Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in December 2007
FTC Ups the Ante on Fighting Spam, Phishing
Quick Hits  |  12/31/2007  | 
Federal Trade Commission report calls for authenticated email, reputation services, and better consumer anti-spam reporting tools
Security's Biggest Train Wrecks of 2007
News  |  12/27/2007  | 
We've seen a boxcar o' breaches and break-ins this year, but these were the most grisly - and the hardest to take our eyes from
Emerging Threats Could Help Security Pros
Quick Hits  |  12/26/2007  | 
New Website aims to make security data more useful and available
Storm Darkens Christmas, Takes Aim at New Year's
News  |  12/26/2007  | 
Botnet takes a holiday on users' computers
Putting Up Your Cyber Defenses
News  |  12/19/2007  | 
It's time to start thinking about protecting your systems - and your employees - in the event of attacks from foreign entities
Internet Privacy: No Big Deal?
News  |  12/18/2007  | 
Despite warnings, users continue to post personal information on the Web
Insurer Adds Encryption to Prevent Data Leaks
News  |  12/14/2007  | 
American National Insurance Company (ANICO) encrypts the desktop, disk, and sensitive email traffic
Study: Breaches of Personal Data Now Prevalent in Enterprises
News  |  12/12/2007  | 
Eighty-five percent of enterprises have experienced at least one reportable incident in the past 12 months
Predicting Peril
News  |  12/12/2007  | 
We may not be able to predict the next big attack, but we can identify the trends that will spawn it
Small Businesses Feel Security's Burn
News  |  12/11/2007  | 
Nearly one third of SMBs have experienced system compromise in the past year, study says
End Users Flout Enterprise Security Policies
News  |  12/10/2007  | 
Separate studies show many users understand rules, but they break them anyway
Study: Users Have False Sense of Security
Quick Hits  |  12/10/2007  | 
Over 90% think they're pretty safe on the Internet, but about half of them are at risk, Verizon says
DOE Lab Break-in May Be Tip of the Iceberg
News  |  12/7/2007  | 
Data breach at Oak Ridge National Laboratory part of a series of cyberattacks - possibly out of China - on US laboratories and institutions
Mobile Data a Moving Liability
News  |  12/5/2007  | 
Realtor offers up tips for taking the fangs out of the unstructured data explosion
Study Reveals Overlooked Sources of Leaks
News  |  12/3/2007  | 
After you've secured your electronic perimeter, it's time to check the copier and the front door, ISF report says
New CEO Sets Whitelisting Firm's Direction
News  |  12/3/2007  | 
Former CEO of Corel, Imprivata now leading Bit9's search for more partners and an international presence


NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4966
PUBLISHED: 2021-01-21
IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the...
CVE-2020-4968
PUBLISHED: 2021-01-21
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192427.
CVE-2020-4969
PUBLISHED: 2021-01-21
IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniq...
CVE-2020-26285
PUBLISHED: 2021-01-21
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to import/export data and to create widget instances was able to inject an exe...
CVE-2020-26295
PUBLISHED: 2021-01-21
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via layout xml. The latest OpenMage Versions up from 19.4.9 and ...