Cloud
News & Commentary
8 Valuable Security Certifications For 2017
Kelly Sheridan, Associate Editor, InformationWeek
A security credential could be the step towards your next job title. But which one to get?
By Kelly Sheridan Associate Editor, InformationWeek, 2/21/2017
Comment1 Comment  |  Read  |  Post a Comment
Do Software-Defined Data Centers Pose Security Concerns?
Liviu Arsene, Senior E-threat Analyst, Bitdefender
SDDC adoption is likely to trigger widespread data security governance programs, with 20 percent of organizations considering them necessary to prevent data breaches.
By Liviu Arsene Senior E-threat Analyst, Bitdefender, 2/20/2017
Comment0 comments  |  Read  |  Post a Comment
IoT Security: A Ways To Go, But Some Interim Steps For Safety
Terry Sweeney, Contributing EditorNews
The Internet of Things remains vulnerable to botnets and malware, but Cisco's Anthony Grieco offers some tips to keep networks and users more secure
By Terry Sweeney Contributing Editor, 2/15/2017
Comment0 comments  |  Read  |  Post a Comment
Why Identity Has Become A Top Concern For CSOs
Saryu Nayyar, CEO, GuruculCommentary
Seven of the world's top security leaders share their fears and challenges around the critical new role of identity in the fight against cyber adversaries.
By Saryu Nayyar CEO, Gurucul, 2/14/2017
Comment1 Comment  |  Read  |  Post a Comment
National Security, Regulation, Identity Top Themes At Cloud Security Summit
Sara Peters, Senior Editor at Dark ReadingNews
Gen. Keith Alexander gives Trump a thumbs-up and Cloud Security Alliance releases a new application.
By Sara Peters Senior Editor at Dark Reading, 2/13/2017
Comment0 comments  |  Read  |  Post a Comment
David Beckham Hires Cybersecurity Expert To Probe Email Leak
Dark Reading Staff, Quick Hits
18.6 million emails were stolen and leaked from PR firm, including allegedly doctored messages made to damage Beckham's reputation.
By Dark Reading Staff , 2/8/2017
Comment0 comments  |  Read  |  Post a Comment
Dutch Voter Guide Website Leak Highlights Privacy Concerns
Dark Reading Staff, Quick Hits
StemWijzer fixes vulnerabilities after researcher discovers website is secretly maintaining voter-preference record.
By Dark Reading Staff , 2/8/2017
Comment0 comments  |  Read  |  Post a Comment
10 Essential Elements For Your Incident-Response Plan
Terry Sweeney, Contributing Editor
The middle of a DDoS attack or ransomware infection is hardly the time to start talking about divisions of labor, or who should do what when.
By Terry Sweeney Contributing Editor, 2/2/2017
Comment2 comments  |  Read  |  Post a Comment
Spam Now Makes Up Nearly Two-Thirds Of All Email
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Spam spikes, and nearly three-fourths of all organizations worldwide have suffered adware-borne infections, according to Cisco's annual cybersecurity report.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/1/2017
Comment0 comments  |  Read  |  Post a Comment
The Interconnected Nature Of International Cybercrime
Ian W. Gray, Cyber Intelligence Analyst, FlashpointCommentary
How burgeoning hackers are honing their craft across language barriers from top tier cybercriminal ecosystems and forums of the Deep and Dark Web.
By Ian W. Gray Cyber Intelligence Analyst, Flashpoint, 2/1/2017
Comment1 Comment  |  Read  |  Post a Comment
A New Mantra For Cybersecurity: 'Simulate, Simulate, Simulate!'
Danelle Au, VP Strategy, SafeBreachCommentary
What security teams can learn from the Apollo 13 space program, a global pandemic, and major infrastructure disruptions to identify their best responses to attacks.
By Danelle Au VP Strategy, SafeBreach, 2/1/2017
Comment3 comments  |  Read  |  Post a Comment
PCI Security Standards Council Issues Guidance For E-Commerce Security
Dark Reading Staff, Quick Hits
Update educates merchants on payment security challenges and significance of encryption.
By Dark Reading Staff , 2/1/2017
Comment0 comments  |  Read  |  Post a Comment
Identity Fraud Rose 16% In 2016
Steve Zurier, Freelance WriterNews
Javelin report finds that fraud increased to 15.4 million consumers in the US - the highest ever.
By Steve Zurier Freelance Writer, 2/1/2017
Comment0 comments  |  Read  |  Post a Comment
2017 State of the Cloud
Emily Johnson, Associate Editor, UBM Americas
Is private cloud on its way out and is hybrid cloud practical? This infographic provides a snapshot of key data points from our 2017 State of the Cloud report.
By Emily Johnson Associate Editor, UBM Americas, 1/31/2017
Comment0 comments  |  Read  |  Post a Comment
Appeals Court Upholds Microsoft Victory In Overseas Data Case
Dark Reading Staff, Quick Hits
Dissenting judges seek revision of earlier ruling, saying it does not serve any privacy interest.
By Dark Reading Staff , 1/27/2017
Comment0 comments  |  Read  |  Post a Comment
How I Would Hack Your Network (If I Woke Up Evil)
John Strand, SANS Senior Instructor & Owner, Black Hills Information SecurityCommentary
How would an attacker target your company? Here's a first-person account of what might happen.
By John Strand SANS Senior Instructor & Owner, Black Hills Information Security, 1/26/2017
Comment18 comments  |  Read  |  Post a Comment
Facebook Adds Physical Key Security For Member Accounts
Dark Reading Staff, Quick Hits
Social media site now supports security keys to boost multifactor authentication.
By Dark Reading Staff , 1/26/2017
Comment0 comments  |  Read  |  Post a Comment
There's No One Perfect Method For Encryption In The Cloud
Thomas Ristenpart, Asst. Professor, Computer Sciences, University of WisconsinCommentary
The problem with encryption is that it affects performance, especially in the cloud. Know the different methods so you can pick the type that best suits your needs.
By Thomas Ristenpart Asst. Professor, Computer Sciences, University of Wisconsin, 1/26/2017
Comment0 comments  |  Read  |  Post a Comment
Pew Research Study Exposes America's Poor Password Hygiene
Steve Zurier, Freelance WriterNews
Americans feel like they've lost control over their online lives, but they still aren't always practicing proper security.
By Steve Zurier Freelance Writer, 1/26/2017
Comment15 comments  |  Read  |  Post a Comment
Cloud Is Security-Ready But Is Your Security Team Ready For Cloud?
Frank Mong, Senior VP, Product, Industry & Solutions Marketing, Palo Alto NetworksCommentary
Cloud computing has moved beyond the early adopter phase and is now mainstream. Heres how to keep data safe in an evolving ecosystem.
By Frank Mong Senior VP, Product, Industry & Solutions Marketing, Palo Alto Networks, 1/25/2017
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is what you could call a "heads-up operation."
Current Issue
5 Security Technologies to Watch in 2017
Emerging tools and services promise to make a difference this year. Are they on your company's list?
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.