Cloud
News & Commentary
Cloud Security Lessons from the RNC Leak
Kelly Sheridan, Associate Editor, Dark ReadingNews
A poorly configured Amazon S3 bucket that led to a massive data leak could easily happen to any organization not adopting proper cloud security measures.
By Kelly Sheridan Associate Editor, Dark Reading, 6/22/2017
Comment0 comments  |  Read  |  Post a Comment
Cloud Security & the Power of Shared Responsibility
Tim Prendergast, Founder & CEO, Evident.io
When you and your CSP jointly embrace the shared security responsibility model you can achieve greater success than you or your provider can achieve alone.
By Tim Prendergast Founder & CEO, Evident.io, 6/20/2017
Comment0 comments  |  Read  |  Post a Comment
Microsoft, Accenture Team up on Blockchain for Digital ID Network
Dark Reading Staff, Quick Hits
Microsoft and Accenture use blockchain tech to build a digital ID network, which will help give legal identification to 1.1 billion people without official documents.
By Dark Reading Staff , 6/19/2017
Comment0 comments  |  Read  |  Post a Comment
Forrester: Rapid Cloud Adoption Drives Demand for Security Tools
Kelly Sheridan, Associate Editor, Dark ReadingNews
Cloud services revenue is poised to skyrocket from $114 billion in 2016 to $236 billion by 2020, driving the market for products to secure data in the cloud.
By Kelly Sheridan Associate Editor, Dark Reading, 6/16/2017
Comment0 comments  |  Read  |  Post a Comment
Climbing the Security Maturity Ladder in Cloud
Daniel Mellen, Accenture Managing Director, SecurityCommentary
These five steps will insure that you achieve the broadest coverage for onboarding your most sensitive workloads.
By Daniel Mellen Accenture Managing Director, Security, 6/15/2017
Comment0 comments  |  Read  |  Post a Comment
Trumps Executive Order: What It Means for US Cybersecurity
Carson Sweet, Co-Founder & CTO, CloudPassageCommentary
The provisions are all well and good, but its hardly the first time theyve been ordered by the White House.
By Carson Sweet Co-Founder & CTO, CloudPassage, 6/15/2017
Comment0 comments  |  Read  |  Post a Comment
Malware Incidents at US SMBs Spiked 165% in Q1
Dawn Kawamoto, Associate Editor, Dark ReadingNews
Texas-based SMBs suffered the most malware attack attempts in the first quarter while those in Arizona had the biggest year-over-year increase, according to new Malwarebytes report.
By Dawn Kawamoto Associate Editor, Dark Reading, 6/15/2017
Comment0 comments  |  Read  |  Post a Comment
How End-User Devices Get Hacked: 8 Easy Ways
Kelly Sheridan, Associate Editor, Dark Reading
Security experts share the simplest and most effective methods bad guys employ to break into end-user devices.
By Kelly Sheridan Associate Editor, Dark Reading, 6/9/2017
Comment1 Comment  |  Read  |  Post a Comment
Security Orchestration Fine-Tunes the Incident Response Process
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Emerging orchestration technology can cut labor-intensive tasks for security analysts.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/8/2017
Comment2 comments  |  Read  |  Post a Comment
Microsoft to Buy Hexadite for AI, Enterprise Security
Kelly Sheridan, Associate Editor, Dark ReadingNews
Acquisition of Israeli security startup aims to strengthen Windows 10 security with artificial intelligence, company says.
By Kelly Sheridan Associate Editor, Dark Reading, 6/8/2017
Comment0 comments  |  Read  |  Post a Comment
Hide & Seek: Security Teams Lack Visibility in the Cloud
Tim Prendergast, Founder & CEO, Evident.io
IT leaders remain on the hot seat when it comes to their ability to continuously monitor the state of their data and operations. How hot is your seat?
By Tim Prendergast Founder & CEO, Evident.io, 6/8/2017
Comment0 comments  |  Read  |  Post a Comment
Security in the Cloud: Pitfalls and Potential of CASB Systems
Kelly Sheridan, Associate Editor, Dark ReadingNews
The transition to cloud has driven a demand for CASB systems, but today's systems lack the full breadth of functionality businesses need.
By Kelly Sheridan Associate Editor, Dark Reading, 6/7/2017
Comment2 comments  |  Read  |  Post a Comment
Cloud, Hackers, Trump Presidency, Drive Security Spend
Kelly Sheridan, Associate Editor, Dark ReadingNews
Businesses reevaluate their security spending in response to the growth of cloud, fear of malicious hackers, and the Trump presidency, research finds.
By Kelly Sheridan Associate Editor, Dark Reading, 6/7/2017
Comment0 comments  |  Read  |  Post a Comment
Why Phishing Season Lasts All Year for Top US Retailers
Tim Helming, Director of Product Management, DomainToolsCommentary
No major brand is immune from cyber squatters; the more popular the company, the more look-alike domains phishers register as bait. Here are some techniques to watch out for.
By Tim Helming Director of Product Management, DomainTools, 6/6/2017
Comment2 comments  |  Read  |  Post a Comment
Oracle Brings Machine Learning to its CASB Service
Kelly Sheridan, Associate Editor, Dark ReadingNews
Machine learning is a next step for cloud systems, as Oracle integrates new capabilities into its CASB offering to discern and leverage user behavior.
By Kelly Sheridan Associate Editor, Dark Reading, 6/5/2017
Comment0 comments  |  Read  |  Post a Comment
Majority of DDoS Attacks are Short, Low-Volume Bursts
Dark Reading Staff, Quick Hits
DDoS attacks largely fall into the camp of short, low-volume sieges, but large-volume attacks are sharply on the rise, according to a study released today.
By Dark Reading Staff , 6/5/2017
Comment2 comments  |  Read  |  Post a Comment
Google Arms Gmail Security with Machine Learning
Kelly Sheridan, Associate Editor, Dark ReadingNews
Google rolls out four security updates to protect enterprise Gmail accounts from phishing, data loss, and other threats.
By Kelly Sheridan Associate Editor, Dark Reading, 5/31/2017
Comment2 comments  |  Read  |  Post a Comment
Bot-Driven Online Ad Fraud Losses Decline
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
But counterfeit ad inventory the next big worry for online advertisers.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/30/2017
Comment2 comments  |  Read  |  Post a Comment
Chipotle Dishes Details on Data Breach
Dark Reading Staff, Quick Hits
An investigation into the Chipotle security incident announced April 25 confirmed a timeline of attack and type of customer information exposed.
By Dark Reading Staff , 5/30/2017
Comment2 comments  |  Read  |  Post a Comment
8 Most Overlooked Security Threats
Kelly Sheridan, Associate Editor, Dark Reading
Businesses know the obvious security threats to watch for, but some of the biggest dangers may not at top-of-mind.
By Kelly Sheridan Associate Editor, Dark Reading, 5/26/2017
Comment18 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by cybersavior
Current Conversations Horsey McHornface
In reply to: Submission
Post Your Own Reply
Posted by cybersavior
Current Conversations Don't misspell "run icon".
In reply to: Caption
Post Your Own Reply
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.