Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in August 2006
Page 1 / 2   >   >>
IPS Technology: Ready for Overhaul
News  |  8/31/2006  | 
Its current limitations might be frustrating, but IPS technology will evolve into smarter, more integrated security solution
Wireless Piggybackers Put on Notice
News  |  8/30/2006  | 
New California law encourages users to lock up WLANs, setting the stage for criminal action against hackers and piggybackers
Hacking Home WLANs
News  |  8/30/2006  | 
Don't forget to lock down your users' home WLANs
How Identity Theft Works
News  |  8/30/2006  | 
Ever wonder how hard it is to steal a person's identity? We did it in this penetration test, and we were surprised at just how easy it is
Top 10 Reasons Security Products Don't Work
News  |  8/29/2006  | 
Once users and vendors get past the finger-pointing, there's a lot they can do together to improve enterprise security
Authentium Warns
News  |  8/29/2006  | 
Authentium issued a warning against trusting free wireless access points located in airports and other public places
CipherOptics Removes Barriers
News  |  8/29/2006  | 
CipherOptics is poised to launch the industry's first 10 Gig IPsec encryption solution
When to Disclose
News  |  8/29/2006  | 
Researchers, vendors try to strike 'artful balance' between alerts and the actual patches for new bugs
Tripwire for Servers
News  |  8/29/2006  | 
Tripwire announced the latest version of Tripwire for Servers and Tripwire Manager
NextHop, AirTight Partner
News  |  8/29/2006  | 
NextHop and AirTight announced a marketing and technology partnership providing enhanced security and performance management
Nokia to Offer IPS
News  |  8/29/2006  | 
Nokia announces plans to offer Sourcefire's IPS on its portfolio of high-performance IP Security Platforms
Study: Rethink the Outsider Threat
News  |  8/28/2006  | 
DOJ data turns conventional wisdom on its head: Biggest enterprise threat is more than likely external
Metasploit Issues New Beta
News  |  8/28/2006  | 
Second beta of bug-discovery tool Metasploit 3.0 fixes Windows glitch, adds multi-host feature
Ponemon Unveils Study
News  |  8/28/2006  | 
Nearly two-thirds of security executives believe they have no way to prevent a data breach, according to the latest industry research
Oakley Intros Solution
News  |  8/28/2006  | 
Oakley Networks announced the immediate availability of CoreView, the company's network-based behavioral analysis solution
Holes Remain in SSL VPNs
News  |  8/25/2006  | 
SSL VPN products have gotten more secure in the past year, but the technology still isn't safe when users log on via third-party machines
Cisco Reports New Vulnerabilities
News  |  8/25/2006  | 
Firewalls, VPN 3000 Concentrator are at risk and in need of a fix, networking giant says
IBM Merger Gets Mixed Responses
News  |  8/24/2006  | 
Raise prices? Win more outsourced security? IBM-ISS deal leaves many wondering what Big Blue will do with its new prize
Fighting Spam With Spamalot
News  |  8/24/2006  | 
New software engages human side of spammers, dragging out correspondence and flooding them with duped messages and replies
Credit Union Taps Comodo
News  |  8/24/2006  | 
Indiana based FORUM Credit Union is deploying Comodo's S.A.F.E. solution to protect members from phishing and pharming attacks
Sophos Offers Free Tool
News  |  8/24/2006  | 
Sophos announced a new free-of-charge, standalone tool offering comprehensive rootkit detection and removal capabilities
Click Goes Your Ad Budget
News  |  8/23/2006  | 
Who's clicking on your company's Web ads? It's tough to tell the bots from prospective customers
Enterprises Still Not Sweet on Honeypots
News  |  8/23/2006  | 
Passive technology lacks preventive capability but might prove useful for tracking malicious internal activity
Debix Researches ID Theft
News  |  8/23/2006  | 
Debix announced new research showing forty percent of Fraud Alerts are not set properly
IBM Up-Ends Security Services Market
News  |  8/23/2006  | 
IBM's $1.3 billion buyout of ISS may signal large enterprises are more willing to embrace managed security services
Standard Could Unify Security Apps
News  |  8/22/2006  | 
ArcSight's proposed standards for log management, event reporting could get security apps onto the same page
Click Fraud: What IT Should Know
News  |  8/22/2006  | 
As fraud grows, more marketing execs are asking IT to ascertain who's really clicking online ads
IE Patch Created New Vulnerability
News  |  8/22/2006  | 
