Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in March 2007
Eight Faces of a Hacker
News  |  3/29/2007  | 
Profilers decipher who they are, why they do it as new subcategories start to emerge
University Cleans Up Bots on Campus
News  |  3/29/2007  | 
The University of Missouri-Columbia's IRC blocking system quarantines spamming client machines
I've Been Chipped
News  |  3/28/2007  | 
The technology behind my new RFID-equipped US passport has been thought out remarkably well
MySpace Sues 'Spam King'
News  |  3/28/2007  | 
Social networking site alleges phishing attack by infamous spammer Sanford Wallace
New RFID Attack Opens the Door
News  |  3/23/2007  | 
Proof-of-concept lets intruder gain entry into the building by faking RFID readers with SQL injection
Phishing, Crimeware Jump in '07
News  |  3/21/2007  | 
Anti-Phishing Working Group's latest numbers show ISPs, social networks are fastest-growing targets
Careful, The Boss Is Watching
News  |  3/21/2007  | 
Vendors tout employee monitoring tools to reduce insider threat, improve productivity
By Hook or By Crook
News  |  3/21/2007  | 
With some time, persistence, and a cup of coffee, you too can add a wireless AP for stealth access
Grab Fingerprint, Then Attack
News  |  3/20/2007  | 
Researcher demos easy IDS/IPS evasion at InfoSec World this week
Risk Factors
News  |  3/19/2007  | 
Microsoft badly misfires with its plan to treat the same risks differently in Windows XP, Vista
Huge Leak Revealed at Japanese Firm
News  |  3/19/2007  | 
Former employee absconds with 8.64 million pieces of customer data from 43 clients of Dai Nippon Printing
Secure Stage
News  |  3/16/2007  | 
IT has to get certain details right if they expect users to take security seriously
.NET Apps Get a Bodyguard
News  |  3/15/2007  | 
New shield for .NET-based applications intended to blunt access or changes to software code
Seven Steps to Safer WiFi
News  |  3/14/2007  | 
Using public WiFi can be like the wireless Wild West. Here's how to tame (and secure) your experience
Burger, Fries & Security
News  |  3/12/2007  | 
Wendy's franchisee outsources Internet access, security of its seven stores to BHI
If Data Were Like Cash
News  |  3/12/2007  | 
Then it wouldn't be acceptable to leave it in an employee's car, or worse, lose it
New Tool: Virtual Tip of the Iceberg
News  |  3/12/2007  | 
Blue Lane's new security software addresses one of the gaping security holes in VMs, more tools expected
Small Businesses: Overconfident on Security
News  |  3/9/2007  | 
Most mom-and-pops think they've got customers' backs, but study suggests they may be big fat targets
DNS Attack: Possible Botnet Sales Pitch
News  |  3/9/2007  | 
Last month's DNS attack might have been a botnet demo for potential buyers, ICANN says
A New Spin on Honeynets
News  |  3/8/2007  | 
'Darknets' use large blocks of allocated IP addresses to monitor dubious activity and traffic
Banks, Retailers Seek to Regain User Trust
News  |  3/8/2007  | 
But new research suggests the trust battle is mostly uphill
Novell, Honeywell Get Physical
News  |  3/7/2007  | 
Vendors plan to unveil logical-physical security solutions this month
Paucity of Prurience
News  |  3/7/2007  | 
It may be premature to get nostalgic about the decline in porn spam, especially given what's taken its place
Startup Launches Breakout Testing Tool
News  |  3/6/2007  | 
Researcher HD Moore helped build BreakingPoint Systems's new network and security test tool
Leak Hunters
News  |  3/6/2007  | 
Cyber researchers prowl the Web for evidence of misdoings by employees, hackers, or competitors
Q&A: What to Do About Web 2(.0)
News  |  3/6/2007  | 
In an exclusive interview, Imperva co-founder talks Web 2.0 security risks, protection strategies, and how end-user education is a waste of time
Battling Bots, Doing No Harm
News  |  3/5/2007  | 
That's a tall order for ISPs that detect - and try to disrupt - botnet command and control traffic
Deep Threat
News  |  3/5/2007  | 
Insiders pose increasing danger to safety of corporate data, according to two new studies published today
Vint Cerf: Father Knows Best
News  |  3/2/2007  | 
Internet founder talks actors, Googlers, and hackers
Tool IDs Hidden Malware
News  |  3/2/2007  | 
New software could make it easier for administrators to find malware needles in file haystacks
Getting to Know the Enemy Better
News  |  3/1/2007  | 
Industry players propose standards for describing vulnerabilities, attack patterns


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd