Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in September 2006
Page 1 / 2   >   >>
Splunk, WildPackets Integrate
News  |  9/29/2006  | 
WildPackets announced integration between the WildPackets OmniAnalysis Platform and the Splunk Server
Six Charged in AOL Phishing Scam
News  |  9/28/2006  | 
Department of Justice alleges fraud conspiracy by attackers in Connecticut
eEye Offers Free IPS Client
News  |  9/28/2006  | 
eEye Digital Security has quietly begun distributing a free Blink home version, which also lets the company gather attack data
Deconstructing Vista
News  |  9/28/2006  | 
A battle is forming over what security capabilities Microsoft's new operating system should have, but Microsoft should ultimately be allowed to make that call
Symantec Intros Mail Security
News  |  9/28/2006  | 
Symantec announced Symantec Mail Security with Premium AntiSpam for Windows Small Business Server
IT Pros Wrestle With Ethics
News  |  9/27/2006  | 
Preliminary results of Dark Reading's survey show that the rules aren't always well-defined, or followed, in the data center
Two Vendors Deny XSS Flaws
News  |  9/27/2006  | 
Despite last week's hacker postings, Acunetix and F5 say their Websites don't have XSS vulnerabilities
MarkMonitor Extends Trust Guard
News  |  9/27/2006  | 
MarkMonitor announced the availability of Trust Guard for Financial Services
Sophos Intros Solutions
News  |  9/27/2006  | 
Sophos launched new Application Control features that allow system admins to selectively block unauthorized VOIP, P2P, IM applications
Six Hot Security Products
News  |  9/26/2006  | 
All security products are hot these days, but here are six that could fry an egg - or maybe a hacker
Spammers Attack IT
News  |  9/26/2006  | 
A new wave of spam attacks uses 'IT-speak' to escape filters and fool data center staff
Cybertrust Touts Program
News  |  9/26/2006  | 
Cybertrust announced the launch of its Partner Security Program
Hackers Target Consumers
News  |  9/25/2006  | 
Two new studies show consumers still clueless about computer security, and hungry attackers putting them high on the menu
ISPs Needed in Botnet Battle
News  |  9/25/2006  | 
More botnet-fighting tools and services are emerging for ISPs, but critics say ISPs have stayed on the fence too long
Agnitum Reports on 4.0
News  |  9/25/2006  | 
Over 50,000 computer users from around the world have downloaded the release candidate of Outpost Firewall Pro 4.0
Trend Micro Adds Protection
News  |  9/25/2006  | 
Trend Micro announced its next milestone in content security innovation with the release of InterCloud Security Service
Endeavor Sweetens the Honeynet
News  |  9/22/2006  | 
Security service creates signatures for IDS/IPS vendors as well as honeypot outsourcing option for enterprises
ZERT Issues 'Stopgap' IE Patch
News  |  9/22/2006  | 
Nonprofit group steps in as latest Internet Explorer attack spreads and users await Microsoft's official patch
EPL Uncovers Malice
News  |  9/22/2006  | 
Thousands in Australia affected, malicious eGreetings now being spammed to inboxes around the world
Most Popular Trojans
News  |  9/21/2006  | 
Banker, Downloader are most common, but the spam-borne malware is getting more prolific, targeted, and profitable
Hackers Reveal Vulnerable Websites
News  |  9/21/2006  | 
Hackers are posting XSS flaws in the Websites of some high-profile organizations
Banking On Security
News  |  9/21/2006  | 
While waiting for Madison Ave. to make authentication sexy, banks have a bigger problem with security consciousness in their business units
Arxceo Awarded Patent
News  |  9/20/2006  | 
Arxceo has been awarded a crucial US patent
In Other Words, Lying
News  |  9/20/2006  | 
It's an easy hop, skip, and jump from phone phreaking to social engineering and pretexting
Symantec, Dell Team on Secure Email
News  |  9/20/2006  | 
Offering includes email security, backup, recovery, and archiving for midsized Microsoft Exchange environments
SecureWorks & Lurhq Make It Official
News  |  9/20/2006  | 
SecureWorks and Lurhq confirmed merger rumors today, announcing a marriage that combines external IPS with internal log monitoring
Visa Outlines Credit Card Risks
News  |  9/19/2006  | 
Visa, US Chamber of Commerce list top five causes of credit card data breaches
eEye Appoints New Execs
News  |  9/18/2006  | 
eEye Digital Security names new CEO and CTO; appoints security industry veteran as sales VP
New Worm Targets AOL
News  |  9/18/2006  | 
FaceTime Security Labs identified and reported a new worm known as W32.pipeline that is propagating over AOL Instant Messenger
What's Wrong With Google?
News  |  9/18/2006  | 
New vulnerability in its Public Search Service is the latest in a series of security headaches for Google
Savant Launches Product
News  |  9/18/2006  | 
Savant Protection announces the launch of its enterprise security product Savant
V.i. Intros 2.0
News  |  9/18/2006  | 
V.i. Laboratories announced today the general availability of CodeArmor version 2.0
A New Way to Beat Spam?
News  |  9/15/2006  | 
Georgia Tech researchers say they can detect spam at network level, bypassing spotty content-filtering schemes
Free Tool Will Help Analyze Attacks
News  |  9/15/2006  | 
The HoneyNet Project is working on a free tool that parses and analyzes honeypot data to help organizations plan their IT defenses
Security's Silent War
News  |  9/15/2006  | 
Most targeted attacks come from groups of organized criminals, but we know little about them. So how do we solve the security crime problem?
Mozilla Patches RSA Crypto Flaw
News  |  9/15/2006  | 
Mozilla is the first big-name developer to go public with vulnerabilities to the recent flaw in RSA crypto implementations
Biz Giants Form Fraud Standards Group
News  |  9/14/2006  | 
American National Standards Institute, Better Business Bureau to fight identity theft and fraud
Banks Launch Authentication Project
News  |  9/14/2006  | 
The Financial Services Technology Consortium builds testbed for authenticating bank Websites and emails
Cross-Site Scripting: Attackers' New Favorite Flaw
News  |  9/14/2006  | 
XSS has surpassed buffer overflow as the main software weakness attackers target, according to new findings from Mitre
HP's School of Hard Knocks
News  |  9/13/2006  | 
Hewlett-Packard's recent media leak scandal cost several execs their jobs. What can enterprises, and IT departments, learn from the mess?
Study: Browsers Are Chief Virus Carrier
News  |  9/13/2006  | 
A new IDC study finds browsing of unknown Websites is more likely to cause the spread of viruses and worms than email attachments
Putting Security in the Bank
News  |  9/13/2006  | 
Under regulatory and threat pressures, financial institutions look for ways to fund, and market, security
IBM's Security Answer: Tape It Up
News  |  9/12/2006  | 
New tape drive system automatically encrypts all data, foiling would-be hackers and careless handlers, Big Blue says
Microsoft Patches Its Patches
News  |  9/12/2006  | 
Microsoft released patches for Publisher and two Windows vulnerabilites plus re-patched an Internet Explorer patch
Beyond Security Intros 2.0
News  |  9/12/2006  | 
Beyond Security announced the latest version of its security analysis solution, beSTORM 2.0
Symantec & Juniper Join Forces
News  |  9/12/2006  | 
Symantec and Juniper Networks partner, but experts are skeptical about its impact
Proofpoint Intros App
News  |  9/12/2006  | 
Proofpoint introduced the industry's first virtual appliance for enterprise messaging security
Sipera Intros 510
News  |  9/12/2006  | 
Sipera Systems debuted the Sipera IPCS 510, a comprehensive, real-time security system to protect IMS and UMA networks
VASCO Intros Services
News  |  9/12/2006  | 
VASCO announced that it has launched its Fraud Detection & Analysis Module
Cybertrust Conducts Survey
News  |  9/12/2006  | 
Cybertrust, the global information security specialist, releases new security survey
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Mobile App Fraud Jumped in Q1 as Attackers Pivot from Browsers
Jai Vijayan, Contributing Writer,  7/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...