Patch issued earlier this month for Internet Explorer inadvertently introduced new hole
PowerPoint Trojan: Not Zero Day
News  |  8/22/2006  | 
The new PowerPoint Trojan that baffled researchers yesterday targets a known vulnerability
Intellinx, IDI Combat Threat
News  |  8/21/2006  | 
Intellinx, Information Design announced the launch of a campaign to promote the Intellinx solution for insider threat protection
RedSeal Intros Appliance
News  |  8/21/2006  | 
RedSeal Systems announced the general availability of its Security Risk Manager 3000 (SRM 3000) appliance
Startup Promises Critical-Site Analysis
News  |  8/21/2006  | 
New consulting firm will help 'national security-critical' sites evaluate physical and logical security
BigFix Expels Spyware
News  |  8/21/2006  | 
Using BigFix's AntiPest, Miami-Dade County Public Schools have cracked down on spyware on the district's 70,000 personal computers
Mu Enhances Analyzer
News  |  8/21/2006  | 
Mu Security announced that its Mu-4000 Security Analyzer now includes comprehensive Published Vulnerability Analysis (PVA) attack capabilities
Flaws Reported in Bank of America System
News  |  8/18/2006  | 
Sestus, rival to vendor of Bank of America's SiteKey authentication system, reports vulnerabilities in the Sitekey technology
The Real Threat to the Security Industry
News  |  8/18/2006  | 
Do IT departments and vendors need to inflate perception of the security threat in order to grow?
'Analog Hackers' Overlooked, Undetected
News  |  8/17/2006  | 
Many enterprises secure electronic access points but fail to see their own front doors as vulnerable
How Much Does a Hack Cost?
News  |  8/16/2006  | 
We're thinking of a number between $100,000 and $50 million; here's how to handicap your cost per incident a little more closely
Complaint Filed in AOL Blunder
News  |  8/16/2006  | 
Electronic Frontier Foundation files complaint with the FTC over the online service's exposure of customer search information
Cox Deploys Cloudmark
News  |  8/16/2006  | 
Cox Communications has deployed the Cloudmark Authority platform to combat spam and phishing for its broadband subscribers
Anti-Virus Market Grows
News  |  8/16/2006  | 
Top selling anti-virus solutions let in 80 percent of new malicious code, while Russian vendor Kaspersky keeps out 90 percent
Startup to Challenge Botnets
News  |  8/15/2006  | 
A stealth-mode company is working on a way to detect and interrupt the formation of botnets
Cambia, NCircle Partner
News  |  8/15/2006  | 
Cambia announced that nCircle has joined its technology partner program
SecureWave, Patchlink Team
News  |  8/15/2006  | 
SecureWave, a worldwide leader in endpoint security, today announced a partnership with PatchLink Corporation
Security, the Perfect Birthday Gift
News  |  8/14/2006  | 
The PC is much more powerful than it was 25 years ago, and way more vulnerable to attack
Bridging the Patch Gap
News  |  8/14/2006  | 
With patch times stretching to a week or more, enterprises struggle to put bars on an ever smaller window of attack
DOJ Locks Down DBs
News  |  8/14/2006  | 
Application Security announced that the United States DOJ is utilizing the company's vulnerability assessment scanner
Exploits Emerge for Microsoft Vulnerability
News  |  8/14/2006  | 
MS06-040, expected to be precursor to a major worm, may instead morph into a botnet
FCU Selects Comodo
News  |  8/14/2006  | 
Apple FCU has selected Comodo's new technology, VerificationEngine to protect members from phishing and pharming attacks
Anchiva Announces Program
News  |  8/14/2006  | 
Anchiva Systems announced its sales program for value added solution providers in North America
Page 1 / 2   >   >>


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We need more votes, check the obituaries.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3278
PUBLISHED: 2021-01-26
Local Service Search Engine Management System 1.0 has a vulnerability through authentication bypass using SQL injection . Using this vulnerability, an attacker can bypass the login page.
CVE-2021-3285
PUBLISHED: 2021-01-26
jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS.
CVE-2021-3286
PUBLISHED: 2021-01-26
SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. NOTE: this issue exists because of an incomplete fix for CVE-2020-35545.
CVE-2021-3291
PUBLISHED: 2021-01-26
Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command.
CVE-2021-3297
PUBLISHED: 2021-01-26
On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.