Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in July 2006
Page 1 / 2   >   >>
Agribusiness Ramps Up Secure VPN
News  |  7/31/2006  | 
James Richardson International is about to upgrade its SSL VPN security for more mobile device access and expansion of its B2B operations
CoveLight Detects Fraud
News  |  7/31/2006  | 
Covelight Systems announced the availability of Covelight Percept 3.0
Apache Quickly Patches Bug
News  |  7/31/2006  | 
Fix is for vulnerability found in Apache HTTP Server that lets an attacker take control of the Web server or crash it
StillSecure Releases VAM v5.5
News  |  7/31/2006  | 
StillSecure announced VAM v5.5, the newest version of StillSecure's vulnerability management platform
Authentium Intros ATM
News  |  7/31/2006  | 
Authentium announced VirtualATM, am SDK that allows banks and ISPs to create direct, secure, end-to-end connections with users
Patch Work, Beyond Windows
News  |  7/28/2006  | 
Those non-Microsoft desktop apps may fly under the radar, but need IT attention too
Email Threats Hit Hard
News  |  7/28/2006  | 
Companies with fewer than 1,000 employees receive almost 14 percent more spam through the MX Logic Threat Center
MOBB Bug Among Mozilla Patches
News  |  7/27/2006  | 
Fix avoids 'race conditions,' where a system tries to perform multiple operations simultaneously, bypassing normal processing
IPS Evasion Equation
News  |  7/26/2006  | 
Homegrown tools and an old worm sneak right past three different vendors' intrusion protection systems
Trojan Uses Firefox Add-On
News  |  7/26/2006  | 
New piece of spyware does its dirty work using a real Mozilla Firefox extension
Profit Motives
News  |  7/26/2006  | 
This business of paying for software bugs has plenty of pros and cons and won't necessarily improve security
Skybox Upgrades SRM Suite
News  |  7/25/2006  | 
Skybox Security launches the third-generation release of its Skybox View security risk management (SRM) suite
CERT Seeks Secure Coding Input
News  |  7/25/2006  | 
But can it deliver standards that are broadly applicable and accommodate countless permutations?
Practicing Safe Data
News  |  7/25/2006  | 
Worried about data protection? You should be
FSU Ups Security
News  |  7/25/2006  | 
Rapid7 announced that FSU has installed NeXpose vulnerability management software for conducting security risk audits
Power Industry Gets Security Standard
News  |  7/25/2006  | 
As the continent sweats, North America's electrical utilities will begin implementing new protective measures
Hacking the Vista Kernel
News  |  7/25/2006  | 
More fun at Black Hat: How to slip malware into the Vista Beta 2 kernel and take control of the machine
ConSentry Announces Expansion
News  |  7/25/2006  | 
ConSentry Networks announced that it is expanding its presence in the Asia-Pacific region
Startup Gives Video New Look
News  |  7/24/2006  | 
SteelBox's new capabilities for video traffic management and storage could make large-scale surveillance workable in the enterprise
JavaScript Malware Targets Intranets
News  |  7/24/2006  | 
Malware, cross-site scripting use browsers to break into intranets, with demo planned for next week's Black Hat conference
Reconnex, Tenable Team
News  |  7/24/2006  | 
Reconnex has entered into a partnership with Tenable Network Security
Security Solution Meets Standard
News  |  7/24/2006  | 
null
Security Bugs Sent to the Sandbox
News  |  7/24/2006  | 
A researcher at the upcoming Black Hat conference will suggest a new whitelisting method that creates a 'sandbox' for uninvited traffic
Malware Hits Enterprises
News  |  7/24/2006  | 
A new messaging security field study confirms the need for Zero HourVirus Outbreak Protection, Commtouch announced today
IDS/IPS: Too Many Holes?
