Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in August 2007
<<   <   Page 2 / 3   >   >>
Researchers: Bugs Can Turn Security Tools Against Their Users
News  |  8/17/2007  | 
Parser flaws can cause defense-in-depth to backfire
Skype: We're Not Hacked
News  |  8/17/2007  | 
Massive outage caused by problems with software, not with attackers, company says
SpamRats Running Rampant on the Internet
News  |  8/17/2007  | 
Wizard IT recently launched its newest project, SpamRats.com
PDF Spam Jumps 500% in Two Weeks
News  |  8/17/2007  | 
Proofpoint MLX technology enhanced to defend against attachment-based spam as PDF spam surges by 500% in two weeks
Virtualization's Hidden Risks
News  |  8/17/2007  | 
Security is a lousy reason to virtualize your servers
Sourcefire Buys Open-Source Antivirus Project
News  |  8/17/2007  | 
ClamAV software used in UTM, Web gateway, and email gateway products
A Cautionary Tale
News  |  8/17/2007  | 
Verus saga offers some scary lessons about outsourcing and security
Phish Buyer Gets Hooked
News  |  8/16/2007  | 
Credit card forger gets seven years for making use of data he bought in an IRC forum
The New Crash-Test Dummy
News  |  8/16/2007  | 
Instilling a new 'security culture' in the hearts and minds of college students is no sure thing
Out-of-Band Dangers
News  |  8/16/2007  | 
Functions such as Webmail and FTP can introduce new risks to Web-based applications
9M Spam E-cards Sent in Last 48 Hours
News  |  8/16/2007  | 
Malicious e-card campaign accounts for 9M spam messages in last 48 hours, according to Sophos
AirTight Prevents 'MultiPot' Bug Attacks
News  |  8/16/2007  | 
AirTight Networks announced that its SpectraGuard Enterprise product detects and prevents wireless MultiPot attacks
Sentrigo Adds Oracle 8.1.7 Security
News  |  8/16/2007  | 
Sentrigo announced that its Hedgehog product now supports the final version of Oracle Database 8i, Oracle 8.1.7
Medical IT Contractor Folds After Breaches
News  |  8/15/2007  | 
Blamed for privacy breaches at five different hospitals, Verus Inc. silently closes its doors
Back to School: Backpacks, Books & Bots
News  |  8/15/2007  | 
Universities brace for increase in security breach attempts as students - and profs - return to campus
Anti-Social Networks
News  |  8/15/2007  | 
Security problems make social networking a bad habit
Avinti Warns About New Email Attack
News  |  8/15/2007  | 
Avinti has issued a security alert about a new email attack that disguises malicious code behind a seemingly harmless e-greeting
Visa Eases PCI Compliance Penalties
News  |  8/14/2007  | 
Deadlines extended, some fines may be reimbursed if merchants act quickly
Report: Web 'Mean Streets' Pervasive
News  |  8/14/2007  | 
New Honeynet Project research finds malicious Web servers in all corners of the Web, studies their behavior
A Visit to the Drive Doctor
News  |  8/14/2007  | 
At DefCon, a forensic expert offers a closer look at how to recover a crashed hard drive
The Ultimate Insider
News  |  8/14/2007  | 
Flaws in applications can lead to the compromise of your enterprise - from inside out
Acunetix Lists Web App Vulnerabilities
News  |  8/13/2007  | 
New RSS feed lists over 400 known Web application vulnerabilities discovered by Acunetix WVS to date
Browsing the Intranet Problem
News  |  8/13/2007  | 
Many intranet threats could be resolved at the browser level, but solutions will require some baking
New Tool Helps Lock Down Linux
News  |  8/13/2007  | 
Trusted Computer Solutions to launch Security Blanket for Red Hat environments
WhiteHat Expands Alliance Program
News  |  8/13/2007  | 
WhiteHat Security has expanded its alliance program by adding six new technology and consulting organizations to its partner roster
Malware Goes Mainstream
News  |  8/10/2007  | 
From lost laptops to malware markets, it's time to drop the illusion that computer crime can be stopped
Computer Crime's Unwitting Accomplices
News  |  8/10/2007  | 
Electronic 'mules' absorb the risks in online money-laundering scams, often without knowing they're doing anything wrong
ISPs Eyed in ID Theft
News  |  8/9/2007  | 
Two Korean ISPs alleged to have signed more than 7M customers up for new services without their permission
