Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in May 2007
How to Stop Political Attacks
News  |  5/30/2007  | 
Experts advise users on how to defend themselves against cyber-terrorism, cyber wars, and hacktivism
Fed Workers Still in the Dark
News  |  5/27/2007  | 
Despite completing awareness courses, majority of government workers say they've never heard of key guidelines
Wireless: Fix, Not Flaw
News  |  5/25/2007  | 
New applications help WiFi shed its image as enterprises' biggest network vulnerability
StillSecure Bets on Embedded Security
News  |  5/23/2007  | 
Cobia platform spurs debate over 'open source'
Startup to Ship Sweetened Honeypot
News  |  5/23/2007  | 
New, real-time, AI-based forensics appliance uses virtualized honeypot technology and interfaces with IDS/IPSes
Seven Habits of Highly Malicious Hackers
News  |  5/18/2007  | 
Interop session details the anatomy of a hacker attack, step-by-step
Spammers Stymie UK Email
News  |  5/17/2007  | 
British ISP forced to shut down Web mail service due to 'unpatchable' vulnerability
Verizon Grabs Cybertrust
News  |  5/14/2007  | 
Merger sets stage for clash of telecom titans
Profit-Minded Trojans
News  |  5/11/2007  | 
Majority of Trojan attacks now designed for financial gain, researchers say
IDS in Mid-Morph
News  |  5/11/2007  | 
Interop Las Vegas session to map out evolving capabilities of intrusion detection systems
California Hammers on E-Voting
News  |  5/10/2007  | 
Comprehensive audit and penetration test designed to end voters' fears about electronic voting
The Phisher King
News  |  5/9/2007  | 
RSnake gets a real 'pisher' to describe how he baits the hook and reels in his catch
Mizzou's Help Desk Hack
News  |  5/9/2007  | 
Attacker accesses more than 22,000 student records by cracking university's computer trouble-reporting system
Five Security Flaws in IPv6
News  |  5/8/2007  | 
The next-generation of IP transport has some glaring security problems - here's a rundown of what you need to know
Trust & Deception
News  |  5/7/2007  | 
They're both actively at work in infosec, and new attacks take equal advantage of them
Security's Top Five Priorities
News  |  5/4/2007  | 
Portable devices, Web application security are among the issues keeping CSOs awake these days
DRM Hack Flap Sparks Digg 'Riot'
News  |  5/2/2007  | 
Effort to take down hack postings results in crippling rebellion at social networking site
Security's Biggest Train Wrecks
News  |  5/1/2007  | 
Think you've made security mistakes? These 10 prize-winners (we had to limit it) took the cake in Dark Reading's first year


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21272
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.