Cloud
News & Commentary
Sony, XBox Victims Of DDoS, Hacktivist Threats
Sara Peters, Senior Editor at Dark ReadingQuick Hits
Hacktivists from Anonymous and from a presumed Islamic extremist group targeted a variety of online gaming services.
By Sara Peters Senior Editor at Dark Reading, 8/26/2014
Comment6 comments  |  Read  |  Post a Comment
27 Million South Koreans Victimized In Online Gaming Heist
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
16 suspects arrested in South Korea as authorities pursue additional suspects, including a Chinese hacker.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/25/2014
Comment6 comments  |  Read  |  Post a Comment
All In For The Coming World of 'Things'
Don Bailey, Founder & CEO, Lab Mouse SecurityCommentary
At a Black Hat round table, experts discuss the strategies necessary to lock down the Internet of Things, the most game-changing concept in Internet history.
By Don Bailey Founder & CEO, Lab Mouse Security, 8/25/2014
Comment7 comments  |  Read  |  Post a Comment
Wanted: Cloud Brokers
Jonathan Feldman, CIO, City of Asheville, NCCommentary
Do you know the ins and outs of cloud software stacks and security? Got the finesse to break through cultural resistance? Then you may have found your next career.
By Jonathan Feldman CIO, City of Asheville, NC, 8/21/2014
Comment3 comments  |  Read  |  Post a Comment
Website Attack Attempts Via Vegas Rose During Black Hat, DEF CON
Kelly Jackson Higgins, Executive Editor at Dark ReadingQuick Hits
Data snapshot from Imperva shows major jump in malicious activity during security and hacker conferences in Sin City.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/20/2014
Comment4 comments  |  Read  |  Post a Comment
Cloud Apps & Security: When Sharing Matters
Krishna Narayanaswamy, Founder & Chief Scientist, NetskopeCommentary
Sharing documents and data is happening all over the cloud today but not all sharing activity carries equal risk.
By Krishna Narayanaswamy Founder & Chief Scientist, Netskope, 8/18/2014
Comment5 comments  |  Read  |  Post a Comment
Identity And Access Management Market Heats Up
Brian Prince, Contributing Writer, Dark ReadingNews
The past few weeks have seen a number of acquisitions and investments surrounding cloud and on-premises IAM vendors.
By Brian Prince Contributing Writer, Dark Reading, 8/15/2014
Comment2 comments  |  Read  |  Post a Comment
Traffic To Hosting Companies Hijacked In Crypto Currency Heist
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Attacker likely a current or former ISP employee, researchers say.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 8/14/2014
Comment2 comments  |  Read  |  Post a Comment
Hybrid Cloud Security: New Tactics Required
Joe Masters Emison, CTO, BuildFaxCommentary
Interested in shuttling workloads between public and private cloud? Better make sure it's worth doing, because hybrid means rethinking how you manage compliance, identity, connectivity, and more.
By Joe Masters Emison CTO, BuildFax, 8/13/2014
Comment9 comments  |  Read  |  Post a Comment
Time To Broaden CompSci Curriculum Beyond STEM
Lysa Myers, Security Researcher, ESETCommentary
Having a visual arts background may not be the traditional path for a career in infosec, but it’s a skill that makes me no less effective in analyzing malware patterns -- and often faster.
By Lysa Myers Security Researcher, ESET, 8/13/2014
Comment15 comments  |  Read  |  Post a Comment
6 Biometric Factors That Are Working Today
Marilyn Cohodas, Community Editor, Dark Reading
From fingerprints to wearable ECG monitors, there are real options in the market that may relegate the despised password to the dustbin of history.
By Marilyn Cohodas Community Editor, Dark Reading, 8/12/2014
Comment23 comments  |  Read  |  Post a Comment
CloudBot: A Free, Malwareless Alternative To Traditional Botnets
Sara Peters, Senior Editor at Dark ReadingNews
Researchers take advantage of cloud service providers' free trials and lousy anti-automation controls to use cloud instances like bots.
