Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in July 2006
Page 1 / 2   >   >>
Agribusiness Ramps Up Secure VPN
News  |  7/31/2006  | 
James Richardson International is about to upgrade its SSL VPN security for more mobile device access and expansion of its B2B operations
CoveLight Detects Fraud
News  |  7/31/2006  | 
Covelight Systems announced the availability of Covelight Percept 3.0
Apache Quickly Patches Bug
News  |  7/31/2006  | 
Fix is for vulnerability found in Apache HTTP Server that lets an attacker take control of the Web server or crash it
StillSecure Releases VAM v5.5
News  |  7/31/2006  | 
StillSecure announced VAM v5.5, the newest version of StillSecure's vulnerability management platform
Authentium Intros ATM
News  |  7/31/2006  | 
Authentium announced VirtualATM, am SDK that allows banks and ISPs to create direct, secure, end-to-end connections with users
Patch Work, Beyond Windows
News  |  7/28/2006  | 
Those non-Microsoft desktop apps may fly under the radar, but need IT attention too
Email Threats Hit Hard
News  |  7/28/2006  | 
Companies with fewer than 1,000 employees receive almost 14 percent more spam through the MX Logic Threat Center
MOBB Bug Among Mozilla Patches
News  |  7/27/2006  | 
Fix avoids 'race conditions,' where a system tries to perform multiple operations simultaneously, bypassing normal processing
IPS Evasion Equation
News  |  7/26/2006  | 
Homegrown tools and an old worm sneak right past three different vendors' intrusion protection systems
Trojan Uses Firefox Add-On
News  |  7/26/2006  | 
New piece of spyware does its dirty work using a real Mozilla Firefox extension
Profit Motives
News  |  7/26/2006  | 
This business of paying for software bugs has plenty of pros and cons and won't necessarily improve security
Skybox Upgrades SRM Suite
News  |  7/25/2006  | 
Skybox Security launches the third-generation release of its Skybox View security risk management (SRM) suite
CERT Seeks Secure Coding Input
News  |  7/25/2006  | 
But can it deliver standards that are broadly applicable and accommodate countless permutations?
Practicing Safe Data
News  |  7/25/2006  | 
Worried about data protection? You should be
FSU Ups Security
News  |  7/25/2006  | 
Rapid7 announced that FSU has installed NeXpose vulnerability management software for conducting security risk audits
Power Industry Gets Security Standard
News  |  7/25/2006  | 
As the continent sweats, North America's electrical utilities will begin implementing new protective measures
Hacking the Vista Kernel
News  |  7/25/2006  | 
More fun at Black Hat: How to slip malware into the Vista Beta 2 kernel and take control of the machine
ConSentry Announces Expansion
News  |  7/25/2006  | 
ConSentry Networks announced that it is expanding its presence in the Asia-Pacific region
Startup Gives Video New Look
News  |  7/24/2006  | 
SteelBox's new capabilities for video traffic management and storage could make large-scale surveillance workable in the enterprise
JavaScript Malware Targets Intranets
News  |  7/24/2006  | 
Malware, cross-site scripting use browsers to break into intranets, with demo planned for next week's Black Hat conference
Reconnex, Tenable Team
News  |  7/24/2006  | 
Reconnex has entered into a partnership with Tenable Network Security
Security Solution Meets Standard
News  |  7/24/2006  | 
null
Security Bugs Sent to the Sandbox
News  |  7/24/2006  | 
A researcher at the upcoming Black Hat conference will suggest a new whitelisting method that creates a 'sandbox' for uninvited traffic
Malware Hits Enterprises
News  |  7/24/2006  | 
A new messaging security field study confirms the need for Zero HourVirus Outbreak Protection, Commtouch announced today
IDS/IPS: Too Many Holes?
