Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in July 2007
Third Parties Fumble Data Handoffs
News  |  7/26/2007  | 
Your company's data breach may result from a partner's mistakes
Startup Locks Down Mobile Linux
News  |  7/26/2007  | 
New version of mobile OS verifies apps, firmware, and encrypts data
Hacking Without Exploits
News  |  7/25/2007  | 
Researcher HD Moore to show at Black Hat and Defcon ways to hack a fully patched system
New Tool Automates Spam
News  |  7/25/2007  | 
Cheap software promises to post 1,100 messages to Web forums in less than 15 minutes
Cigna Goes on a Role
News  |  7/20/2007  | 
Health benefits provider automates upkeep of its role-based user access control
Spam Changes Direction
News  |  7/19/2007  | 
While PDF and image-based attacks skyrocket, spammers quietly shift toward Europe
Hack Sneaks Past Firewall to Intranet
News  |  7/18/2007  | 
Black Hat researcher will demonstrate yet another way to use DNS pinning bug to get inside the corporate network
Leaks Found in Louisiana University Systems
News  |  7/18/2007  | 
Student uncovers 150 documents containing personal information on 80,000 individuals
Attackers Hide in Fast Flux
News  |  7/17/2007  | 
Storm and Warezov/Stration have already adopted an evil load-balancing and evasion technique that's tougher to detect
Hackers Tap Western Union
News  |  7/17/2007  | 
Breach of customer database threatens personal info of about 20,000 customers
Black Hat: DLP Hack
News  |  7/16/2007  | 
Researchers will show how some data leakage prevention products are buggy - and even risky
Cross-Site, Cross-Service
News  |  7/16/2007  | 
New cross-site scripting worm could propagate across Webmail services, user address lists
Old Flaw Threatens Web 2.0
News  |  7/12/2007  | 
DNS pinning flaw gives attackers inroads to the corporate intranet - via the browser
Startup Launches Free Malware Blocker
News  |  7/11/2007  | 
Haute Secure comes out of stealth mode with freeware that can recognize and filter malware at the client
'Hacking Capitalism'
News  |  7/6/2007  | 
Popular financial transaction protocol leaves trading open to hackers
Getting & Securing Your iPhone
News  |  7/5/2007  | 
How you can justify the company buying your iPhone - and how to keep it safe from attack
i Caramba! iPhone Hacked Already
News  |  7/2/2007  | 
Researchers find bugs in iPhone browser, Bluetooth, and WiFi connections


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd