More perimeter security whitepapers
Free Research and Reports
- The Language of UX: Beyond Buzzwords -
- Discover the opportunities and challenges associated with mobile retail - Mobile Commerce World - Mobile Commerce World
- Get practical information on how to develop your organization's mobile commerce application - Mobile Commerce World - Mobile Commerce World
- Delve into technologies and business issues around mobile payments and wallets - Mobile Commerce World - Mobile Commerce World
- Learn how to best integrate mobile commerce with your current systems -- Mobile Commerce World - Mobile Commerce World
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Time To Set Up That Honeypot
Securing Cisco IP Telephony
Attribution Is Much More Than A Source IP
New CA Group Has Big Names, Small Impact
How To Build An IT Security Budget
5 Approaches To Decaffeinating Java Exploits
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors.
The Flash plug-in in Google Chrome before 27.0.1453.116 does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 220.127.116.11, 5.3 before 18.104.22.168, and 5.4 through 22.214.171.124 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 126.96.36.199, 5.3 before 188.8.131.52, and 5.4 through 184.108.40.206 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.