News  |  7/21/2006  | 
Today's IDS/IPS technology is often no match for smarter and more application-specific exploits
Time-Tested Email
News  |  7/21/2006  | 
Magazine's marketers improve email response rate with 'trusted' class of email that bypasses ISP spam filters
Management Deja Vu
News  |  7/21/2006  | 
Today's market for SIM tools looks remarkably like the market for enterprise management applications back in the 1980s and 1990s
New Trojan Offers Google Update
News  |  7/21/2006  | 
A new Trojan poses as a Google toolbar update, but it's really a botnet trap
Bucks for Bugs
News  |  7/20/2006  | 
There's money to be made, legitimate and otherwise, for those who find software vulnerabilities
Secure Computing Warns
News  |  7/20/2006  | 
Secure Computing warns that AI software used in testing by a small number of software developers is now being widely used by hackers
The 10 Biggest Myths of IT Security
News  |  7/20/2006  | 
Think you know IT security? Test yourself as Dark Reading debunks some of today's conventional wisdom
Adware Offers Bogus Security Apps
News  |  7/20/2006  | 
ProtectionBar exploit tricks users into installing apps that purportedly clean their machines of malware
Security Pros Wrestle With Data Overload
News  |  7/19/2006  | 
Rapid growth in security is creating a growth market for security information management (SIM) tools, according to a new Dark Reading report
Social Engineering, the Shoppers' Way
News  |  7/19/2006  | 
Even with magnetic card readers at its doors, your company could be vulnerable to a break-in
Red Hat Patches Linux Apps
News  |  7/18/2006  | 
Red Hat today issued four patches to close security holes in its version of Linux
Getting Buggy with the MOBB
News  |  7/18/2006  | 
Instigator of Month of Browser Bugs promises more fun stuff on the way
SecureWorks Anticipates Attacks
News  |  7/18/2006  | 
SecureWorks has seen a dramatic increase in hacker attacks attempted against its banking, credit union and utility clients
New Rootkit Plays Hard to Get
News  |  7/17/2006  | 
Researchers discover new exploit that effectively hides from popular malware detection tools
Survey Urges High Alert
News  |  7/17/2006  | 
According to a recent survey, homeland computer security should be on high alert
New Tool Dusts for Fingerprints
News  |  7/14/2006  | 
A 'fingerprinting' tool that cracks device drivers will go public soon
Alert Logic Goes After Mid-Tier
News  |  7/14/2006  | 
Startup gets new funding to develop the on-demand security services market
Hackers Increase IM Attacks
News  |  7/14/2006  | 
Postini announced a continuing trend by hackers to attack corporate networks through lightly protected instant messaging (IM) systems
Cloudmark Reports Spikes
News  |  7/14/2006  | 
Cloudmark's ongoing monitoring of spam and phishing attacks shows a rise in phishing attempts against European institutions
Portable Danger
News  |  7/14/2006  | 
How serious is the threat of security attacks through mobile and portable devices? We want your input.
Print at Your Own Risk
News  |  7/14/2006  | 
Security researcher finds overlooked vulnerabilities in printers and other embedded devices
DNS Gets Anti-Phishing Hook
News  |  7/13/2006  | 
The new, free OpenDNS service uses DNS to fight phishing and botnets
Think You're Compliant?
News  |  7/13/2006  | 
Endforce's new Web-based security compliance assessment service shows who's running what and if it's in line with your policies
Shock and Awe
News  |  7/13/2006  | 
Human tragedy casts any threat alert in a much different light
CSI/FBI: Violations, Losses Down
News  |  7/12/2006  | 
Security violations are down, but latest CSI/FBI research shows bigger losses elsewhere
Device Drivers at Risk
News  |  7/12/2006  | 
New Windows vulnerability reveals what could be the next big target for attackers
Page 1 / 2   >   >>


I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps,  11/19/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19033
PUBLISHED: 2019-11-21
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.
CVE-2019-19191
PUBLISHED: 2019-11-21
Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.
CVE-2019-15511
PUBLISHED: 2019-11-21
An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed....
CVE-2019-16405
PUBLISHED: 2019-11-21
Centreon Web 19.04.4 allows Remote Code Execution by an administrator who can modify Macro Expression location settings.
CVE-2019-16406
PUBLISHED: 2019-11-21
Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron.