Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in November 2010
Do Password Crackers Help Database Security?
Commentary  |  11/29/2010  | 
Password 'crackers' determine if passwords are strong or compliant with company policies, but do they improve database security?
Preventing Outsiders From Becoming Insiders
News  |  11/29/2010  | 
Physical security and employee awareness can stop in-building attacks, experts say
Taming the Beast: Preventing/Detecting Insider Threat
Commentary  |  11/27/2010  | 
While many companies deal with the problem of insider threat, there are some practical things that can be done to both prevent and detect insider threat. Always remember, prevention is ideal but detection is a must.
Thanksgiving IT Help
Commentary  |  11/23/2010  | 
Tips for helping family members secure their computers for safe internet browsing and online shopping
What About Biometrics?
Commentary  |  11/22/2010  | 
Integrating fingerprints in a standard way so that Web and enterprise applications can take advantage of them
Dark Reading Switches To New App Platform; Please Pardon Our Dust
Commentary  |  11/18/2010  | 
New PHP environment will make site more flexible -- sorry for the bumps!
Survey Provides Peek Inside Database Security Operations
Commentary  |  11/17/2010  | 
Database security budgets on the rise, 20 percent expect to suffer a data breach in the next 12 months
Encryption Adoption Rises, Mainly Thanks To Compliance
Quick Hits  |  11/16/2010  | 
New Ponemon Institute study commissioned by Symantec finds 84 percent of U.S. organizations either deploying encryption or in the process of doing so
Larry Ellison's Mistress, And Security As A Blame Game
Commentary  |  11/16/2010  | 
Focus on security, not on finger-pointing
Profiling The Evil Insider
Commentary  |  11/16/2010  | 
How to sniff out a rogue insider
When To Change Passwords
Commentary  |  11/16/2010  | 
Knowing when to change your password depends mainly on what your password is for
Cybercriminals, Insiders May Work Together To Attack Businesses
News  |  11/15/2010  | 
Gaining access and stealing data from companies is sometimes a joint effort between bad guys and employees, experts say
Tech Insight: The Basics Of Implementing DNSSEC
News  |  11/12/2010  | 
DNSSEC can help protect your organization from critical Internet threats. But how does it work? This short guide will help you get started
A True Second Factor
Commentary  |  11/9/2010  | 
I'm sure some of you remember a time when you actually used to telephone the bank to do a transaction. Do you remember all the questions they would ask to verify that you were, in fact, the account owner?
Enterprise Lessons From New ADT Home Security System
Commentary  |  11/9/2010  | 
I've run physical security groups in a variety of firms over the years -- from a small real estate firm to a large enterprise, and my family owned one of the largest electronic security firms in the state when I was growing up.
The Politics Of Malware
Commentary  |  11/8/2010  | 
I recently saw a provocative tweet from @mikkohypponen that reminded me malware is still quite often politically motivated.
NoSQL: Not Much, Anyway
Commentary  |  11/4/2010  | 
I don't get the NoSQL movement. Most old-school database administrators don't. In fact, a lot of people don't understand what NoSQL is exactly because, quite frankly, there's not much there. Most of the features and functions we consider synonymous with databases are unwanted by developers of nontransactional systems and are falling by the wayside as companies push applications into the cloud.
SMB Guide To Credit Card Regulations, Part 2: The Low-Hanging Fruit
Commentary  |  11/2/2010  | 
The PCI Security Standards Council has created a document outlining a prioritized approach to help businesses comply with PCI DSS. It's a way to grab the low-hanging fruit, helping businesses tackle some of the more simple tasks that can provide a greater security ROI. I've boiled it down here to help small to midsize businesses (SMBs) get started.
Startup Offers Cloud-Based Bot Detection Service
Quick Hits  |  11/1/2010  | 
Newly launched ipTrust headed by former IBM ISS executives
HP And The Scary Corporate Fifth Column Concept
Commentary  |  11/1/2010  | 
HP is currently in an epic and unprecedented battle with Oracle, and Oracle rarely leaves any company still standing that it focuses this much attention on.


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd