Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Database Security posted in December 2012
Don't Throw Away Your DAM Money
News  |  12/27/2012  | 
Make the most out of database activity monitoring through better tuning
Making Database Security Your No. 1 2013 Resolution
News  |  12/20/2012  | 
How database-centric practices would change your security strategy and risk profile in the coming year
Encryption Shortfalls Plague Healthcare Industry
News  |  12/18/2012  | 
Health Information Management and Systems Society report focuses on securing personal patient data, which providers must address in Meaningful Use Stage 2.
The Biggest Hacker Busts Of 2012
News  |  12/13/2012  | 
No love for Lulz as cops crack down on cybercrooks
Don't Get 'Ha-Duped' By Big Data Security Products
Commentary  |  12/12/2012  | 
Some Big Data security recommendations
Hackers Hold Australian Medical Records Ransom
News  |  12/11/2012  | 
With no offline backups available, Australian medical center must choose: pay $4,200 ransom or attempt to do business without patient records.
What Is Big Data?
Commentary  |  12/7/2012  | 
Big data is not about buying more big iron
Patient Data Breaches: Future Looks Grim
News  |  12/6/2012  | 
Inadequate security funding, tools and expertise could cost healthcare industry billions of dollars annually, finds Ponemon/ID Expert's third annual study.
Royal Security Fail: 'May I Speak To Kate?'
Commentary  |  12/6/2012  | 
The oldest -- and most effective -- social engineering trick in the book remains getting on the phone and impersonating an insider. Ask Kate Middleton, the Duchess of Cambridge.
5 Steps For Good Database Hygiene
News  |  12/5/2012  | 
Reduce risk to data through these database and Web app good 'grooming' habits


When It Comes To Security Tools, More Isn't More
Lamont Orange, Chief Information Security Officer at Netskope,  1/11/2021
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22166
PUBLISHED: 2021-01-15
An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method
CVE-2021-22167
PUBLISHED: 2021-01-15
An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page allows attacker to have a temporary read access to the private repository
CVE-2021-22168
PUBLISHED: 2021-01-15
A regular expression denial of service issue has been discovered in NuGet API affecting all versions of GitLab starting from version 12.8.
CVE-2021-22171
PUBLISHED: 2021-01-15
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link
CVE-2020-26414
PUBLISHED: 2021-01-15
An issue has been discovered in GitLab affecting all versions starting from 12.4. The regex used for package names is written in a way that makes execution time have quadratic growth based on the length of the malicious input string.