
WhiteHat Security announced details for the Company's early Summer 2007 speaking tour
eEye to Enter Security Services
News  |  6/4/2007  | 
Vulnerabilty assessment and endpoint software company will debut Preview today
DR Survey: Insiders Take the Cake
News  |  6/1/2007  | 
Dark Reading regulars say the biggest threat comes from within their own organization
All The Wrong Moves
News  |  6/1/2007  | 
Government missteps could make security tougher for everyone
Dismantling a Botnet
News  |  6/1/2007  | 
Lopping off its head won't kill a botnet - and the bots may never truly be free
Sophos Unveils May's Top 10 Threats
News  |  6/1/2007  | 
Sophos has revealed the most prevalent malware threats causing problems for computer users around the world in May 2007
<<   <   Page 2 / 2


Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Major Brazilian Bank Tests Homomorphic Encryption on Financial Data
Kelly Sheridan, Staff Editor, Dark Reading,  1/10/2020
Will This Be the Year of the Branded Cybercriminal?
Raveed Laeb, Product Manager at KELA,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Give us your best shot! You might win an Amazon gift card!
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3686
PUBLISHED: 2020-01-17
openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vulnerable to XSS in the distri and version parameter. This was reported through the bug bounty program of Offensive Security
CVE-2019-3683
PUBLISHED: 2020-01-17
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full &quot;member&quot; role access to every project. This allowed these users to access, modify, create and...
CVE-2019-3682
PUBLISHED: 2020-01-17
The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.
CVE-2019-17361
PUBLISHED: 2020-01-17
In SaltStack Salt through 2019.2.0, the salt-api NEST API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host.
CVE-2019-19142
PUBLISHED: 2020-01-17
Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request to the incoming/Firmware.cfg URI.