Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in June 2011
BeyondTrust Acquires Likewise Software Assets, Launches PowerBroker Identity Services
News  |  6/30/2011  | 
PowerBroker Identity Services, Enterprise Edition addresses the authentication, audit and reporting needs of companies running multiple operating systems
Mass-Meshing A Gumblar Creation
Commentary  |  6/30/2011  | 
Who doesn't love a new buzzword? 'Mass-meshing' is a new term that describes an old problem first presented by the Gumblar attacks in 2009
When Consumers Go To The Cloud, Businesses Should Watch Out
News  |  6/30/2011  | 
Companies should take a look at what cloud services their employees are using following last week's authentication bug at Dropbox
Epsilon Outlines Post-Breach Security Plans
News  |  6/29/2011  | 
Working with Verizon Business, marketing firm launches new secure services
New Metasploit Tools Help Find Security Blind Spots
Commentary  |  6/27/2011  | 
Upcoming vSploit modules for the Metasploit Framework imitate compromised or vulnerable hosts in the network
Are LulzSec, Anonymous The Pissed-Off Canary In The Coal Mine?
Commentary  |  6/24/2011  | 
LulzSec and Anonymous could be doing the world a favor by showcasing weak systems, and their actions suggest these systems and others like them could have been compromised for months by those wanting to do harm
RPost Email Encryption Upgrade Adds Enterprise Security Intelligence
News  |  6/21/2011  | 
RPost email encryption upgrade permits senders to have message security anywhere
Product Watch: Damballa Rolls Out Early Detection Service
News  |  6/21/2011  | 
New offering could alert enterprises "weeks or months" before malware appears in the wild
Leaps Of Faith
Commentary  |  6/20/2011  | 
Mobile is more secure than the browser realm because most mobile transactions are conducted through applications, not the browser
Advanced Exploitation Of Flash Vulnerability In The Wild
Commentary  |  6/19/2011  | 
New Flash exploit is extremely effective against the security technologies that many depend on for shelter -- is this a sign of things to come?
New Free Forensics Tool: Dropbox Reader
News  |  6/17/2011  | 
Dropbox Reader aids cyberinvestigators in reading evidence files associated with the Dropbox cloud storage software
WAFs Have Benefits, But Are Not A Security Cure-all
Commentary  |  6/15/2011  | 
WAFs can provide a good layer of defense against attacks, but they can't solve all Web app-sec problems the way vendors would like you to think
Why Small Businesses Are Vulnerable To Cybercrime -- And What They Can Do About It
News  |  6/14/2011  | 
SMBs have more valuable data than consumers and fewer defenses than large enterprises. Have they become the sweet spot for the bad guys?
Apple And Building For Security
Commentary  |  6/10/2011  | 
Apple is planning on building what might not only be one of the most beautiful buildings, but one of the most secure as well
Nearly 80 Percent Of Businesses Have Lost Data In Past Year
Quick Hits  |  6/8/2011  | 
Customer data is most frequently compromised content; lost devices are most frequent cause
IPv6 Graduation Day
Commentary  |  6/8/2011  | 
Big Bird, Google, and Facebook participate in first high-profile test flight of new IP protocol amid DDoS threat backdrop
The Truth Will Set You Free
Commentary  |  6/7/2011  | 
We seem to have a problem in the security space: telling the truth, which makes crisis communications a pretty valuable skill moving forward
Logging Isn't Hard -- Getting Started Is
Commentary  |  6/2/2011  | 
The biggest hurdle for SMBs with logging is taking the first step
The State Of Database Encryption
News  |  6/1/2011  | 
Many early adopters of database encryption are starting to realize limitations of their choices
Researchers Devise Hardware-Based Encryption For 'Instant-On' Devices
News  |  6/1/2011  | 
New algorithm protects user data stored long-term in main memory of next-generation smartphones, laptops, desktops


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd