Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in August 2006
App Proxies: No Reviving the Dream
News  |  8/31/2006  | 
Application proxies stir up fond memories of more enterprise control, but chances of resurgence are slim
Wireless Piggybackers Put on Notice
News  |  8/30/2006  | 
New California law encourages users to lock up WLANs, setting the stage for criminal action against hackers and piggybackers
Insecure at the Airport?
News  |  8/29/2006  | 
Five ways to make your concourse WiFi experience more secure
Enterprises Still Not Sweet on Honeypots
News  |  8/23/2006  | 
Passive technology lacks preventive capability but might prove useful for tracking malicious internal activity
Startup Promises Critical-Site Analysis
News  |  8/21/2006  | 
New consulting firm will help 'national security-critical' sites evaluate physical and logical security
Apple's Core Is Secure
News  |  8/18/2006  | 
Researchers now say they used a third-party drive to facilitate infamous MacBook hack at Black Hat
WiMax's Small Steps to Security
News  |  8/17/2006  | 
Locking down new broadband wireless - and projecting where vulnerabilities will arise - will keep Sprint busy
The Portable Puzzle
News  |  8/10/2006  | 
Solutions for managing security of mobile systems and portable storage devices still elude many enterprises
IT's Roving Eyes
News  |  8/9/2006  | 
From snooping to sabotage, your IT department might be your enterprise's greatest unchecked security threat
Code May Sour BlackBerry Users
News  |  8/8/2006  | 
New proof-of-concept code could give an attacker access to enterprise networks using a BlackBerry handheld
Big Botnet Cast Wide Net in UK
News  |  8/3/2006  | 
An unusually large botnet swamped the UK this week with over 8 million phishing emails
No Wires & No Policies
News  |  8/2/2006  | 
Despite the convenience of wireless and portable devices, most security policies still don't embrace them, according to a new Dark Reading survey


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21272
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.