Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in July 2007
Page 1 / 2   >   >>
Spammers Capitalize on Simpsons Movie
News  |  7/31/2007  | 
SPAMFighter finds spammers taking advantage of the release of The Simpsons movie to find live email addresses
Report: Rise in Web App Vulnerabilities
News  |  7/31/2007  | 
Cenzic released its Application Security Trends Report - Q2 2007
File Formats: A Moving Target
News  |  7/31/2007  | 
Which types of files are most in danger of attack? Experts - and attackers - frequently change their minds
Google Desktop: Too Risky?
News  |  7/31/2007  | 
Recently-exposed vulnerabilities leave many IT experts feeling queasy about using the search engine's latest feature
XSS Book Published
News  |  7/31/2007  | 
WhiteHat Security announced the availability of Jeremiah Grossman's book - Cross-Site Scripting Attacks: XSS Exploits and Attacks
Tool Stops XSS, SQL Injection Attacks
News  |  7/31/2007  | 
Core Labs researchers to release free tool to protect PHP-based Web apps
Researcher Barred From US
News  |  7/30/2007  | 
Renowned security expert Halvar Flake denied travel from Germany after his Black Hat presentation is found in search
BreakingPoint Offers Same-Day 0-Days
News  |  7/30/2007  | 
Startup to announce general availability of its new BPS-1000 testing tool, controversial vulnerability disclosure policy
BreakingPoint Systems Ships
News  |  7/30/2007  | 
BreakingPoint Systems launches next-generation network test equipment for content aware networks
Fighting Forensics
News  |  7/30/2007  | 
New research exploits vulnerabilities found in popular computer forensics tools
Survey: Zero-Day Bugs Biggest Concern
News  |  7/30/2007  | 
Zero-day vulnerabilities are the top security concern for the majority of IT professionals, according to a survey conducted by PatchLink
Black Hat: How to Hack IPS Signatures
News  |  7/30/2007  | 
Errata Security says attackers are already reverse-engineering IPS vendors' zero-day signatures like TippingPoint's to wage attacks, bypass IPSs
Anchiva Gets 750,000 Malware Signatures
News  |  7/30/2007  | 
Anchiva's Rapid RxLabs is now delivering over 750,000 signatures to detect and prevent malware from entering enterprise networks
Sipera to Demo New VOIP Exploit at Black Hat
News  |  7/30/2007  | 
Sipera Systems announced Sipera VIPER Lab will demonstrate a VOIP exploit at the Black Hat USA 2007 conference
Robot Genius Offers Free Anti-Malware Download
News  |  7/30/2007  | 
Robot Genius announced the availability of its new anti-malware download/plug-in, RGguard
iS3 Rolls Out Version 5.0 of STOPzilla
News  |  7/30/2007  | 
iS3 announced the availability of STOPzilla Version 5.0
Virtualization's New Benchmark
News  |  7/27/2007  | 
Consortium gives recommendations for securing emerging virtualized technology
Aflac Loses Data on 152,000
News  |  7/27/2007  | 
Company quacks 'fowl!' over theft of laptop in Japan
Attack of the Black Hats
News  |  7/27/2007  | 
Get ready, Vegas - with this crew in town, even the slot machines aren't safe
Open Source Bots
News  |  7/27/2007  | 
With most botnets based on open source, it may be time to rethink just what gets open-sourced
Third Parties Fumble Data Handoffs
News  |  7/26/2007  | 
Your company's data breach may result from a partner's mistakes
Startup to Take on PayPal
News  |  7/26/2007  | 
Pmints could go where PayPal won't, including porn and gambling
It's More Than JavaScript
News  |  7/26/2007  | 
There are lots of other ways an attacker can have fun with your Web applications
Startup Locks Down Mobile Linux
News  |  7/26/2007  | 
New version of mobile OS verifies apps, firmware, and encrypts data
Hacking Without Exploits
News  |  7/25/2007  | 
Researcher HD Moore to show at Black Hat and Defcon ways to hack a fully patched system
80% of Websites With Malware Are Legit
News  |  7/25/2007  | 
Sophos has published new research on the first six months of cybercrime in 2007
BigFix Upgrades AntiThreat
News  |  7/25/2007  | 
BigFix announced the availability of two new anti-malware solution packs designed to deliver IT
What DNS Pinning Means to You
News  |  7/25/2007  | 
Emerging vulnerability is widespread and tough to fix
Putting Security in the Trash
News  |  7/25/2007  | 
Emerging legislation puts the onus on companies to manage paper records - and how they dispose of them
New Tool Automates Spam
News  |  7/25/2007  | 
Cheap software promises to post 1,100 messages to Web forums in less than 15 minutes
Cigital, LeverPoint Team on Cigital India
News  |  7/24/2007  | 
Cigital has formed a partnership creating Cigital India with a recognized top performer in offshore outsourcing
Banks Lag in Strong Authentication
News  |  7/24/2007  | 
New study says majority of banks won't have multi-factor authentication until next year
Foundstone Engineering Head Joins Rapid7
News  |  7/24/2007  | 
Rapid7 announced that Foundstone's director of engineering, Christopher Moore, has joined the company as the new vice president of engineering
Help Wanted: ID Theft Victims
News  |  7/24/2007  | 
That online job recruiter may actually be a criminal trying to steal your personal data
Mi5 Adds Reseller Program
News  |  7/23/2007  | 
Mi5 Networks announced the Webgate Channel Partner Program for resellers looking to tap the market for Secure Web Gateways
Picture Your Password
News  |  7/23/2007  | 
Researchers are taking a look at graphical passwords, but the picture is still fuzzy on their effectiveness
Pointing to Danger
News  |  7/23/2007  | 
Researcher to show how dangling pointer flaws, long viewed as inconsequential, can be a path to serious infection
Aruba Acquires Network Chemistry Assets
News  |  7/23/2007  | 
Aruba Networks announced the acquisition of Network Chemistry's line of award-winning RFprotect and BlueScanner wireless security products
New Tool Eases CSRF Bug Discovery
News  |  7/20/2007  | 
Tool will show how widespread CSRF bugs are in Websites, researchers say
ID Management Gets Granular
News  |  7/20/2007  | 
New TNT software helps companies control access to critical data by user, device, and time of day
Research Run
News  |  7/20/2007  | 
Love 'em or hate 'em, security researchers open up whole new vistas on system vulnerability
Spam Changes Direction
News  |  7/19/2007  | 
While PDF and image-based attacks skyrocket, spammers quietly shift toward Europe
Trade Ya'
News  |  7/19/2007  | 
Looking out for the man-in-the-middle of your online stock trade
How to Land the Best Security Job
News  |  7/19/2007  | 
IT security recruiters speak out on the need for a breadth of technology experience and an understanding of the business side
SurfControl Safeguards Scout Jamboree
News  |  7/19/2007  | 
SurfControl is to provide Internet protection for 40,000 14- to 18-year-olds at the largest World Scout Jamboree
Hack Sneaks Past Firewall to Intranet
News  |  7/18/2007  | 
Black Hat researcher will demonstrate yet another way to use DNS pinning bug to get inside the corporate network
Leaks Found in Louisiana University Systems
News  |  7/18/2007  | 
Student uncovers 150 documents containing personal information on 80,000 individuals
Ounce Labs Sets Up Research Team
News  |  7/18/2007  | 
Ounce Labs, the industry leader in software risk management, announced the formation of an Advanced Research Team (ART)
Sophos: Latest 'Dirty Dozen' Spam Relaying Countries
News  |  7/18/2007  | 
Sophos has published its latest report on the top 12 spam-relaying countries during the second quarter of 2007
Attackers Hide in Fast Flux
News  |  7/17/2007  | 
Storm and Warezov/Stration have already adopted an evil load-balancing and evasion technique that's tougher to detect
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19914
PUBLISHED: 2020-04-03
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2020-5283
PUBLISHED: 2020-04-03
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the `show_subdir_l...
CVE-2020-11498
PUBLISHED: 2020-04-02
Slack Nebula through 1.1.0 contains a relative path vulnerability that allows a low-privileged attacker to execute code in the context of the root user via tun_darwin.go or tun_windows.go. A user can also use Nebula to execute arbitrary code in the user's own context, e.g., for user-level persistenc...
CVE-2020-11499
PUBLISHED: 2020-04-02
Firmware Analysis and Comparison Tool (FACT) 3 has Stored XSS when updating analysis details via a localhost web request, as demonstrated by mishandling of the tags and version fields in helperFunctions/mongo_task_conversion.py.
CVE-2020-7628
PUBLISHED: 2020-04-02
install-package through 1.1.6 is vulnerable to Command Injection. It allows execution of arbitrary commands via the device function.