1.SQL Slammer Researcher David Litchfield presents findings at Black Hat one week after Microsoft issues its SQL patch. Slammer worm that exploits that flaw dramatically slows Internet traffic in 2003.
2. Windows Plug and Play Internet Security Systems researchers in April 2005 discover Windows vulnerability that lets attacker take control of affected systems and remotely execute code. By August, Zotob worm exploits it.
3. Cisco IOS heap overflow Former ISS researcher Michael Lynn in July 2005 shows hackers could take control of a company's network. Cisco had issued a patch in April, but it still sues Lynn over the speech. The suit is later dropped.
4. Windows Metafile Researcher H.D. Moore and others post exploit code of this flaw in January, and researcher Ilfak Guilfanov writes unauthorized workaround. This prompts Microsoft to issue a patch five days ahead of schedule.
5. Oracle transparent data encryption Red-Database-Security researcher Alexander Kornbrust reports vulnerability in January 2006; Oracle patches it the same month.
6. Oracle PLSQL gateway Litchfield in January shows Black Hat attendees a vulnerability in Oracle's Procedural Language extension to SQL. Oracle has yet to patch.
7. Apple Mac iChat An unknown person posts on MacRumors.com an external link to the OSX/Leap.a Trojan on Feb. 13, 2006, the first virus for the Apple Mac OSX platform.
8. Internet ExplorercreateTextRange() Researcher Andreas Sandblad discovers flaw in March that lets hackers install malwarelike keystroke loggers. eEye Digital Security issues a patch.
9. Internet Explorer HTA files Dutch researcher Jeffrey van der Stad in March alerts Microsoft to problem with how IE processes HTML apps. Van der Stad pares back information about the bug on his Web site when Microsoft complains.
10. Sendmail SMTP server software ISS in March finds vulnerability in this popular Internet E-mail transfer agent. Sendmail issues patch immediately.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.