Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in February 2011
The Power Of Open-Source Security Tools
Commentary  |  2/25/2011  | 
Free, open-source tools like the Metasploit Framework and w3af exemplify the power of community involvement and support
DAM Market Observation
Commentary  |  2/24/2011  | 
Despite talk about the lack of innovation in the data security market, excellent technologies like DAM and DLP have been available for years before customers embraced them
FileMaker For Securing iPads At Work
Commentary  |  2/24/2011  | 
Rather than just saying "no" to the iPad at the office, consider this inexpensive way to secure these tablets
Clearing The Air On DAM
Commentary  |  2/23/2011  | 
There are two very important things to understand: First, a database firewall and a database activity monitor (DAM) are exactly the same things! Second, a database firewall can upset normal IT operations
Another Side Of B-Sides
Commentary  |  2/23/2011  | 
The "unconference" across the street from the RSA show in San Francisco last week was shaped, in part, by recent security events
Using HVAC To Set Up A Hack
Commentary  |  2/22/2011  | 
Social engineering caper begins with posing as heating ventilation and air conditioning repairmen
RSA: Microsoft vs. Google--Mobile vs. Cloud--Anonymous vs. HBGary Inc.
Commentary  |  2/17/2011  | 
RSA has turned out to be an historic event this year showcasing massive industry change from traditional platforms to mobile devices and cloud computing, Google’s replacement of Microsoft as the most targeted vendor, and the drift of the vigilante group Anonymous towards the dark side.
Oracle Database Firewall To Replace DAM? Not So Fast, Competitors Say
News  |  2/15/2011  | 
AppSec, Guardium disagree with Oracle's assertion that database firewalls can act as a DAM substitute
Product Watch: Cisco Unveils New Security Architecture
News  |  2/14/2011  | 
Highly distributed architecture designed to enable "Borderless Networking" concept
First Commercial 'Suricata' IDS/IPS Product Debuts
News  |  2/13/2011  | 
nPulse's new multigigabit-speed appliance based on a DHS-backed open-source IDS/IPS project technology
Securing Databases In The Cloud: Part 2
Commentary  |  2/10/2011  | 
Moving databases into the cloud can save you money and simplify administration, but always introduces new security challenges
Frequency Hopping Spread Spectrum, Project Ubertooth Detailed At ShmooCon
Commentary  |  2/10/2011  | 
Two new wireless security projects discussed at ShmooCon focus on bringing low-cost hardware to security researchers
Lancope Announces New Network Security And Performance Product
News  |  2/9/2011  | 
StealthWatch 6.0 includes application performance monitoring via behavioral analysis and deep packet inspection of flow data
UL Seal Of Approval Launched For Resiliency Of Networking, Security Products
News  |  2/9/2011  | 
Nonprofit lab will test how product specification claims withstand DDoS attacks, exploits, heavy traffic loads
Securing Databases In The Cloud
Commentary  |  2/2/2011  | 
Cloud services are comprised of pools of compute, network, information, and storage pools, so focus on securing the information rather than the database
Plain Text Database Storage At Heart Of Online Dating Site Breach
News  |  2/2/2011  | 
Plenty of Fish just another website to get burned by storing unencrypted passwords within an insecure database
Product Watch: New 'Razor' Appliance Aims To Catch Targeted Attacks
News  |  2/1/2011  | 
HBGary's new perimeter tool for its Digital DNA sandboxes executable code
ShmooCon Panel Discusses Ease, Speed Of Password Cracking
Commentary  |  2/1/2011  | 
Panel of security professionals discussed new tools and techniques to accelerate password cracking, highlighting need for multifactor authentication


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd