Cloud
News & Commentary
Apple CEO: We Don't Covet Your Data
Thomas Claburn, Editor-at-LargeCommentary
Apple CEO Tim Cook highlights the company's commitment to privacy in an open letter.
By Thomas Claburn Editor-at-Large, 9/18/2014
Comment4 comments  |  Read  |  Post a Comment
Data Privacy Etiquette: It's Not Just For Kids
Lysa Myers, Security Researcher, ESETCommentary
Children are the innocent victims of the worst effects of social media. Thatís why itís vital for adults to establish privacy values that are safe for them -- and the rest of us.
By Lysa Myers Security Researcher, ESET, 9/17/2014
Comment6 comments  |  Read  |  Post a Comment
Meet The Next Next-Gen Firewall
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Or at least the latest iteration of one of the oldest-running security tools that continues to evolve and transform with the times.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/16/2014
Comment3 comments  |  Read  |  Post a Comment
Dyre Straits: Why This Cloud Attack's Different
Kaushik Narayan, Co-Founder and CTO at Skyhigh NetworksCommentary
Dyre is a new breed of Trojan, attacking cloud apps and using the cloud as a delivery vehicle.
By Kaushik Narayan Co-Founder and CTO at Skyhigh Networks, 9/12/2014
Comment3 comments  |  Read  |  Post a Comment
Privacy, Security & The Geography Of Data Protection
Malte Pollmann, CEO, UtimacoCommentary
Data generation is global, so why do different parts of the world react differently to the same threat of security breaches and backdoors?
By Malte Pollmann CEO, Utimaco, 9/11/2014
Comment6 comments  |  Read  |  Post a Comment
Apple iCloud Hack's Other Victim: Cloud Trust
Charles Babcock, Editor At Large, InformationWeek Commentary
Our flash poll finds users feel more vulnerable about cloud security in general. No wonder: Apple's opening statement of indignation now sounds a little hollow.
By Charles Babcock Editor At Large, InformationWeek , 9/10/2014
Comment2 comments  |  Read  |  Post a Comment
'Kyle & Stan' Parks Malvertising On Amazon, YouTube
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Windows and Macs alike are at risk to sophisticated mutating malware.
By Sara Peters Senior Editor at Dark Reading, 9/8/2014
Comment7 comments  |  Read  |  Post a Comment
In Cloud We Trust: A New Model
Evelyn De Souza & Richard Noguera, Cloud Security Alliance Data Governance Chair & Cloud Compliance & Data Privacy Strategy Leader, CiscoCommentary
The solution to the problem of data security in the public cloud will require more than a traditional compliance-driven approach.
By Evelyn De Souza & Richard Noguera Cloud Security Alliance Data Governance Chair & Cloud Compliance & Data Privacy Strategy Leader, Cisco, 9/4/2014
Comment11 comments  |  Read  |  Post a Comment
Celeb Hack: Is Apple Telling All It Knows?
Dave Kearns, Analyst, Kuppinger-ColeCommentary
Did Apple have a system-wide data breach? No. Was it complicit through an appalling security lapse by not defending against brute force attacks? Youíre darn tootin'!
By Dave Kearns Analyst, Kuppinger-Cole, 9/3/2014
Comment14 comments  |  Read  |  Post a Comment
Apple Not Hacked In Celebrity Nude Photo Breaches
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
"Very targeted attack" on celebrities' Apple usernames, passwords, security questions -- iCloud, Find My iPhone not breached, Apple says.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 9/2/2014
Comment9 comments  |  Read  |  Post a Comment
Sony, XBox Victims Of DDoS, Hacktivist Threats
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Hacktivists from Anonymous and from a presumed Islamic extremist group targeted a variety of online gaming services.
By Sara Peters Senior Editor at Dark Reading, 8/26/2014
Comment7 comments  |  Read  |  Post a Comment
27 Million South Koreans Victimized In Online Gaming Heist
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
16 suspects arrested in South Korea as authorities pursue additional suspects, including a Chinese hacker.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/25/2014
Comment6 comments  |  Read  |  Post a Comment
All In For The Coming World of 'Things'
Don Bailey, Founder & CEO, Lab Mouse SecurityCommentary
At a Black Hat round table, experts discuss the strategies necessary to lock down the Internet of Things, the most game-changing concept in Internet history.
By Don Bailey Founder & CEO, Lab Mouse Security, 8/25/2014
Comment6 comments  |  Read  |  Post a Comment
Wanted: Cloud Brokers
Jonathan Feldman, CIO, City of Asheville, NCCommentary
Do you know the ins and outs of cloud software stacks and security? Got the finesse to break through cultural resistance? Then you may have found your next career.
By Jonathan Feldman CIO, City of Asheville, NC, 8/21/2014
Comment3 comments  |  Read  |  Post a Comment
Website Attack Attempts Via Vegas Rose During Black Hat, DEF CON
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
Data snapshot from Imperva shows major jump in malicious activity during security and hacker conferences in Sin City.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/20/2014
Comment4 comments  |  Read  |  Post a Comment
Cloud Apps & Security: When Sharing Matters
Krishna Narayanaswamy, Founder & Chief Scientist, NetskopeCommentary
Sharing documents and data is happening all over the cloud today but not all sharing activity carries equal risk.
By Krishna Narayanaswamy Founder & Chief Scientist, Netskope, 8/18/2014
Comment5 comments  |  Read  |  Post a Comment
Identity And Access Management Market Heats Up
Brian Prince, Contributing Writer, Dark ReadingNews
The past few weeks have seen a number of acquisitions and investments surrounding cloud and on-premises IAM vendors.
By Brian Prince Contributing Writer, Dark Reading, 8/15/2014
Comment2 comments  |  Read  |  Post a Comment
Traffic To Hosting Companies Hijacked In Crypto Currency Heist
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Attacker likely a current or former ISP employee, researchers say.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/14/2014
Comment2 comments  |  Read  |  Post a Comment
Hybrid Cloud Security: New Tactics Required
Joe Masters Emison, CTO, BuildFaxCommentary
Interested in shuttling workloads between public and private cloud? Better make sure it's worth doing, because hybrid means rethinking how you manage compliance, identity, connectivity, and more.
By Joe Masters Emison CTO, BuildFax, 8/13/2014
Comment9 comments  |  Read  |  Post a Comment
Time To Broaden CompSci Curriculum Beyond STEM
Lysa Myers, Security Researcher, ESETCommentary
Having a visual arts background may not be the traditional path for a career in infosec, but itís a skill that makes me no less effective in analyzing malware patterns -- and often faster.
By Lysa Myers Security Researcher, ESET, 8/13/2014
Comment15 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Security Insights
3 Places to Enable 2-Factor Authentication Now
3 Places to Enable 2-Factor Authentication Now
Two-factor authentication is a ubiquitous, mature technology. Whether or not you use it for your network, here are three external services for which you should immediately enable it.
Comment1 comments
Read | Post a Comment
More Sophos Security Insights
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2006-1318
Published: 2014-09-19
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."

CVE-2014-1391
Published: 2014-09-19
QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.

CVE-2014-4350
Published: 2014-09-19
Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file.

CVE-2014-4376
Published: 2014-09-19
IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted API arguments.

CVE-2014-4390
Published: 2014-09-19
Bluetooth in Apple OS X before 10.9.5 does not properly validate API calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application.

Best of the Web
Dark Reading Radio