Kaspersky Establishes New Board of Directors
News  |  8/9/2007  | 
Kaspersky Lab has announced the creation of an international board of directors
Antivirus Tools Underperform When Tested in LinuxWorld 'Fight Club'
News  |  8/9/2007  | 
In LinuxWorld 'fight club,' only three antivirus tools catch all the viruses thrown at them
XeroBank Launches Anonymizing Tool Suite
News  |  8/8/2007  | 
XeroBank, formerly known as Torrify, offers up 'rubber glove' against malware and prying eyes
New Bank Practices Make Hacking Easier
News  |  8/8/2007  | 
New multifactor logon procedures actually improve attacker's chances of breaking in, expert says at DefCon
Exploits in the Fast Lane
News  |  8/8/2007  | 
New tool from Immunity promises to cut exploit development time by half
The ROI of Attack
News  |  8/8/2007  | 
Like defenders, attackers sometimes need to weigh the costs and benefits of their efforts
Assume Your Laptop Will Be Stolen
News  |  8/7/2007  | 
IT and end users should plan for the worst when it comes to portable data and computing
Study Finds Spammers' Weak Spot
News  |  8/7/2007  | 
Junk email distributors are much more vulnerable at the receiving end than at the sending end, research finds
Spammer Gets His Just Desserts
News  |  8/7/2007  | 
After sending more than a billion messages, 'Rizler' Smith receives a single sentence: 30 years
Webroot Launches Enterprise Security Products
News  |  8/7/2007  | 
Webroot Software announced the release of Webroot AntiSpyware Corporate Edition with AntiVirus
Mandiant Offers Free Software
News  |  8/7/2007  | 
Mandiant announces the release of its malware analysis software, Mandiant Red Curtain
IPLocks Releases Database Security Tool
News  |  8/7/2007  | 
IPLocks announced the latest release of IPLocks Database Security and Compliance software
Malware: Serious Business
News  |  8/6/2007  | 
At DefCon, a university researcher reveals the ins and outs of the vulnerability market
DefCon Recap
News  |  8/6/2007  | 
A recap of the 15th anniversary of DefCon and Capture the Flag
Palo Alto, SurfControl Partner
News  |  8/6/2007  | 
Palo Alto and SurfControl partner to integrate SurfControl's Web Filter URL classification database into Palo Alto's PA-4000 Series
Websense Intros Early-Warning System
News  |  8/6/2007  | 
Websense unveiled new technology that finds security attacks launched within Web 2.0 applications and delivers threat protection
The Right Way to Throw It Away
News  |  8/4/2007  | 
A look at the FTC's guidelines on how to keep (and toss) sensitive customer information
Feds Turn to Black Hats
News  |  8/3/2007  | 
Top cybercops want hackers to stop beating them and join them
The MacGyvers of Hacking
News  |  8/3/2007  | 
At Black Hat, researchers show amazing ability to take advantage of what's around them
Bugfinders, Vendors Talk Ethics
News  |  8/3/2007  | 
Black Hat panelists chat about the challenges of the researcher-vendor relationship
Analytics: Reaching Outside Security
News  |  8/2/2007  | 
Text mining, behavioral analysis may lead to better understanding of attack data, researcher says
Kaspersky Adds 'Triple Threat' Protection
News  |  8/2/2007  | 
Kaspersky Lab introduces Anti-Virus 7.0 and Internet Security 7.0
<<   <   Page 2 / 3   >   >>


Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20027
PUBLISHED: 2021-06-14
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
CVE-2021-32684
PUBLISHED: 2021-06-14
magento-scripts contains scripts and configuration used by Create Magento App, a zero-configuration tool-chain which allows one to deploy Magento 2. In versions 1.5.1 and 1.5.2, after changing the function from synchronous to asynchronous there wasn't implemented handler in the start, stop, exec, an...
CVE-2021-34693
PUBLISHED: 2021-06-14
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
CVE-2021-27887
PUBLISHED: 2021-06-14
Cross-site Scripting (XSS) vulnerability in the main dashboard of Ellipse APM versions allows an authenticated user or integrated application to inject malicious data into the application that can then be executed in a victim&acirc;&euro;&trade;s browser. This issue affects: Hitachi ABB Power Grids ...
CVE-2021-27196
PUBLISHED: 2021-06-14
Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the...