Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in November 2006
New Threats Loom for 2007
News  |  11/30/2006  | 
Password-stealing sites, video malware, and a parasitic comeback top McAfee's list of predicted threats for new year
Banking on Security
News  |  11/29/2006  | 
No tellers were harmed, no cash was removed... This social engineer was after logins and passwords
Data That Doesn't Drip... Drip... Drip...
News  |  11/20/2006  | 
With mobile users and an increase in targeted attacks, it's time to reassess your risk of data seepage
The 10 Most Dangerous Things Users Do Online
News  |  11/17/2006  | 
If your end users only knew how much damage they could cause when they - well, maybe you should send them this article
Ex-IT Chief Busted for Hacking
News  |  11/16/2006  | 
Could former security-privileged employees be targeting your environment as well?
Jury's Out on Email Scrutiny
News  |  11/15/2006  | 
Securities firms claim email surveillance lets them better stay on top of risk exposure, but is it really that effective?
Malware, by the Script
News  |  11/7/2006  | 
Malicious scripts are yet another danger for Web apps, namely Web 2.0-based ones
Attention, Online Shoppers: Where R U?
News  |  11/7/2006  | 
Security worries are slowing online shopping and banking, but consumers should be afraid of that POS instead, Gartner says
NAC-in-the-Box, Jump Up
News  |  11/6/2006  | 
Vernier, ConSentry launch improvements to their Network Access Control appliances
Anti-Spam's United Nations
News  |  11/3/2006  | 
StopSpam Alliance aims to bring regional anti-spam efforts together
Malware Pair Boosts Bots
News  |  11/2/2006  | 
The infamous Warezov/Stration and SpamThru are behind the latest mega-surge in spam and botnet activity, according to MessageLabs
Built-in Headaches
News  |  11/1/2006  | 
PC hardware vendors are building security capabilities into their systems, but those features may present compatibility problems for IT
When a Picture Paints a Thousand SSNs
News  |  11/1/2006  | 
As forensics investigators breathe down their necks, data thieves are getting more creative in hiding their booty


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd