Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Vulnerabilities / Threats posted in September 2007
<<   <   Page 2 / 3   >   >>
Sophos Warns Users to Patch Bug
News  |  9/19/2007  | 
Network Access Control helps companies gain visibility and control over unpatched PCs
Bit9 Adds Whitelisting to Parity
News  |  9/19/2007  | 
Bit9 enables superior endpoint protection platform with the launch of Parity 4.0
New Attacks Target Top Executives
News  |  9/18/2007  | 
Trojan-style attack designed to fool CXOs into downloading data-sucking malware, researcher says
Rethinking Vulnerabilities
News  |  9/18/2007  | 
In an increasingly networked world, it's time to take a closer look at distributed systems security
CITTIO, eIQnetworks Partner
News  |  9/18/2007  | 
CITTIO partners with eIQnetworks to add security and compliance capabilities to its network and systems monitoring platform
Maynor Releases Apple Wireless Bug Code
News  |  9/18/2007  | 
Over a year after the Apple wireless flap, researcher David Maynor publishes a paper with proof-of-concept of the controversial hack
BigFix Fixes Mid-Sized Security
News  |  9/18/2007  | 
BigFix announces availability of BigFix EndPoint Defender
Lawsuit Raises Questions on TD Ameritrade Breach
News  |  9/17/2007  | 
May class action suit suggests brokerage firm knew about breach as far back as November but didn't disclose it
First on the Scene
News  |  9/17/2007  | 
Making sure your 'first responders' are trained to properly handle a data breach is key to preserving evidence
nCircle Expands Discovery Capabilities
News  |  9/17/2007  | 
nCircle expands discovery capabilities to provide industry's broadest and deepest intelligence on enterprise networks
IBM X-Force Report: Exploit-Leasing Popular
News  |  9/17/2007  | 
Exploit leasing surfaces from underground, trojans become most popular malware
Spam Likely to Hit TD Ameritrade Victims
News  |  9/17/2007  | 
Sophos is warning the TD Ameritrade's customers to be on red alert against targeted spam emails
Report: Attacks on ISP Nets Intensifying
News  |  9/17/2007  | 
Gigabit-speed sustained attacks on the rise, and botnets are now the number one threat to ISP backbones
For Sale on EBay: Your Data
Quick Hits  |  9/17/2007  | 
Many companies leave sensitive data on recycled and donated hard drives, study says
Security Spending: In the Red?
News  |  9/14/2007  | 
The costs of cybercrime are increasing. Are companies budgeting enough to defend themselves?
TD Ameritrade Breach Affects 6.3M Customers
News  |  9/14/2007  | 
Brokerage firm uncovers data-sucking malware during system audit
Important Lessons We Learn From 'Star Trek'
Quick Hits  |  9/14/2007  | 
A clever techie offers a plethora of sage wisdom from Kirk, Spock, and friends - and the inspirational posters to remember it with
How to Bypass the IDS/IPS
News  |  9/14/2007  | 
'Simple Nomad' shows how bad guys can wage targeted attacks by probing, fingerprinting IDSes and IPSes
Mu Security Discovers Zero-Day Bug
News  |  9/14/2007  | 
Mu Security discovers zero-day Quagga bgpd Remote Denial of Service Vulnerability
Mobile Insecurity
News  |  9/14/2007  | 
It's just a matter of time before mobile devices fall victim to new - and major - exploits
Quantum Research Could Threaten Encryption Schemes
News  |  9/13/2007  | 
New quantum computers implement algorithm capable of cracking most current encryption codes
Security's Dirty Little Secret
News  |  9/13/2007  | 
Why you need to measure the long-term impact of security
Email Encryption Gets Easier
News  |  9/13/2007  | 
But are these new methods enough to convince enterprises to secure their messages with in-house systems - or that they even need to?
Anti-Spam Unconstitutional?
Quick Hits  |  9/13/2007  | 
Convicted spammer's attorney says Virginia's law ban of spam impinges on freedom of 'anonymous' speech
Insider Threats Increase, But Damage Is Minimal
News  |  9/12/2007  | 
Annual Computer Security Institute study says employees are the source of most incidents - but not the biggest cost
Maybe We're Not Ready for Some Football
News  |  9/12/2007  | 
The latest Storm worm come-on targets fantasy football fanatics. How should enterprises respond?
Klocwork Doubles Customer Base
News  |  9/12/2007  | 
Company doubles customer base, increases new customer revenue by more than 150%
BigFix to Enhance Platform
News  |  9/12/2007  | 
Forthcoming release 7.0 to support significant business continuity functions
Survey: Remote Worker Security Concerns
News  |  9/12/2007  | 
SonicWALL: Managers believe in motivational benefits of remote working but worry about productivity, team bonding and data security
Latest Disease in Hospitals: Identity Loss
Quick Hits  |  9/12/2007  | 
When it comes to laptop theft, medical institutions are getting a rash
BT Counterpane Launches Service
News  |  9/12/2007  | 
BT Counterpane launches enhanced managed vulnerability scan services
Trend Micro Licenses Third Brigade's Host IDS
News  |  9/12/2007  | 
Trend Micro licenses host intrusion defense technology from third brigade
Annual CSI Study: Cost of Cybercrime Is Skyrocketing
News  |  9/11/2007  | 
Average annual loss per company has more than doubled since last year, according to bellwether study
'Virtual' Vulnerabilities About to Become Reality
News  |  9/11/2007  | 
Virtualization bugs may be rare, but they are only the tip of the iceberg
Tor's Privacy Problems
News  |  9/11/2007  | 
Technology developed to protect privacy may actually threaten it
Storm Trojan: As Overexposed as Britney
Quick Hits  |  9/11/2007  | 
If your head is about to explode from so many Storm worm sightings, here's a little relief
Hacking the White House
News  |  9/10/2007  | 
War walk around the President's house exposes some interesting vulnerabilities outside the fence, but solid defenses inside
Why Honeypots Are Sweet
News  |  9/10/2007  | 
Honeypots may not be practical for the enterprise, but you can still learn a lot from them
PatchLink Unveils New Name
News  |  9/10/2007  | 
PatchLink unveils new corporate name: Lumension Security
New Advanced Terrorism Risk Analytics Tool
News  |  9/10/2007  | 
Pitney Bowes MapInfo aligns with exclusive analysis to provide advanced terrorism risk analytics
Startup Led by Ex-DHS Cyberchief Rolls Out Forensics Tool
News  |  9/10/2007  | 
NetWitness NextGen analyzes attacks, risks, and verifies compliance
PatchLink Retrenches for IPO With New Name, Products
News  |  9/10/2007  | 
Lumension Security to go head-to-head with CA, McAfee
ID Theft Research Group to Come Out of the Shadows
News  |  9/7/2007  | 
The Center for Identity Management and Information Protection is about to reveal new findings about ID thieves to US Secret Service, DOJ agency
Citrix's Security Play
News  |  9/7/2007  | 
With acquisition of XenSource, Citrix puts itself at forefront of data center virtualization - and security
Security Researcher Ptacek: Thriving on Controversy
News  |  9/6/2007  | 
Renowned security researcher Thomas Ptacek has a knack for keeping it 'real' - and stirring the pot
BitDefender Lists Malware Top 10
News  |  9/6/2007  | 
BitDefender Lab's Top 10 Malware Chart for August reveals the infamous 'storm' worm is back with a vengeance
Creating Antibiotic-Resistant 'Superbots'
Quick Hits  |  9/6/2007  | 
Internet guru contends that quick-fix botnet kills only help botnet operators survive
Microsoft Security Staffer Launches 'Insider' Blog
News  |  9/5/2007  | 
New indie blog by Microsoftie boasts company's internal hacker expertise - but is the site already dead in the water?
Exploit Prevalence Survey Released
News  |  9/5/2007  | 
Engineering attacks on the rise with fake codecs and storm botnet spam
Telemarketers Nailed for Fraud
News  |  9/5/2007  | 
Company rooked thousands of businesses into paying for directories they never ordered, FTC says
<<   <   Page 2 / 3   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41617
PUBLISHED: 2021-09-26
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with gro...
CVE-2021-3830
PUBLISHED: 2021-09-26
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/&lt;id&gt;.html allows authenticated attackers to delete all users.