By Sara Peters Senior Editor at Dark Reading, 8/11/2014
Comment1 Comment  |  Read  |  Post a Comment
The Hyperconnected World Has Arrived
Michael Sutton, VP Security Research, ZscalerCommentary
Yes, the ever-expanding attack surface of the Internet of Things is overwhelming. But next-gen security leaders gathered at Black Hat are up to the challenge.
By Michael Sutton VP Security Research, Zscaler, 8/8/2014
Comment6 comments  |  Read  |  Post a Comment
Facebook Buys Security Startup PrivateCore
Kristin Burnham, Senior Editor, InformationWeek.comCommentary
Facebook plans to deploy PrivateCore technology into its server stack to bolster encryption and malware prevention, the social network said.
By Kristin Burnham Senior Editor, InformationWeek.com, 8/8/2014
Comment0 comments  |  Read  |  Post a Comment
5 Steps To Supply Chain Security
Robert Lemos, Technology JournalistNews
The integrity of enterprise data is only as strong as your most vulnerable third-party supplier or business partner. It's time to shore up these connection points.
By Robert Lemos Technology Journalist, 8/6/2014
Comment5 comments  |  Read  |  Post a Comment
Dark Reading Plans Special Coverage Of Black Hat USA 2014
Tim Wilson, Editor in Chief, Dark ReadingCommentary
Radio shows, daily newsletter, and panel sessions highlight Dark Reading's comprehensive coverage of the Black Hat conference.
By Tim Wilson Editor in Chief, Dark Reading, 8/4/2014
Comment0 comments  |  Read  |  Post a Comment
LIVE From Las Vegas: Dark Reading Radio at Black Hat
Marilyn Cohodas, Community Editor, Dark ReadingCommentary
If you can't physically be at Black Hat USA 2014, Dark Reading offers a virtual alternative where you can engage with presenters and attendees about hot show topics and trends.
By Marilyn Cohodas Community Editor, Dark Reading, 8/1/2014
Comment2 comments  |  Read  |  Post a Comment
Infographic: With BYOD, Mobile Is The New Desktop
Adam Ely, COO, BlueboxCommentary
Security teams have no choice but to embrace the rapid proliferation of BYO devices, apps, and cloud services. To ignore it is to put your head in the sand.
By Adam Ely COO, Bluebox, 7/22/2014
Comment8 comments  |  Read  |  Post a Comment
Feds Pursue Cloud Forensics Standards
William Welsh, Contributing WriterCommentary
NIST identifies 65 challenges that forensic investigators face in gathering and analyzing digital information stored in the cloud, seeks help developing standards to aid law enforcement.
By William Welsh Contributing Writer, 7/17/2014
Comment2 comments  |  Read  |  Post a Comment
Dark Reading Radio: Where Do Security Startups Come From?
Tim Wilson, Editor in Chief, Dark ReadingCommentary
This week's radio broadcast will discuss how hot new security companies are born and how they are funded. Showtime is 1:00 p.m. ET.
By Tim Wilson Editor in Chief, Dark Reading, 7/15/2014
Comment2 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Security Insights
3 Places to Enable 2-Factor Authentication Now
3 Places to Enable 2-Factor Authentication Now
Two-factor authentication is a ubiquitous, mature technology. Whether or not you use it for your network, here are three external services for which you should immediately enable it.
Comment1 comments
Read | Post a Comment
More Sophos Security Insights
PR Newswire
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-2595
Published: 2014-08-31
The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, enables MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap interface, which all...

CVE-2013-2597
Published: 2014-08-31
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that lever...

CVE-2013-2598
Published: 2014-08-31
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory ...

CVE-2013-2599
Published: 2014-08-31
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain sensitive disk-encryption pas...

CVE-2013-6124
Published: 2014-08-31
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary fil...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.