News & Commentary
Active Directory Is Dead: 3 Reasons
Thomas Pedersen, CEO & Founder, OneLoginCommentary
These days, Active Directory smells gangrenous to innovative companies born in the cloud and connecting customers, employees, and partners across devices at light speed.
By Thomas Pedersen CEO & Founder, OneLogin, 4/15/2014
Comment18 comments  |  Read  |  Post a Comment
Study: Security Fears Continue To Block Cloud Deployment
Tim Wilson, Editor in Chief, Dark ReadingQuick Hits
'Fear of the unknown' still haunts cloud adoption.
By Tim Wilson Editor in Chief, Dark Reading, 4/3/2014
Comment16 comments  |  Read  |  Post a Comment
API-First: 3 Steps For Building Secure Cloud Apps
Ravi Ithal, Chief Architect, NetskopeCommentary
When it comes to protecting data traveling to and from the cloud, today's choices are daunting. Here are three steps for making the application programming interface your new best friend.
By Ravi Ithal Chief Architect, Netskope, 4/3/2014
Comment4 comments  |  Read  |  Post a Comment
What Is The FIDO Alliance?
Dark Reading, CommentaryVideo
Phillip Dunkelberger of Nok Nok Labs explains why its proposed specifications will transform computing.
By Dark Reading , 4/2/2014
Comment0 comments  |  Read  |  Post a Comment
Finally, Plug & Play Authentication!
Phil Dunkelberger, President & CEO, Nok Nok LabsCommentaryVideo
FIDO Alliance technology will allow enterprises to replace passwords with plug-and-play multifactor authentication.
By Phil Dunkelberger President & CEO, Nok Nok Labs, 3/26/2014
Comment1 Comment  |  Read  |  Post a Comment
Experts Question Security Payoff Of Sending Apps To The Cloud
Robert Lemos, Technology JournalistNews
Startups offer browsers in the cloud for security, while email and productivity apps are already there.
By Robert Lemos Technology Journalist, 3/26/2014
Comment4 comments  |  Read  |  Post a Comment
Safe Harbor, Lavabit & The Future Of Cloud Security
Elad Yoran, Commentary
For cloud computing to grow, we need a balance between individual privacy and control of data, and the government's ability to fight crime and terrorism. Persistent encryption may be the answer.
By Elad Yoran , 3/14/2014
Comment1 Comment  |  Read  |  Post a Comment
7 Behaviors That Could Indicate A Security Breach
Becca Lipman, News
Breaches create outliers. Identifying anomalous activity can help keep firms in compliance and out of the headlines.
By Becca Lipman , 3/14/2014
Comment1 Comment  |  Read  |  Post a Comment
Your Cloud Was Breached. Now What?
Bill Kleyman, National Director of Strategy & Innovation, MTM TechnologiesCommentary
You’re not happy. You just experienced a breach. Here’s how to keep calm and secure your cloud.
By Bill Kleyman National Director of Strategy & Innovation, MTM Technologies, 3/12/2014
Comment5 comments  |  Read  |  Post a Comment
Name That Cartoon: Luck O' The Irish
John Klossner, CartoonistCommentary
We provide the cartoon. You write the caption. Maybe you'll win a prize.
By John Klossner Cartoonist, 3/3/2014
Comment101 comments  |  Read  |  Post a Comment
How To Fund Enterprise Cybersecurity: CISO Tips
Susan Nunziata, Director of Editorial, Enterprise EfficiencyNews
How do you ensure funding for enterprise cybersecurity? Help C suite execs understand the true nature of cyberattacks.
By Susan Nunziata Director of Editorial, Enterprise Efficiency, 3/3/2014
Comment0 comments  |  Read  |  Post a Comment
DDoS Attack! Is Regulation The Answer?
Dave Piscitello, VP Security, ICANNCommentary
Four security experts weigh in on why there’s been little progress in combating DDoS attacks and how companies can start fighting back.
By Dave Piscitello VP Security, ICANN, 2/28/2014
Comment9 comments  |  Read  |  Post a Comment
How I Secure My Personal Cloud
Bill Kleyman, National Director of Strategy & Innovation, MTM TechnologiesCommentary
As global cloud traffic grows exponentially, IT pros face the daunting task of securing their personal cloud, data, and workloads.
By Bill Kleyman National Director of Strategy & Innovation, MTM Technologies, 2/24/2014
Comment6 comments  |  Read  |  Post a Comment
Boutique Malware & Hackers For Hire
Dave Kearns, Analyst, Kuppinger-ColeCommentary
Heads up! Small groups of cyber-mercenaries are now conducting targeted hit-and-run attacks for anyone willing to pay the price.
By Dave Kearns Analyst, Kuppinger-Cole, 2/20/2014
Comment5 comments  |  Read  |  Post a Comment
'Connect': A Modern Approach To Mobile, Cloud Identity
Patrick Harding, Commentary
A new protocol from the OpenID Foundation promises enterprises federated single sign-on that can scale.
By Patrick Harding , 2/19/2014
Comment1 Comment  |  Read  |  Post a Comment
The Snowden Effect: Who Controls My Data?
Brad Garlinghouse, CEO, Hightail Commentary
In today’s post-NSA-spying world, the key to providing trustworthy digital services to customers is control coupled with transparency.
By Brad Garlinghouse CEO, Hightail , 2/14/2014
Comment8 comments  |  Read  |  Post a Comment
The Problem With Two-Factor Authentication
Garret Grajek, CTO & COO, SecureAuthCommentary
The failure of corporate security strategies to protect personal identity information from hackers resides more with system architecture than with authentication technology. Here's why.
By Garret Grajek CTO & COO, SecureAuth, 2/4/2014
Comment32 comments  |  Read  |  Post a Comment
20 Security Startups To Watch
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Cloud security, mobile security, advanced behavioral detection, and a few other surprises make this latest crop of newcomers worth watching.
By Ericka Chickowski Contributing Writer, Dark Reading, 2/3/2014
Comment0 comments  |  Read  |  Post a Comment
Finding The Balance Between Compliance & Security
Tom Bowers, Principal Security Strategist, ePlus TechnologiesCommentary
IT departments can reduce security risks by combining the flexibility of ISO 27000 with the stringent requirements of PCI. Here’s how.
By Tom Bowers Principal Security Strategist, ePlus Technologies, 1/30/2014
Comment10 comments  |  Read  |  Post a Comment
Data Security: 4 Questions For Road Warriors
Dave Piscitello, VP Security, ICANNCommentary
Traveling with electronic gear containing sensitive data carries a greater security risk today than ever before.
By Dave Piscitello VP Security, ICANN, 1/28/2014
Comment25 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-04-15
Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse p...

Published: 2014-04-15
The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to execute arbitrary code via unspecified vectors, rela...

Published: 2014-04-15
Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before on Ubuntu 8.0...

Published: 2014-04-15
The pkgAcqMetaClearSig::Failed method in apt-pkg/ in Advanced Package Tool (APT) 0.8.11 through and 0.8.16 before 0.8.16~exp13, when updating from repositories that use InRelease files, allows man-in-the-middle attackers to install arbitrary packages by preventing a user fro...

Published: 2014-04-15
The web services APIs in Eucalyptus 2.0 through 3.4.1 allow remote attackers to cause a denial of service via vectors related to the "network connection clean up code" and (1) Cloud Controller (CLC), (2) Walrus, (3) Storage Controller (SC), and (4) VMware Broker (VB).

Best of the Web