Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in August 2007
<<   <   Page 2 / 3   >   >>
Researchers: Bugs Can Turn Security Tools Against Their Users
News  |  8/17/2007  | 
Parser flaws can cause defense-in-depth to backfire
Skype: We're Not Hacked
News  |  8/17/2007  | 
Massive outage caused by problems with software, not with attackers, company says
SpamRats Running Rampant on the Internet
News  |  8/17/2007  | 
Wizard IT recently launched its newest project, SpamRats.com
PDF Spam Jumps 500% in Two Weeks
News  |  8/17/2007  | 
Proofpoint MLX technology enhanced to defend against attachment-based spam as PDF spam surges by 500% in two weeks
Virtualization's Hidden Risks
News  |  8/17/2007  | 
Security is a lousy reason to virtualize your servers
Sourcefire Buys Open-Source Antivirus Project
News  |  8/17/2007  | 
ClamAV software used in UTM, Web gateway, and email gateway products
A Cautionary Tale
News  |  8/17/2007  | 
Verus saga offers some scary lessons about outsourcing and security
Phish Buyer Gets Hooked
News  |  8/16/2007  | 
Credit card forger gets seven years for making use of data he bought in an IRC forum
The New Crash-Test Dummy
News  |  8/16/2007  | 
Instilling a new 'security culture' in the hearts and minds of college students is no sure thing
Out-of-Band Dangers
News  |  8/16/2007  | 
Functions such as Webmail and FTP can introduce new risks to Web-based applications
9M Spam E-cards Sent in Last 48 Hours
News  |  8/16/2007  | 
Malicious e-card campaign accounts for 9M spam messages in last 48 hours, according to Sophos
AirTight Prevents 'MultiPot' Bug Attacks
News  |  8/16/2007  | 
AirTight Networks announced that its SpectraGuard Enterprise product detects and prevents wireless MultiPot attacks
Sentrigo Adds Oracle 8.1.7 Security
News  |  8/16/2007  | 
Sentrigo announced that its Hedgehog product now supports the final version of Oracle Database 8i, Oracle 8.1.7
Medical IT Contractor Folds After Breaches
News  |  8/15/2007  | 
Blamed for privacy breaches at five different hospitals, Verus Inc. silently closes its doors
Back to School: Backpacks, Books & Bots
News  |  8/15/2007  | 
Universities brace for increase in security breach attempts as students - and profs - return to campus
Anti-Social Networks
News  |  8/15/2007  | 
Security problems make social networking a bad habit
Avinti Warns About New Email Attack
News  |  8/15/2007  | 
Avinti has issued a security alert about a new email attack that disguises malicious code behind a seemingly harmless e-greeting
Visa Eases PCI Compliance Penalties
News  |  8/14/2007  | 
Deadlines extended, some fines may be reimbursed if merchants act quickly
Report: Web 'Mean Streets' Pervasive
News  |  8/14/2007  | 
New Honeynet Project research finds malicious Web servers in all corners of the Web, studies their behavior
A Visit to the Drive Doctor
News  |  8/14/2007  | 
At DefCon, a forensic expert offers a closer look at how to recover a crashed hard drive
The Ultimate Insider
News  |  8/14/2007  | 
Flaws in applications can lead to the compromise of your enterprise - from inside out
Acunetix Lists Web App Vulnerabilities
News  |  8/13/2007  | 
New RSS feed lists over 400 known Web application vulnerabilities discovered by Acunetix WVS to date
Browsing the Intranet Problem
News  |  8/13/2007  | 
Many intranet threats could be resolved at the browser level, but solutions will require some baking
New Tool Helps Lock Down Linux
News  |  8/13/2007  | 
Trusted Computer Solutions to launch Security Blanket for Red Hat environments
WhiteHat Expands Alliance Program
News  |  8/13/2007  | 
WhiteHat Security has expanded its alliance program by adding six new technology and consulting organizations to its partner roster
Malware Goes Mainstream
News  |  8/10/2007  | 
From lost laptops to malware markets, it's time to drop the illusion that computer crime can be stopped
Computer Crime's Unwitting Accomplices
News  |  8/10/2007  | 
Electronic 'mules' absorb the risks in online money-laundering scams, often without knowing they're doing anything wrong
ISPs Eyed in ID Theft
News  |  8/9/2007  | 
Two Korean ISPs alleged to have signed more than 7M customers up for new services without their permission
Kaspersky Establishes New Board of Directors
News  |  8/9/2007  | 
Kaspersky Lab has announced the creation of an international board of directors
Antivirus Tools Underperform When Tested in LinuxWorld 'Fight Club'
News  |  8/9/2007  | 
In LinuxWorld 'fight club,' only three antivirus tools catch all the viruses thrown at them
XeroBank Launches Anonymizing Tool Suite
News  |  8/8/2007  | 
XeroBank, formerly known as Torrify, offers up 'rubber glove' against malware and prying eyes
New Bank Practices Make Hacking Easier
News  |  8/8/2007  | 
New multifactor logon procedures actually improve attacker's chances of breaking in, expert says at DefCon
Exploits in the Fast Lane
News  |  8/8/2007  | 
New tool from Immunity promises to cut exploit development time by half
The ROI of Attack
News  |  8/8/2007  | 
Like defenders, attackers sometimes need to weigh the costs and benefits of their efforts
Assume Your Laptop Will Be Stolen
News  |  8/7/2007  | 
IT and end users should plan for the worst when it comes to portable data and computing
Study Finds Spammers' Weak Spot
News  |  8/7/2007  | 
Junk email distributors are much more vulnerable at the receiving end than at the sending end, research finds
Spammer Gets His Just Desserts
News  |  8/7/2007  | 
After sending more than a billion messages, 'Rizler' Smith receives a single sentence: 30 years
Webroot Launches Enterprise Security Products
News  |  8/7/2007  | 
Webroot Software announced the release of Webroot AntiSpyware Corporate Edition with AntiVirus
Mandiant Offers Free Software
News  |  8/7/2007  | 
Mandiant announces the release of its malware analysis software, Mandiant Red Curtain
IPLocks Releases Database Security Tool
News  |  8/7/2007  | 
IPLocks announced the latest release of IPLocks Database Security and Compliance software
Malware: Serious Business
News  |  8/6/2007  | 
At DefCon, a university researcher reveals the ins and outs of the vulnerability market
DefCon Recap
News  |  8/6/2007  | 
A recap of the 15th anniversary of DefCon and Capture the Flag
Palo Alto, SurfControl Partner
News  |  8/6/2007  | 
Palo Alto and SurfControl partner to integrate SurfControl's Web Filter URL classification database into Palo Alto's PA-4000 Series
Websense Intros Early-Warning System
News  |  8/6/2007  | 
Websense unveiled new technology that finds security attacks launched within Web 2.0 applications and delivers threat protection
The Right Way to Throw It Away
News  |  8/4/2007  | 
A look at the FTC's guidelines on how to keep (and toss) sensitive customer information
Feds Turn to Black Hats
News  |  8/3/2007  | 
Top cybercops want hackers to stop beating them and join them
The MacGyvers of Hacking
News  |  8/3/2007  | 
At Black Hat, researchers show amazing ability to take advantage of what's around them
Bugfinders, Vendors Talk Ethics
News  |  8/3/2007  | 
Black Hat panelists chat about the challenges of the researcher-vendor relationship
Analytics: Reaching Outside Security
News  |  8/2/2007  | 
Text mining, behavioral analysis may lead to better understanding of attack data, researcher says
Kaspersky Adds 'Triple Threat' Protection
News  |  8/2/2007  | 
Kaspersky Lab introduces Anti-Virus 7.0 and Internet Security 7.0
<<   <   Page 2 / 3   >   >>


Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23872
PUBLISHED: 2021-05-12
Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOTL interface.
CVE-2021-23891
PUBLISHED: 2021-05-12
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by impersonating a client token which could lead to the bypassing of MTP self-defense.
CVE-2021-23892
PUBLISHED: 2021-05-12
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitra...
CVE-2020-36289
PUBLISHED: 2021-05-12
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and fro...
CVE-2021-32606
PUBLISHED: 2021-05-11
In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)