Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in March 2008
Security Issues Limit Telecommuting
Quick Hits  |  3/31/2008  | 
Want to work from home? Better beef up security first, CDW study says
Tech Insight: Keeping Your Thumb on Thumb Drives
News  |  3/28/2008  | 
Those little USB drives certainly are handy, but how do you keep your company's sensitive data from walking away? Here are a few ideas
Hacked in Two Minutes
Quick Hits  |  3/28/2008  | 
In contest, researcher cracks a Mac with lightning speed using zero-day exploit
CastleCops Hit by Another DDOS Attack
News  |  3/28/2008  | 
But this time, attackers employ a 'POST' attack
Millions of Russians' Personal Data Posted on Free Website
News  |  3/26/2008  | 
Names, addresses, account information, and other data posted by unknown source
WhiteHat: 90% of Sites Still Vulnerable
News  |  3/25/2008  | 
Most sites open to hacks via cross-site scripting, CSRF, report says
Child Charities Stand Against Web 'Intelligence Gathering'
Quick Hits  |  3/25/2008  | 
People shouldn't lose opportunities because of something they wrote on MySpace at age 14, consortium says
Intel Researching New Approach to Laptop Security
News  |  3/24/2008  | 
'Proteus' technology tracks user behavior, flags atypical activity
A Peek at Snort 3.0
News  |  3/20/2008  | 
Next-generation of open source platform will be more than just IDS/IPS
Vietnam: 95% of Its PCs Infected With Viruses
Quick Hits  |  3/20/2008  | 
Brokerages, other sensitive Websites also vulnerable to attack, Vietnamese officials report at security conference there
Lockdown Networks Shuts Down
News  |  3/19/2008  | 
NAC vendor cites slow adoption of technology, sagging economy, and lack of VC funding
Hannaford, Security Industry Hunt for Cause of Massive Breach
News  |  3/18/2008  | 
Speculation runs rampant as grocery retailer attempts to find out how 4.2 million credit card records were stolen
FTC Deal Suggests Enterprises Could Be Liable for Poor Security
News  |  3/17/2008  | 
ValueClick found negligent when Commission discovers vulnerabilites contrary to privacy policies promising encryption and 'reasonable security measures'
Tech Insight: De-Fanging P2P
News  |  3/14/2008  | 
Peer-to-peer has gotten a bad rap, but there are ways to secure its legitimate use in your organization
McAfee Warns of Mass Web Attack
News  |  3/13/2008  | 
At least 10,000 pages affected, researchers warn
Certegy Victims Offered Less Than a Buck
Quick Hits  |  3/13/2008  | 
Proposed settlement includes free credit monitoring services and $4M in reimbursements following massive data breach
Hacking WiFi
News  |  3/13/2008  | 
Here's an evil twin that can seriously alter your Starbucks experience
Spam Takes a Vacation
News  |  3/11/2008  | 
South sea islands account for more spam per capita than anyplace else in the world
Security's 'See-Through' Camera
Quick Hits  |  3/11/2008  | 
New camera lets administrators check for objects under an individual's clothes - without seeing the family jewels
FTP Hacking on the Rise
News  |  3/11/2008  | 
First it was stolen FTP server admin privileges. Now it's spam messages with bot-infected FTP links
Art Imitates Malware
Quick Hits  |  3/7/2008  | 
Or does malware imitate art? Award-winning artist uses malware code to create artistic renditions of Storm, Netsky, and other infamous threats
Encrypted PCs Still at Risk
Quick Hits  |  3/6/2008  | 
Scientists demonstrate ability to extract encryption keys that linger in PC memory
Hacking: The New Child's Play?
News  |  3/5/2008  | 
Researchers worry as teens and pre-teens play an increasing role in illegal online exploits
Researchers Map Method for Spotting Suspicious Insiders
News  |  3/4/2008  | 
Mining of email data could help companies spot dangerous employees before they do damage


NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21238
PUBLISHED: 2021-01-21
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping bec...
CVE-2021-21239
PUBLISHED: 2021-01-21
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1 backend and need to verify signed SAML documents are impacted. PySAML2 does not ...
CVE-2021-21253
PUBLISHED: 2021-01-21
OnlineVotingSystem is an open source project hosted on GitHub. OnlineVotingSystem before version 1.1.2 hashes user passwords without a salt, which is vulnerable to dictionary attacks. Therefore there is a threat of security breach in the voting system. Without a salt, it is much easier for attacker...
CVE-2020-4966
PUBLISHED: 2021-01-21
IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the...
CVE-2020-4968
PUBLISHED: 2021-01-21
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192427.