Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in July 2008
Startup Promises More Accurate Fraud Detection
News  |  7/31/2008  | 
Guardian Analytics's new 'fraud modeling' technology recognizes activity that goes outside user norm
Survey Highlights Telecommuter Troubles
Quick Hits  |  7/31/2008  | 
Telecommuting security, privacy risks often put on the back burner, according to a new survey by Ernst & Young
New Video Surveillance Technology 'Recognizes' Abnormal Activity
News  |  7/28/2008  | 
BRS software can establish 'normal' on-camera activity - and alert security staff when something unusual occurs
When Penetration Testers (Almost) Get Caught
News  |  7/25/2008  | 
Sometimes employees really do learn their physical security lessons
Report: Website Infection Rate Has Tripled Since 2007
Quick Hits  |  7/24/2008  | 
Malicious Web pages now exceed more than 16,000 per day, Sophos says
Details, Exploits of Web-Wide DNS Vulnerability Revealed
News  |  7/24/2008  | 
Kaminsky outlines flaw, says 'we're in serious trouble'; exploit code posted on Metasploit
Researchers Raise Alarm Over New Iteration of Coreflood Botnet
News  |  7/23/2008  | 
Password-stealing Trojan is spreading like a worm - and targeted directly at the enterprise
Web-Wide DNS Vulnerability Leaked
Quick Hits  |  7/23/2008  | 
'Accidental' posting by researchers briefed on the flaw may lead to exploits today
Kaminsky to Give More Info on Super-Secret DNS Flaw
Quick Hits  |  7/22/2008  | 
Webinar on Thursday sets stage for comment on Halvar Flake's 'guess' on Web-wide vulnerability
'PhishMe' Tool Lets Businesses Spear-Phish Themselves
News  |  7/22/2008  | 
Web-based service generates self-inflicted targeted attacks to enlighten users, assess risk
Report: Vulnerabilities Abound in Open-Source Environments
News  |  7/21/2008  | 
Enterprises should take care in adopting open-source technology, Fortify study says
President of Georgia's Site Under Attack
Quick Hits  |  7/21/2008  | 
Former Soviet republic could follow Estonia and Lithuania as the next target of Russian cyber attacks
Researcher Offers Malware Analysis Tool
News  |  7/18/2008  | 
Proof-of-concept tool is more difficult for hackers to detect and evade than current malware analyzers
Secret Defense Data Lost on UK Government USBs
News  |  7/18/2008  | 
Yet more government storage shenanigans on the other side of the pond
Schneier, Team Hack 'Invisibility Cloak' for Files
News  |  7/16/2008  | 
Researchers break 'deniable file system' steganography feature that conceals the existence of sensitive files from hackers
Texas Bank Dumps Antivirus for Whitelisting
News  |  7/11/2008  | 
Tired of AV and malware, First National Bank of Bosque County adopts application whitelisting instead
FasTrak Toll Hacked, Exposing Privacy Dangers
News  |  7/9/2008  | 
Researcher finds electronic toll tag vulnerabilities in Black Hat 'Highway to Hell' research
P2P Hack Exposes Info on Top Judge
Quick Hits  |  7/9/2008  | 
Supreme Court justice is among 2,000 investment firm clients whose personal data was exposed via Limewire
Over 10M Bots Active Worldwide in Q2
Quick Hits  |  7/8/2008  | 
New report from Commtouch finds US bot count decreases, but Verizon is among the top 10 domains used for hosting zombies
Russians Organizing 'Political Hack Force'
Quick Hits  |  7/7/2008  | 
Lithuanian attacks could be signal of actions to come
Matasano Unwraps Its 'Firewall Mixer'
News  |  7/3/2008  | 
New control and change management tool for big, multivendor firewall deployments
iPhone Smackdown: Security vs. Consumerization
News  |  7/3/2008  | 
It's time to accept the fact that our consumer and business technology worlds are converging
Laptop Losses Total 12,000 Per Week at US Airports
News  |  7/2/2008  | 
Nearly 70% are never recovered; many go unreported
Citibank PIN Hack: Deja Vu
Quick Hits  |  7/2/2008  | 
Hack keeps coming back to haunt banking giant
PCI Standards Expanded to Include Unattended Devices
News  |  7/1/2008  | 
New specs respond to emerging threats posed at kiosks, ATM devices
New DLP Startup Performs 'DNA Sequencing' of Data
News  |  7/1/2008  | 
nexTier Networks promises more automated, simplified approach to data leak prevention


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd