Products and Releases

Content posted in December 2014
Onapsis Research Labs Delivers 2014 SAP Security Advisories Trend Analysis with Almost Half Classified as High priority
Products and Releases  |  12/29/2014  | 
Business-critical application security experts deliver 2014 SAP security trend analysis and find 7% increase over 2013 with 46% of vulnerabilities high priority including HeartBleed, Shellshock, Poodle and Zombie Zero
Pulse Secure Simplifies Secure Device Onboarding and Compliance for BYOD
Products and Releases  |  12/22/2014  | 
New Capabilities of Connect Secure and Policy Secure Will Enhance End-User Experience and Expand Compliance Options
WatchGuard Uncovers Guest Network Security Lapses
Products and Releases  |  12/18/2014  | 
71% of global hotels, restaurants and other hospitality organizations jeopardize customers with inadequate security controls
IOActive Expands Vehicle Security Service Practice
Products and Releases  |  12/17/2014  | 
Vehicle security researcher Charlie Miller joins IOActive Advisory Board
Onapsis uncovers two new critical business application vulnerabilities in SAP BASIS and SAP BusinessObjects
Products and Releases  |  12/17/2014  | 
High-profile risk threats identified by Onapsis Research Labs experts reveals that unauthorized users could access business-critical applications leveraging SAP BusinessObjects
Esentire Releases Cybersecurity Documentation Framework Featuring Infosec Policy, Incident Response Guidance
Products and Releases  |  12/17/2014  | 
Culled from years of industry expertise, this Information Security Policy Framework provides Registered Investment Advisors the means to proactively document and manage their defense posture while responding to due diligence and regulatory requirements.
Rapid7 Announces Additional Funding
Products and Releases  |  12/17/2014  | 
$30 Million Investment to Accelerate Growth and Strong Traction of New Security Data Analytics and Strategic Services Offerings
Entrust Datacard Adds Website Security Capabilities For SSL
Products and Releases  |  12/17/2014  | 
SSL Technology Bundle Utilizes SiteLock Website Security Services to Protect Against Malicious Online Attacks and Create Multiple Levels of Protection
Lastline Adds OS X Support and Unlimited 10 Gbps Sensors in 6.0 Release of Its Breach Detection Platform
Products and Releases  |  12/16/2014  | 
Lastline Next-Generation Sandboxing, Threat Intelligence and Breach Event Correlation Engineered to Handle 20x Increase in Evasive Malware
Lancope Unveils Newly Enhanced, World-Class Customer Success Organization to Help Drive Lean-Forward Cyber Security
Products and Releases  |  12/16/2014  | 
Company has increased its investment in customer success by 150 percent this year
Trend Micro Announces Strategic OEM Agreement with HP
Products and Releases  |  12/16/2014  | 
HP TippingPoint Advanced Threat Appliance family includes Trend Micro Deep Discovery for breach detection
Breaking News From KnowBe4: Two New Ransomware Strains
Products and Releases  |  12/15/2014  | 
KnowBe4 CEO Stu Sjouwerman issued a warning today of two new strains of ransomware that have been discovered, giving IT security a heads up on how to spot and handle
Norse Discovers Buffer Overflow Vulnerability In FreeBSD
Products and Releases  |  12/11/2014  | 
NCC Group to Open Trust Domain For Registration
Products and Releases  |  12/11/2014  | 
Denim Group Enhances ThreadFix to Deepen Application Vulnerability Management and Remediation Capabilities
Products and Releases  |  12/10/2014  | 
December 9 Webinar will Demonstrate Latest ThreadFix Features and Detail Practical Steps for Accelerating Application Security Programs
Vectra Networks Launches Industrys First Real-Time Detection Platform that Protects against Insider and Targeted Threats
Products and Releases  |  12/10/2014  | 
Organizations Can Now Leverage Unique Combination of Community Threat Analysis and Real-Time Indicators of Attack for Comprehensive Insight into Insider and Targeted Threats
Imperva Expands Protection Against Distributed Denial of Service Attacks
Products and Releases  |  12/10/2014  | 
New DDoS Services Add Infrastructure Protection and Name Server Protection to DDoS Capabilities
Box Advances Enterprise Security with Box Trust
Products and Releases  |  12/9/2014  | 
Symantec, Splunk, Palo Alto Networks, Sumo Logic and OpenDNS Join Ecosystem of Leading Security Partners
TraceSecurity and Rapid7 Partner to Add Value for Shared Customer Base
Products and Releases  |  12/9/2014  | 
Relationship Delivers Seamless Integration between TraceCSO and Nexpose Vulnerability Management Software
82% of Companies Attacked Online In 2014: Malwarebytes Research
Products and Releases  |  12/9/2014  | 
Research reveals browser vulnerabilities present companies with the biggest endpoint challenge heading into 2015.
McAfee Labs Report Previews 2015 Developments in Exploits and Evasion
Products and Releases  |  12/8/2014  | 
McAfee Labs Dubs 2014 Year of Shaken Trust; Predicts 2015 Trends in Internet Trust Exploits, Privacy, Mobile, Internet of Things, and Cyber Espionage
Denim Group Enhances ThreadFix to Deepen Application Vulnerability Management and Remediation Capabilities
Products and Releases  |  12/8/2014  | 
December 9 Webinar will Demonstrate Latest ThreadFix Features and Detail Practical Steps for Accelerating Application Security Programs
TrustPipe Rolls Out Marker-Based Security Technology
Products and Releases  |  12/8/2014  | 
Blue Coat Names Michael Fey President and COO
Products and Releases  |  12/4/2014  | 
Feys Expertise Positions Blue Coat to Drive Continued Growth Towards $1B Revenue in the Security Market
Merchant Financial Cyber Partnership Announces Next Steps for Securing the Payments System
Products and Releases  |  12/4/2014  | 
Partnership sends letter to Congress outlining cybersecurity information sharing legislation principles
Shortcomings Identified Among Security Vendors in Latest Evaluation of Advanced Threat Solutions
Products and Releases  |  12/4/2014  | 
FireEye Outperforms Mainstream Security Providers in New Advanced Malware Test.
National Health ISAC Offers Industry Threat Intelligence Platform
Products and Releases  |  12/4/2014  | 
Healthcare Industry Promotes Collaboration and Information Sharing to Take Lead in Fighting Online Threats
Array Networks Announces Mobile Client for Integrating SSL VPN Secure Access and Mobile Application Management
Products and Releases  |  12/4/2014  | 
New MotionPro app enables secure access from tablets and smart phones and streamlines management of native, Web and remote desktop applications.
37 Percent of Holiday Transactions Made from Mobile Devices
Products and Releases  |  12/2/2014  | 
Company also reveals 0.29 percent of retail online holiday transactions were fraudulent


13 Russians Indicted for Massive Operation to Sway US Election
Kelly Sheridan, Associate Editor, Dark Reading,  2/16/2018
From DevOps to DevSecOps: Structuring Communication for Better Security
Robert Hawk, Privacy & Security Lead at xMatters,  2/15/2018
Air Force Awards $12,500 for One Bug
Dark Reading Staff 2/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.