Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in January 2007
Service Providers Team to Fight Spam
News  |  1/25/2007  | 
Messaging Anti-Abuse Working Group to collaborate against spam, botnets, and zombies
Mobile Commerce: Hackers' Next Target?
News  |  1/23/2007  | 
Tower Group says financial services industry is overlooking the prospect of mobile malware
PhishTank Looks to Expand
News  |  1/23/2007  | 
PhishTank's operators are looking for a few good developers to expand and grow the anti-phishing site
26 IRS Computer Tapes Missing
News  |  1/22/2007  | 
Taxpayer data delivered to city of Kansas City in August still has not been found, agency says
Security Startups Make Debut
News  |  1/22/2007  | 
Veracode debuts on-demand software security analysis service, and Provilla, endpoint data-leakage appliance
Data Losses Strike Three More Firms
News  |  1/19/2007  | 
Banks in Sweden and Canada join TJX, Moneygram in reporting exposure of private customer data
TJX Breach Skewers Customers, Banks
News  |  1/18/2007  | 
Many banks report thefts from hack of major retailer
Putting App Security to the Test
News  |  1/12/2007  | 
Scanning your applications for vulnerabilities and problems beforehand is best, but not the norm yet
Fake VPN Purposely Tempts Fate
News  |  1/11/2007  | 
Two attackers have fallen into the Distributed Honeynet Project's trap
Bluetooth Security Worse Than WiFi
News  |  1/10/2007  | 
Time to start taking Bluetooth security seriously, as device driver bugs and hacking tools abound
Untying the Bot Knot
News  |  1/8/2007  | 
How to tell if your machine is moonlighting on a botnet, the dangers that presents, and what you can (and can't) do about it
Banking on Multifactor Authentication
News  |  1/5/2007  | 
Desert Schools Federal Credit Union is banking on multifactor authentication
Botnets Don Invisibility Cloaks
News  |  1/4/2007  | 
Botnet operators move their communications to the Web to cover their tracks
Users Put Their HIPS Into IT
News  |  1/4/2007  | 
Host intrusion prevention tools playing a larger role in end point security, report says
New Hacking Tools Bite Bluetooth
News  |  1/3/2007  | 
Researchers have released two Bluetooth hacking tools that let an attacker control a victim's machine
Feds Host Encryption Bakeoff
News  |  1/2/2007  | 
Vendors seek contract award for encryption of all government-owned laptops


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd