Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Perimeter posted in September 2007
Attackers Kill Anti-Fraud Site
News  |  9/28/2007  | 
Fraudwatchers.org buckles, collapses under weight of month-long denial-of-service attack
Startup Wins License for Secure Biometrics Token
News  |  9/27/2007  | 
Technology promises to protect privacy of user whose biometric data is stolen or copied
Metasploit Adds iPhone Hacking Tools
News  |  9/26/2007  | 
Popular pen-test tool now comes with Apple iPhone payloads
Canadian Government Sheds Light On TJX Breach
News  |  9/25/2007  | 
Attack was conducted via wireless links at two Miami Marshall's stores, investigation reveals
Apple: Bypassing AT&T Can Break Your iPhone
Quick Hits  |  9/25/2007  | 
Trying to use another service could be the death of your favorite new gadget
TJX Proposes to Settle Customer Lawsuit for $6.5M
News  |  9/24/2007  | 
Customers promised a $30 voucher and a three-day discount sale
P2P Leads to Major Leak at Citigroup Unit
Quick Hits  |  9/24/2007  | 
ABN Amro employee exposes personal data on 5,000 mortgagees by installing BearShare
Security's School of Hard Knocks
News  |  9/21/2007  | 
Security pros share five of the toughest lessons they've ever learned, and they've got the scars to prove them
Researcher Raises Alarm Over PDFs
News  |  9/21/2007  | 
Adobe files could soon become attackers' favorite medium for malware delivery, experts say
Signal Turns to Data Leak Protection
News  |  9/21/2007  | 
Signal Financial Credit Union's DLP architecture protects sensitive data - sometimes a little too well
Hackers Get the Lingo
Quick Hits  |  9/21/2007  | 
Lingo, a New Zealand VOIP service provider, accidentally sends out the email addresses of more than 14,000 customers
Five Signs That You're Under a Targeted Attack
News  |  9/20/2007  | 
Clues that your organization is in the bull's eye might be right under your nose
Security Problems Linger at VA
News  |  9/20/2007  | 
Despite highly publicized breach, Veterans Affairs' IT efforts still coming up short, according to GAO report
ISPs Try on Anti-Botnet Services Model
News  |  9/19/2007  | 
Anti-botnet security services are on the rise, but ISPs still aren't coming over to clean up your machine
New Attacks Target Top Executives
News  |  9/18/2007  | 
Trojan-style attack designed to fool CXOs into downloading data-sucking malware, researcher says
Maynor Releases Apple Wireless Bug Code
News  |  9/18/2007  | 
Over a year after the Apple wireless flap, researcher David Maynor publishes a paper with proof-of-concept of the controversial hack
Lawsuit Raises Questions on TD Ameritrade Breach
News  |  9/17/2007  | 
May class action suit suggests brokerage firm knew about breach as far back as November but didn't disclose it
TD Ameritrade Breach Affects 6.3M Customers
News  |  9/14/2007  | 
Brokerage firm uncovers data-sucking malware during system audit
How to Bypass the IDS/IPS
News  |  9/14/2007  | 
'Simple Nomad' shows how bad guys can wage targeted attacks by probing, fingerprinting IDSes and IPSes
Quantum Research Could Threaten Encryption Schemes
News  |  9/13/2007  | 
New quantum computers implement algorithm capable of cracking most current encryption codes
Email Encryption Gets Easier
News  |  9/13/2007  | 
But are these new methods enough to convince enterprises to secure their messages with in-house systems - or that they even need to?
Insider Threats Increase, But Damage Is Minimal
News  |  9/12/2007  | 
Annual Computer Security Institute study says employees are the source of most incidents - but not the biggest cost
Annual CSI Study: Cost of Cybercrime Is Skyrocketing
News  |  9/11/2007  | 
Average annual loss per company has more than doubled since last year, according to bellwether study
Hacking the White House
News  |  9/10/2007  | 
War walk around the President's house exposes some interesting vulnerabilities outside the fence, but solid defenses inside
Breaking Down the Wall
News  |  9/10/2007  | 
US government officials are in a dither about Lenovo's potential acquisition of Seagate. But are any encryption secrets really at risk?
Startup Led by Ex-DHS Cyberchief Rolls Out Forensics Tool
News  |  9/10/2007  | 
NetWitness NextGen analyzes attacks, risks, and verifies compliance
Group Sues White House to Restore Missing Emails
News  |  9/7/2007  | 
National Security Archive says White House must reactivate its email archiving system
Citrix's Security Play
News  |  9/7/2007  | 
With acquisition of XenSource, Citrix puts itself at forefront of data center virtualization - and security
China Makes 'Most Successful Cyber Attack Ever' on the Pentagon
Quick Hits  |  9/4/2007  | 
Chinese military proves its ability to disable US defense systems


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd