Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Content by DarkReadingTim

DarkReadingTim
Member Since: March 12, 2014
Strategist
Blog Posts: 1718
Posts: 238

posted in December 2006

14 items
The Six Dirtiest Tricks of 2006
News  |  12/27/2006  | 
Dark Reading remembers six of the sneakiest exploits of the year, as rated by readers
SEC Exposes Online Fraudster
News  |  12/26/2006  | 
Estonian disguises his identity, uses stolen electronic IDs in classic 'pump and dump' scheme
Banks Ready for Compliance Deadline
News  |  12/22/2006  | 
With a week to go before the FFIEC deadline, most financial institutions are ready for multifactor authentication
IETF Trains Its Sights On NAC
News  |  12/19/2006  | 
Cisco, Juniper, Microsoft, and TCG join working group to develop protocol for endpoint security
Risk Management's New Bell Curve
News  |  12/18/2006  | 
New report from McAfee points to need for insurance-like business model for IT security
How Much Is That Exploit in the Window?
News  |  12/14/2006  | 
Researcher relays sticker prices for some of today's hottest hacks
Startup Finds Phish in Browsers
News  |  12/13/2006  | 
New company could help banks, other service providers to warn users when they've been phished
Open-Source NAC
News  |  12/11/2006  | 
PacketFence initiative offers public-domain alternative for network access control
MIME Vulnerabilities Rear Up Again
News  |  12/8/2006  | 
Years after the ubiquitous email standard was developed, researchers are still finding security flaws in it
Oracle Spurs Single Sign-On Surge
News  |  12/7/2006  | 
Venerable technology prepares for rebirth with emergence of cross-domain identity management technologies
Bull Market for Cybercriminals
News  |  12/6/2006  | 
Fraudsters add online twists to time-tested stock and securities scams
IBM Buys Into Security Compliance
News  |  12/5/2006  | 
Acquisition of Consul gives Big Blue a new weapon in match between enterprises and security auditors
Compliance Keys: Money, Monitoring
News  |  12/4/2006  | 
New study shows direct relationship between compliance success and security investment, monitoring
Hacker Cuts Swath Through US Government Computers
News  |  12/1/2006  | 
Romanian man indicted for breaking into more than 150 federal government systems, violating live NASA data


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29785
PUBLISHED: 2022-01-20
IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 203169...
CVE-2021-46061
PUBLISHED: 2022-01-20
An SQL Injection vulnerability exists in Sourcecodester Computer and Mobile Repair Shop Management system (RSMS) 1.0 via the code parameter in /rsms/ node app.
CVE-2021-44090
PUBLISHED: 2022-01-20
An SQL Injection vulnerability exists in Sourcecodester Online Reviewer System 1.0 via the password parameter.
CVE-2021-44092
PUBLISHED: 2022-01-20
An SQL Injection vulnerability exists in code-projects Pharmacy Management 1.0 via the username parameter in the administer login form.
CVE-2021-44244
PUBLISHED: 2022-01-20
An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1.0 via the username parameter in login.php.