Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in September 2006
Page 1 / 2   >   >>
Splunk, WildPackets Integrate
News  |  9/29/2006  | 
WildPackets announced integration between the WildPackets OmniAnalysis Platform and the Splunk Server
Six Charged in AOL Phishing Scam
News  |  9/28/2006  | 
Department of Justice alleges fraud conspiracy by attackers in Connecticut
eEye Offers Free IPS Client
News  |  9/28/2006  | 
eEye Digital Security has quietly begun distributing a free Blink home version, which also lets the company gather attack data
Deconstructing Vista
News  |  9/28/2006  | 
A battle is forming over what security capabilities Microsoft's new operating system should have, but Microsoft should ultimately be allowed to make that call
Symantec Intros Mail Security
News  |  9/28/2006  | 
Symantec announced Symantec Mail Security with Premium AntiSpam for Windows Small Business Server
IT Pros Wrestle With Ethics
News  |  9/27/2006  | 
Preliminary results of Dark Reading's survey show that the rules aren't always well-defined, or followed, in the data center
Two Vendors Deny XSS Flaws
News  |  9/27/2006  | 
Despite last week's hacker postings, Acunetix and F5 say their Websites don't have XSS vulnerabilities
MarkMonitor Extends Trust Guard
News  |  9/27/2006  | 
MarkMonitor announced the availability of Trust Guard for Financial Services
Sophos Intros Solutions
News  |  9/27/2006  | 
Sophos launched new Application Control features that allow system admins to selectively block unauthorized VOIP, P2P, IM applications
Six Hot Security Products
News  |  9/26/2006  | 
All security products are hot these days, but here are six that could fry an egg - or maybe a hacker
Spammers Attack IT
News  |  9/26/2006  | 
A new wave of spam attacks uses 'IT-speak' to escape filters and fool data center staff
Cybertrust Touts Program
News  |  9/26/2006  | 
Cybertrust announced the launch of its Partner Security Program
Hackers Target Consumers
News  |  9/25/2006  | 
Two new studies show consumers still clueless about computer security, and hungry attackers putting them high on the menu
ISPs Needed in Botnet Battle
News  |  9/25/2006  | 
More botnet-fighting tools and services are emerging for ISPs, but critics say ISPs have stayed on the fence too long
Agnitum Reports on 4.0
News  |  9/25/2006  | 
Over 50,000 computer users from around the world have downloaded the release candidate of Outpost Firewall Pro 4.0
Trend Micro Adds Protection
News  |  9/25/2006  | 
Trend Micro announced its next milestone in content security innovation with the release of InterCloud Security Service
Endeavor Sweetens the Honeynet
News  |  9/22/2006  | 
Security service creates signatures for IDS/IPS vendors as well as honeypot outsourcing option for enterprises
ZERT Issues 'Stopgap' IE Patch
News  |  9/22/2006  | 
Nonprofit group steps in as latest Internet Explorer attack spreads and users await Microsoft's official patch
EPL Uncovers Malice
News  |  9/22/2006  | 
Thousands in Australia affected, malicious eGreetings now being spammed to inboxes around the world
Most Popular Trojans
News  |  9/21/2006  | 
Banker, Downloader are most common, but the spam-borne malware is getting more prolific, targeted, and profitable
Hackers Reveal Vulnerable Websites
News  |  9/21/2006  | 
Hackers are posting XSS flaws in the Websites of some high-profile organizations
Banking On Security
News  |  9/21/2006  | 
While waiting for Madison Ave. to make authentication sexy, banks have a bigger problem with security consciousness in their business units
Arxceo Awarded Patent
News  |  9/20/2006  | 
Arxceo has been awarded a crucial US patent
In Other Words, Lying
News  |  9/20/2006  | 
It's an easy hop, skip, and jump from phone phreaking to social engineering and pretexting
Symantec, Dell Team on Secure Email
News  |  9/20/2006  | 
Offering includes email security, backup, recovery, and archiving for midsized Microsoft Exchange environments
SecureWorks & Lurhq Make It Official
News  |  9/20/2006  | 
SecureWorks and Lurhq confirmed merger rumors today, announcing a marriage that combines external IPS with internal log monitoring
Visa Outlines Credit Card Risks
News  |  9/19/2006  | 
Visa, US Chamber of Commerce list top five causes of credit card data breaches
eEye Appoints New Execs
News  |  9/18/2006  | 
eEye Digital Security names new CEO and CTO; appoints security industry veteran as sales VP
New Worm Targets AOL
News  |  9/18/2006  | 
FaceTime Security Labs identified and reported a new worm known as W32.pipeline that is propagating over AOL Instant Messenger
What's Wrong With Google?
News  |  9/18/2006  | 
New vulnerability in its Public Search Service is the latest in a series of security headaches for Google
Savant Launches Product
News  |  9/18/2006  | 
Savant Protection announces the launch of its enterprise security product Savant
V.i. Intros 2.0
News  |  9/18/2006  | 
V.i. Laboratories announced today the general availability of CodeArmor version 2.0
A New Way to Beat Spam?
News  |  9/15/2006  | 
Georgia Tech researchers say they can detect spam at network level, bypassing spotty content-filtering schemes
Free Tool Will Help Analyze Attacks
News  |  9/15/2006  | 
The HoneyNet Project is working on a free tool that parses and analyzes honeypot data to help organizations plan their IT defenses
Security's Silent War
News  |  9/15/2006  | 
Most targeted attacks come from groups of organized criminals, but we know little about them. So how do we solve the security crime problem?
Mozilla Patches RSA Crypto Flaw
News  |  9/15/2006  | 
Mozilla is the first big-name developer to go public with vulnerabilities to the recent flaw in RSA crypto implementations
Biz Giants Form Fraud Standards Group
News  |  9/14/2006  | 
American National Standards Institute, Better Business Bureau to fight identity theft and fraud
Banks Launch Authentication Project
News  |  9/14/2006  | 
The Financial Services Technology Consortium builds testbed for authenticating bank Websites and emails
Cross-Site Scripting: Attackers' New Favorite Flaw
News  |  9/14/2006  | 
XSS has surpassed buffer overflow as the main software weakness attackers target, according to new findings from Mitre
HP's School of Hard Knocks
News  |  9/13/2006  | 
Hewlett-Packard's recent media leak scandal cost several execs their jobs. What can enterprises, and IT departments, learn from the mess?
Study: Browsers Are Chief Virus Carrier
News  |  9/13/2006  | 
A new IDC study finds browsing of unknown Websites is more likely to cause the spread of viruses and worms than email attachments
Putting Security in the Bank
News  |  9/13/2006  | 
Under regulatory and threat pressures, financial institutions look for ways to fund, and market, security
IBM's Security Answer: Tape It Up
News  |  9/12/2006  | 
New tape drive system automatically encrypts all data, foiling would-be hackers and careless handlers, Big Blue says
Microsoft Patches Its Patches
News  |  9/12/2006  | 
Microsoft released patches for Publisher and two Windows vulnerabilites plus re-patched an Internet Explorer patch
Beyond Security Intros 2.0
News  |  9/12/2006  | 
Beyond Security announced the latest version of its security analysis solution, beSTORM 2.0
Symantec & Juniper Join Forces
News  |  9/12/2006  | 
Symantec and Juniper Networks partner, but experts are skeptical about its impact
Proofpoint Intros App
News  |  9/12/2006  | 
Proofpoint introduced the industry's first virtual appliance for enterprise messaging security
Sipera Intros 510
News  |  9/12/2006  | 
Sipera Systems debuted the Sipera IPCS 510, a comprehensive, real-time security system to protect IMS and UMA networks
VASCO Intros Services
News  |  9/12/2006  | 
VASCO announced that it has launched its Fraud Detection & Analysis Module
Cybertrust Conducts Survey
News  |  9/12/2006  | 
Cybertrust, the global information security specialist, releases new security survey
Page 1 / 2   >   >>


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We need more votes, check the obituaries.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4889
PUBLISHED: 2021-01-26
IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.
CVE-2020-4949
PUBLISHED: 2021-01-26
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.
CVE-2021-21275
PUBLISHED: 2021-01-25
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...
CVE-2021-21272
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...