News  |  7/21/2006  | 
Today's IDS/IPS technology is often no match for smarter and more application-specific exploits
Time-Tested Email
News  |  7/21/2006  | 
Magazine's marketers improve email response rate with 'trusted' class of email that bypasses ISP spam filters
Management Deja Vu
News  |  7/21/2006  | 
Today's market for SIM tools looks remarkably like the market for enterprise management applications back in the 1980s and 1990s
New Trojan Offers Google Update
News  |  7/21/2006  | 
A new Trojan poses as a Google toolbar update, but it's really a botnet trap
Bucks for Bugs
News  |  7/20/2006  | 
There's money to be made, legitimate and otherwise, for those who find software vulnerabilities
Secure Computing Warns
News  |  7/20/2006  | 
Secure Computing warns that AI software used in testing by a small number of software developers is now being widely used by hackers
The 10 Biggest Myths of IT Security
News  |  7/20/2006  | 
Think you know IT security? Test yourself as Dark Reading debunks some of today's conventional wisdom
Adware Offers Bogus Security Apps
News  |  7/20/2006  | 
ProtectionBar exploit tricks users into installing apps that purportedly clean their machines of malware
Security Pros Wrestle With Data Overload
News  |  7/19/2006  | 
Rapid growth in security is creating a growth market for security information management (SIM) tools, according to a new Dark Reading report
Social Engineering, the Shoppers' Way
News  |  7/19/2006  | 
Even with magnetic card readers at its doors, your company could be vulnerable to a break-in
Red Hat Patches Linux Apps
News  |  7/18/2006  | 
Red Hat today issued four patches to close security holes in its version of Linux
Getting Buggy with the MOBB
News  |  7/18/2006  | 
Instigator of Month of Browser Bugs promises more fun stuff on the way
SecureWorks Anticipates Attacks
News  |  7/18/2006  | 
SecureWorks has seen a dramatic increase in hacker attacks attempted against its banking, credit union and utility clients
New Rootkit Plays Hard to Get
News  |  7/17/2006  | 
Researchers discover new exploit that effectively hides from popular malware detection tools
Survey Urges High Alert
News  |  7/17/2006  | 
According to a recent survey, homeland computer security should be on high alert
New Tool Dusts for Fingerprints
News  |  7/14/2006  | 
A 'fingerprinting' tool that cracks device drivers will go public soon
Alert Logic Goes After Mid-Tier
News  |  7/14/2006  | 
Startup gets new funding to develop the on-demand security services market
Hackers Increase IM Attacks
News  |  7/14/2006  | 
Postini announced a continuing trend by hackers to attack corporate networks through lightly protected instant messaging (IM) systems
Cloudmark Reports Spikes
News  |  7/14/2006  | 
Cloudmark's ongoing monitoring of spam and phishing attacks shows a rise in phishing attempts against European institutions
Portable Danger
News  |  7/14/2006  | 
How serious is the threat of security attacks through mobile and portable devices? We want your input.
Print at Your Own Risk
News  |  7/14/2006  | 
Security researcher finds overlooked vulnerabilities in printers and other embedded devices
DNS Gets Anti-Phishing Hook
News  |  7/13/2006  | 
The new, free OpenDNS service uses DNS to fight phishing and botnets
Think You're Compliant?
News  |  7/13/2006  | 
Endforce's new Web-based security compliance assessment service shows who's running what and if it's in line with your policies
Shock and Awe
News  |  7/13/2006  | 
Human tragedy casts any threat alert in a much different light
CSI/FBI: Violations, Losses Down
News  |  7/12/2006  | 
Security violations are down, but latest CSI/FBI research shows bigger losses elsewhere
Device Drivers at Risk
News  |  7/12/2006  | 
New Windows vulnerability reveals what could be the next big target for attackers
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-31600
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and informat...
CVE-2022-31601
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure.
CVE-2022-31602
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure.
CVE-2022-31603
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information disclosu...
CVE-2022-31599
PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated privileges can cause access to an uninitialized pointer, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other ...