Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in January 2012
Silent Authentication
Commentary  |  1/29/2012  | 
Authenticating users without explicit login
The Value Of Device Authentication
Commentary  |  1/29/2012  | 
'Fingerprinting' evolving to protect device IDs
The Mechanics Of Breach Notification
Commentary  |  1/27/2012  | 
Organizations need to know what constitutes a breach of identity data according to state laws and how to respond
Looking Over The RIM And Into The Chasm
Commentary  |  1/25/2012  | 
What security folks need to learn from RIM's stunning downfall
Judge Rules In Favor Of Decryption
News  |  1/24/2012  | 
A woman accused of real-estate fraud must turn in unencrypted copy of a hard drive, despite Fifth Amendment protest
IP D-Day: Major Providers, Vendors To Go IPv6 June 6
News  |  1/24/2012  | 
IPv6 implementations 'scrutinized' for security issues so no panic necessary, experts say amid concerns of as-yet undiscovered bugs
Breach Notification: Know The Rules
Commentary  |  1/20/2012  | 
State and federal laws require notification when a breach of protected information occurs. You need to know which laws apply and how to comply
I Left My Data In El Segundo
Commentary  |  1/18/2012  | 
Data is the new bit of lost clothing you left behind on that road trip -- and two-factor authentication VPN is the way to go mobile
A Firsthand Piracy Experience
Commentary  |  1/18/2012  | 
Limited government support of intellectual property helps, but not the strong protections in SOPA/PIPA
How To Monitor Employees Without Being A Perv
Commentary  |  1/15/2012  | 
While we need to monitor our employees to protect organization secrets, there's no need to turn the workplace into a bad episode of Big Brother
Identity Versus Authentication
Commentary  |  1/12/2012  | 
Distinguishing between identity and authentication
2012 Will Be The Year Of The...
Commentary  |  1/11/2012  | 
After a rough 2011 for many large organizations, here's a look at what the world of advanced threats will bring in 2012
How To Prevent An Illicit Data Dump
News  |  1/11/2012  | 
Organizations can be ruined with a single, WikiLeaks-style data compromise. How can you prevent your enterprise from being one of them? Here are a few tips
Partner Management 3: How To Assess Prospective Partners
Commentary  |  1/7/2012  | 
Regulations require organizations to periodically assess security and compliance practices; the key is to understand how to do so effectively -- without breaking the bank


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd