Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in August 2006
Page 1 / 2   >   >>
IPS Technology: Ready for Overhaul
News  |  8/31/2006  | 
Its current limitations might be frustrating, but IPS technology will evolve into smarter, more integrated security solution
Wireless Piggybackers Put on Notice
News  |  8/30/2006  | 
New California law encourages users to lock up WLANs, setting the stage for criminal action against hackers and piggybackers
Hacking Home WLANs
News  |  8/30/2006  | 
Don't forget to lock down your users' home WLANs
How Identity Theft Works
News  |  8/30/2006  | 
Ever wonder how hard it is to steal a person's identity? We did it in this penetration test, and we were surprised at just how easy it is
Top 10 Reasons Security Products Don't Work
News  |  8/29/2006  | 
Once users and vendors get past the finger-pointing, there's a lot they can do together to improve enterprise security
Authentium Warns
News  |  8/29/2006  | 
Authentium issued a warning against trusting free wireless access points located in airports and other public places
CipherOptics Removes Barriers
News  |  8/29/2006  | 
CipherOptics is poised to launch the industry's first 10 Gig IPsec encryption solution
When to Disclose
News  |  8/29/2006  | 
Researchers, vendors try to strike 'artful balance' between alerts and the actual patches for new bugs
Tripwire for Servers
News  |  8/29/2006  | 
Tripwire announced the latest version of Tripwire for Servers and Tripwire Manager
NextHop, AirTight Partner
News  |  8/29/2006  | 
NextHop and AirTight announced a marketing and technology partnership providing enhanced security and performance management
Nokia to Offer IPS
News  |  8/29/2006  | 
Nokia announces plans to offer Sourcefire's IPS on its portfolio of high-performance IP Security Platforms
Study: Rethink the Outsider Threat
News  |  8/28/2006  | 
DOJ data turns conventional wisdom on its head: Biggest enterprise threat is more than likely external
Metasploit Issues New Beta
News  |  8/28/2006  | 
Second beta of bug-discovery tool Metasploit 3.0 fixes Windows glitch, adds multi-host feature
Ponemon Unveils Study
News  |  8/28/2006  | 
Nearly two-thirds of security executives believe they have no way to prevent a data breach, according to the latest industry research
Oakley Intros Solution
News  |  8/28/2006  | 
Oakley Networks announced the immediate availability of CoreView, the company's network-based behavioral analysis solution
Holes Remain in SSL VPNs
News  |  8/25/2006  | 
SSL VPN products have gotten more secure in the past year, but the technology still isn't safe when users log on via third-party machines
Cisco Reports New Vulnerabilities
News  |  8/25/2006  | 
Firewalls, VPN 3000 Concentrator are at risk and in need of a fix, networking giant says
IBM Merger Gets Mixed Responses
News  |  8/24/2006  | 
Raise prices? Win more outsourced security? IBM-ISS deal leaves many wondering what Big Blue will do with its new prize
Fighting Spam With Spamalot
News  |  8/24/2006  | 
New software engages human side of spammers, dragging out correspondence and flooding them with duped messages and replies
Credit Union Taps Comodo
News  |  8/24/2006  | 
Indiana based FORUM Credit Union is deploying Comodo's S.A.F.E. solution to protect members from phishing and pharming attacks
Sophos Offers Free Tool
News  |  8/24/2006  | 
Sophos announced a new free-of-charge, standalone tool offering comprehensive rootkit detection and removal capabilities
Click Goes Your Ad Budget
News  |  8/23/2006  | 
Who's clicking on your company's Web ads? It's tough to tell the bots from prospective customers
Enterprises Still Not Sweet on Honeypots
News  |  8/23/2006  | 
Passive technology lacks preventive capability but might prove useful for tracking malicious internal activity
Debix Researches ID Theft
News  |  8/23/2006  | 
Debix announced new research showing forty percent of Fraud Alerts are not set properly
IBM Up-Ends Security Services Market
News  |  8/23/2006  | 
IBM's $1.3 billion buyout of ISS may signal large enterprises are more willing to embrace managed security services
Standard Could Unify Security Apps
News  |  8/22/2006  | 
ArcSight's proposed standards for log management, event reporting could get security apps onto the same page
Click Fraud: What IT Should Know
News  |  8/22/2006  | 
As fraud grows, more marketing execs are asking IT to ascertain who's really clicking online ads
IE Patch Created New Vulnerability
News  |  8/22/2006  | 
Patch issued earlier this month for Internet Explorer inadvertently introduced new hole
PowerPoint Trojan: Not Zero Day
News  |  8/22/2006  | 
The new PowerPoint Trojan that baffled researchers yesterday targets a known vulnerability
Intellinx, IDI Combat Threat
News  |  8/21/2006  | 
Intellinx, Information Design announced the launch of a campaign to promote the Intellinx solution for insider threat protection
RedSeal Intros Appliance
News  |  8/21/2006  | 
RedSeal Systems announced the general availability of its Security Risk Manager 3000 (SRM 3000) appliance
Startup Promises Critical-Site Analysis
News  |  8/21/2006  | 
New consulting firm will help 'national security-critical' sites evaluate physical and logical security
BigFix Expels Spyware
News  |  8/21/2006  | 
Using BigFix's AntiPest, Miami-Dade County Public Schools have cracked down on spyware on the district's 70,000 personal computers
Mu Enhances Analyzer
News  |  8/21/2006  | 
Mu Security announced that its Mu-4000 Security Analyzer now includes comprehensive Published Vulnerability Analysis (PVA) attack capabilities
Flaws Reported in Bank of America System
News  |  8/18/2006  | 
Sestus, rival to vendor of Bank of America's SiteKey authentication system, reports vulnerabilities in the Sitekey technology
The Real Threat to the Security Industry
News  |  8/18/2006  | 
Do IT departments and vendors need to inflate perception of the security threat in order to grow?
'Analog Hackers' Overlooked, Undetected
News  |  8/17/2006  | 
Many enterprises secure electronic access points but fail to see their own front doors as vulnerable
How Much Does a Hack Cost?
News  |  8/16/2006  | 
We're thinking of a number between $100,000 and $50 million; here's how to handicap your cost per incident a little more closely
Complaint Filed in AOL Blunder
News  |  8/16/2006  | 
Electronic Frontier Foundation files complaint with the FTC over the online service's exposure of customer search information
Cox Deploys Cloudmark
News  |  8/16/2006  | 
Cox Communications has deployed the Cloudmark Authority platform to combat spam and phishing for its broadband subscribers
Anti-Virus Market Grows
News  |  8/16/2006  | 
Top selling anti-virus solutions let in 80 percent of new malicious code, while Russian vendor Kaspersky keeps out 90 percent
Startup to Challenge Botnets
News  |  8/15/2006  | 
A stealth-mode company is working on a way to detect and interrupt the formation of botnets
Cambia, NCircle Partner
News  |  8/15/2006  | 
Cambia announced that nCircle has joined its technology partner program
SecureWave, Patchlink Team
News  |  8/15/2006  | 
SecureWave, a worldwide leader in endpoint security, today announced a partnership with PatchLink Corporation
Security, the Perfect Birthday Gift
News  |  8/14/2006  | 
The PC is much more powerful than it was 25 years ago, and way more vulnerable to attack
Bridging the Patch Gap
News  |  8/14/2006  | 
With patch times stretching to a week or more, enterprises struggle to put bars on an ever smaller window of attack
DOJ Locks Down DBs
News  |  8/14/2006  | 
Application Security announced that the United States DOJ is utilizing the company's vulnerability assessment scanner
Exploits Emerge for Microsoft Vulnerability
News  |  8/14/2006  | 
MS06-040, expected to be precursor to a major worm, may instead morph into a botnet
FCU Selects Comodo
News  |  8/14/2006  | 
Apple FCU has selected Comodo's new technology, VerificationEngine to protect members from phishing and pharming attacks
Anchiva Announces Program
News  |  8/14/2006  | 
Anchiva Systems announced its sales program for value added solution providers in North America
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers
Jai Vijayan, Contributing Writer,  7/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...