Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in September 2006
Page 1 / 2   >   >>
Splunk, WildPackets Integrate
News  |  9/29/2006  | 
WildPackets announced integration between the WildPackets OmniAnalysis Platform and the Splunk Server
Six Charged in AOL Phishing Scam
News  |  9/28/2006  | 
Department of Justice alleges fraud conspiracy by attackers in Connecticut
eEye Offers Free IPS Client
News  |  9/28/2006  | 
eEye Digital Security has quietly begun distributing a free Blink home version, which also lets the company gather attack data
Deconstructing Vista
News  |  9/28/2006  | 
A battle is forming over what security capabilities Microsoft's new operating system should have, but Microsoft should ultimately be allowed to make that call
Symantec Intros Mail Security
News  |  9/28/2006  | 
Symantec announced Symantec Mail Security with Premium AntiSpam for Windows Small Business Server
IT Pros Wrestle With Ethics
News  |  9/27/2006  | 
Preliminary results of Dark Reading's survey show that the rules aren't always well-defined, or followed, in the data center
Two Vendors Deny XSS Flaws
News  |  9/27/2006  | 
Despite last week's hacker postings, Acunetix and F5 say their Websites don't have XSS vulnerabilities
MarkMonitor Extends Trust Guard
News  |  9/27/2006  | 
MarkMonitor announced the availability of Trust Guard for Financial Services
Sophos Intros Solutions
News  |  9/27/2006  | 
Sophos launched new Application Control features that allow system admins to selectively block unauthorized VOIP, P2P, IM applications
Six Hot Security Products
News  |  9/26/2006  | 
All security products are hot these days, but here are six that could fry an egg - or maybe a hacker
Spammers Attack IT
News  |  9/26/2006  | 
A new wave of spam attacks uses 'IT-speak' to escape filters and fool data center staff
Cybertrust Touts Program
News  |  9/26/2006  | 
Cybertrust announced the launch of its Partner Security Program
Hackers Target Consumers
News  |  9/25/2006  | 
Two new studies show consumers still clueless about computer security, and hungry attackers putting them high on the menu
ISPs Needed in Botnet Battle
News  |  9/25/2006  | 
More botnet-fighting tools and services are emerging for ISPs, but critics say ISPs have stayed on the fence too long
Agnitum Reports on 4.0
News  |  9/25/2006  | 
Over 50,000 computer users from around the world have downloaded the release candidate of Outpost Firewall Pro 4.0
Trend Micro Adds Protection
News  |  9/25/2006  | 
Trend Micro announced its next milestone in content security innovation with the release of InterCloud Security Service
Endeavor Sweetens the Honeynet
News  |  9/22/2006  | 
Security service creates signatures for IDS/IPS vendors as well as honeypot outsourcing option for enterprises
ZERT Issues 'Stopgap' IE Patch
News  |  9/22/2006  | 
Nonprofit group steps in as latest Internet Explorer attack spreads and users await Microsoft's official patch
EPL Uncovers Malice
News  |  9/22/2006  | 
Thousands in Australia affected, malicious eGreetings now being spammed to inboxes around the world
Most Popular Trojans
News  |  9/21/2006  | 
Banker, Downloader are most common, but the spam-borne malware is getting more prolific, targeted, and profitable
Hackers Reveal Vulnerable Websites
News  |  9/21/2006  | 
Hackers are posting XSS flaws in the Websites of some high-profile organizations
Banking On Security
News  |  9/21/2006  | 
While waiting for Madison Ave. to make authentication sexy, banks have a bigger problem with security consciousness in their business units
Arxceo Awarded Patent
News  |  9/20/2006  | 
Arxceo has been awarded a crucial US patent
In Other Words, Lying
News  |  9/20/2006  | 
It's an easy hop, skip, and jump from phone phreaking to social engineering and pretexting
Symantec, Dell Team on Secure Email
News  |  9/20/2006  | 
Offering includes email security, backup, recovery, and archiving for midsized Microsoft Exchange environments
SecureWorks & Lurhq Make It Official
News  |  9/20/2006  | 
SecureWorks and Lurhq confirmed merger rumors today, announcing a marriage that combines external IPS with internal log monitoring
Visa Outlines Credit Card Risks
News  |  9/19/2006  | 
Visa, US Chamber of Commerce list top five causes of credit card data breaches
eEye Appoints New Execs
News  |  9/18/2006  | 
eEye Digital Security names new CEO and CTO; appoints security industry veteran as sales VP
New Worm Targets AOL
News  |  9/18/2006  | 
FaceTime Security Labs identified and reported a new worm known as W32.pipeline that is propagating over AOL Instant Messenger
What's Wrong With Google?
News  |  9/18/2006  | 
New vulnerability in its Public Search Service is the latest in a series of security headaches for Google
Savant Launches Product
News  |  9/18/2006  | 
Savant Protection announces the launch of its enterprise security product Savant
V.i. Intros 2.0
News  |  9/18/2006  | 
V.i. Laboratories announced today the general availability of CodeArmor version 2.0
A New Way to Beat Spam?
News  |  9/15/2006  | 
Georgia Tech researchers say they can detect spam at network level, bypassing spotty content-filtering schemes
Free Tool Will Help Analyze Attacks
News  |  9/15/2006  | 
The HoneyNet Project is working on a free tool that parses and analyzes honeypot data to help organizations plan their IT defenses
Security's Silent War
News  |  9/15/2006  | 
Most targeted attacks come from groups of organized criminals, but we know little about them. So how do we solve the security crime problem?
Mozilla Patches RSA Crypto Flaw
News  |  9/15/2006  | 
Mozilla is the first big-name developer to go public with vulnerabilities to the recent flaw in RSA crypto implementations
Biz Giants Form Fraud Standards Group
News  |  9/14/2006  | 
American National Standards Institute, Better Business Bureau to fight identity theft and fraud
Banks Launch Authentication Project
News  |  9/14/2006  | 
The Financial Services Technology Consortium builds testbed for authenticating bank Websites and emails
Cross-Site Scripting: Attackers' New Favorite Flaw
News  |  9/14/2006  | 
XSS has surpassed buffer overflow as the main software weakness attackers target, according to new findings from Mitre
HP's School of Hard Knocks
News  |  9/13/2006  | 
Hewlett-Packard's recent media leak scandal cost several execs their jobs. What can enterprises, and IT departments, learn from the mess?
Study: Browsers Are Chief Virus Carrier
News  |  9/13/2006  | 
A new IDC study finds browsing of unknown Websites is more likely to cause the spread of viruses and worms than email attachments
Putting Security in the Bank
News  |  9/13/2006  | 
Under regulatory and threat pressures, financial institutions look for ways to fund, and market, security
IBM's Security Answer: Tape It Up
News  |  9/12/2006  | 
New tape drive system automatically encrypts all data, foiling would-be hackers and careless handlers, Big Blue says
Microsoft Patches Its Patches
News  |  9/12/2006  | 
Microsoft released patches for Publisher and two Windows vulnerabilites plus re-patched an Internet Explorer patch
Beyond Security Intros 2.0
News  |  9/12/2006  | 
Beyond Security announced the latest version of its security analysis solution, beSTORM 2.0
Symantec & Juniper Join Forces
News  |  9/12/2006  | 
Symantec and Juniper Networks partner, but experts are skeptical about its impact
Proofpoint Intros App
News  |  9/12/2006  | 
Proofpoint introduced the industry's first virtual appliance for enterprise messaging security
Sipera Intros 510
News  |  9/12/2006  | 
Sipera Systems debuted the Sipera IPCS 510, a comprehensive, real-time security system to protect IMS and UMA networks
VASCO Intros Services
News  |  9/12/2006  | 
VASCO announced that it has launched its Fraud Detection & Analysis Module
Cybertrust Conducts Survey
News  |  9/12/2006  | 
Cybertrust, the global information security specialist, releases new security survey
Page 1 / 2   >   >>


I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps,  11/19/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10854
PUBLISHED: 2019-11-22
cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.
CVE-2019-13157
PUBLISHED: 2019-11-22
nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive.
CVE-2012-2079
PUBLISHED: 2019-11-22
A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.
CVE-2019-11325
PUBLISHED: 2019-11-21
An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.
CVE-2019-18887
PUBLISHED: 2019-11-21
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.