Tech Center Perimeter Security
Dark Reading's Perimeter Security Tech Center is your resource for the latest news and analysis of technologies and threats affecting enterprise networks. Written for security and IT professionals, the Perimeter Security Tech Center offers analysis on the latest developments surrounding traditional "perimeter defense" technologies, including firewalls, intrusion prevention systems and network-based defenses, as well as insight on the latest threats to enterprise networks.
Featured Commentary
-
Tim WilsonDark Reading's Seven-Year Itch
After seven years of covering the security industry, Dark Reading is just getting started.
News
-
Barracuda Tackles Botnets With Updated Web Application Firewall
Web Application Firewall, version 7.8, aimed at reducing impact of automated attack attempts from botnets
-
Ten Emerging Threats Your Company May Not Know About
Some new attacks get a lot of attention. Here's a look at 10 that haven't, but ought to be on your radar
-
Cisco Rolls Out New Secure Smart Grid Offerings
Increased security and automation solutions and services will enhance utility operations
-
Ixia Launches New Solutions For Smarter Network Assessments
Unveils Ixia RackSim, IxNetwork AppLibrary
-
Dell Security Announces NSA Series That Introduces Powerful Next-Gen Firewall
Dell SonicWALL NSA Series aimed at SMBs
More Stories
- Anonymous, LulzSec, OpUSA Plan Broad Attacks On Government Agencies, Banks On Tuesday
- 5 Ways For SMBs To Boost Security But Not Costs
- Report: DDoS Attacks Getting Bigger, Faster Than Ever
- Security Outsourcing For The Small Business
- Ten Key Steps To Success In Data Loss Prevention
By The Numbers
Priorities, Priorities
Organizations say their biggest priorities in network security are better visibility of Web traffic, raising awareness of emerging threats, and moving to the cloud.
Source: Ponemon Institute/Juniper Networks
Commentary
-
The Many Faces Of The Verizon Data Breach Investigation Report
By Tim Wilson
Verizon's annual data breach report offers volumes of data -- and even more interpretations
-
Laws Can't Save Banks From DDoS Attacks
By Mathew J. Schwartz- InformationWeek
Special to Dark ReadingA threat information-sharing bill wouldn't do much to help banks defend themselves against distributed denial-of-services (DDoS) attacks
Around the Web
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.
Tech Insight
Bugs
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
CVE-2013-3270 (vnx_control_station, celerra_control_station)
EMC VNX Control Station before 7.1.70.2 and Celerra Control Station before 6.0.70.1 have an incorrect group ownership for unspecified script files, which allows local users to gain privileges by leveraging nasadmin group membership.
CVE-2013-1014 (itunes)
Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate.
CVE-2013-1011 (itunes)
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
CVE-2013-1010 (itunes)
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
CVE-2013-1008 (itunes)
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.