Cloud
News & Commentary
Clever CryptoWall Spreading Via New Attacks
Sara Peters, Senior Editor at Dark ReadingNews
Top ransomware doesn't waste time jumping on the latest Flash zero-day, and hops rides on click fraud campaigns, too.
By Sara Peters Senior Editor at Dark Reading, 6/29/2015
Comment0 comments  |  Read  |  Post a Comment
CSA Announces New Working Group For Cloud Security API Standards
Ericka Chickowski, Contributing Writer, Dark ReadingNews
CipherCloud, Deloitte, InfoSys, Intel Security and SAP all on board to start developing vendor-neutral guidelines that could further accelerate CASB growth
By Ericka Chickowski Contributing Writer, Dark Reading, 6/29/2015
Comment0 comments  |  Read  |  Post a Comment
4 Ways Cloud Usage Is Putting Health Data At Risk
Jai Vijayan, Freelance writerNews
A huge shadow IT problem is just one of the risks of uncontrolled cloud usage in healthcare organizations, new study shows.
By Jai Vijayan Freelance writer, 6/26/2015
Comment1 Comment  |  Read  |  Post a Comment
Stealthy Fobber Malware Takes Anti-Analysis To New Heights
Sara Peters, Senior Editor at Dark ReadingNews
Built off the Tinba banking Trojan and distributed through the elusive HanJuan exploit kit, Fobber info-stealer defies researchers with layers upon layers of encryption.
By Sara Peters Senior Editor at Dark Reading, 6/25/2015
Comment0 comments  |  Read  |  Post a Comment
How To Avoid Collateral Damage In Cybercrime Takedowns
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Internet pioneer and DNS expert Paul Vixie says 'passive DNS' is way to shut down malicious servers and infrastructure without affecting innocent users.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 6/24/2015
Comment1 Comment  |  Read  |  Post a Comment
3 Clues That Collaboration And File Sharing Tools Are Cloud Security's Weak Link
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Cloud collaboration and file sharing applications continue to raise CISOs' blood pressure.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/23/2015
Comment1 Comment  |  Read  |  Post a Comment
Security Surveys: Read With Caution
Bill Brenner, Information Security BloggerCommentary
Iím skeptical of industry surveys that tell security practitioners what they already know. Donít state the obvious. Tell us the way forward.
By Bill Brenner Information Security Blogger, 6/22/2015
Comment1 Comment  |  Read  |  Post a Comment
7 Top Security Quotes From London Technology Week
Sara Peters, Senior Editor at Dark Reading
Tech events across the city hit on IoT, smart cities, mobility and Legos.
By Sara Peters Senior Editor at Dark Reading, 6/19/2015
Comment9 comments  |  Read  |  Post a Comment
Smart Cities', IoT's Key Challenges: Security, Lack of Standards
Sara Peters, Senior Editor at Dark ReadingNews
London Technology Week: At IFSEC, futurologist Simon Moores asks who's responsible when a smart city crashes.
By Sara Peters Senior Editor at Dark Reading, 6/17/2015
Comment0 comments  |  Read  |  Post a Comment
Few Skills Needed to Build DDoS Infrastructure, Honeypot Project Shows
Jai Vijayan, Freelance writerNews
Novetta's analysis of the tactics used by attackers to exploit a flaw in Elasticsearch shows script kiddies can build DDoS attacks.
By Jai Vijayan Freelance writer, 6/11/2015
Comment0 comments  |  Read  |  Post a Comment
Smart Cities, Finance Security Hot Topics At London Technology Week
Sara Peters, Senior Editor at Dark ReadingNews
IFSEC, Interop, Black Hat, DarkReading's Crash Course, and over 100 other tech events descend upon London next week.
By Sara Peters Senior Editor at Dark Reading, 6/11/2015
Comment1 Comment  |  Read  |  Post a Comment
iOS Mail App Vulnerable To Phishing Bug
Nathan Eddy, Freelance WriterNews
An unpatched bug in Apple's Mail app for iOS mobile devices could easily fool users into giving up their iCloud passwords to phishing hackers.
By Nathan Eddy Freelance Writer, 6/11/2015
Comment1 Comment  |  Read  |  Post a Comment
The Promises And Perils Of The Healthcare Internet Of Things
Lorie Wigle, Vice President, General Manager IOT Security Solutions, Intel Security Group
Connected devices are working wonders for managing treatment, but their integration with consumer technology and cloud computing raises significant security issues.
By Lorie Wigle Vice President, General Manager IOT Security Solutions, Intel Security Group, 6/11/2015
Comment2 comments  |  Read  |  Post a Comment
Firewalls Sustain Foundation of Sound Security
Jody Brazil, Founder and CEO of FireMonCommentary
Simply put, organizations that cannot maintain rigid firewall enforcement are more likely to be compromised.
By Jody Brazil Founder and CEO of FireMon, 6/10/2015
Comment1 Comment  |  Read  |  Post a Comment
Why the Firewall is Increasingly Irrelevant
Asaf Cidon, CEO & Co-founder, SookasaCommentary
It will take a dramatic reimagining of security to dedicate focus to the areas where company data actually resides. It starts with tearing down the firewall.
By Asaf Cidon CEO & Co-founder, Sookasa, 6/10/2015
Comment4 comments  |  Read  |  Post a Comment
Quantifying Shadow Data In The Cloud
Ericka Chickowski, Contributing Writer, Dark Reading
Report shows how much data users really are exposing on SaaS services.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/8/2015
Comment1 Comment  |  Read  |  Post a Comment
7 Critical Criteria for Data Encryption In The Cloud
Ron Zalkind, CTO & Co-founder, CloudLockCommentary
Encrypting the huge number of data files stored in a public cloud today is like bubble-wrapping an entire house. Better to focus on the fragile items that matter.
By Ron Zalkind CTO & Co-founder, CloudLock, 6/8/2015
Comment1 Comment  |  Read  |  Post a Comment
Shared Responsibility A Key To Effective Cloud Security
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Former Walmart security architect talks shared responsibility in the cloud and the reason security architecture needs to change in cloud environments.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/8/2015
Comment0 comments  |  Read  |  Post a Comment
Web App Developers Putting Millions At Risk
Jai Vijayan, Freelance writerNews
German security researchers find 56 million data records lying unprotected in cloud back-end databases.
By Jai Vijayan Freelance writer, 6/4/2015
Comment0 comments  |  Read  |  Post a Comment
Securing Private and Hybrid Clouds
Raja Patel, Vice President and General Manager of Network Security at Intel Security
As-a-service models offer huge opportunities, but also complicate security.
By Raja Patel Vice President and General Manager of Network Security at Intel Security, 6/4/2015
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1913
Published: 2015-06-30
Rational Test Control Panel in IBM Rational Test Workbench and Rational Test Virtualization Server 8.0.0.x before 8.0.0.5, 8.0.1.x before 8.0.1.6, 8.5.0.x before 8.5.0.4, 8.5.1.x before 8.5.1.5, 8.6.0.x before 8.6.0.4, and 8.7.0.x before 8.7.0.2 uses the MD5 algorithm for password hashing, which mak...

CVE-2015-4227
Published: 2015-06-30
Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCus91838.

CVE-2015-4229
Published: 2015-06-30
The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589.

CVE-2015-0196
Published: 2015-06-29
CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 before 7.0.0.8 Cumulative iFix 2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

CVE-2015-0545
Published: 2015-06-29
EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report