Cloud

News & Commentary
Siemens Leads Launch of Global Cybersecurity Initiative
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
FedEx Customer Data Exposed on Unsecured S3 Server
Dark Reading Staff, Quick Hits
Thousands of documents from US and international citizens were exposed on an Amazon S3 bucket configured for public access.
By Dark Reading Staff , 2/16/2018
Comment0 comments  |  Read  |  Post a Comment
Democracy & DevOps: What Is the Proper Role for Security?
PJ Kirner, CTO & Founder, IllumioCommentary
Security experts need a front-row seat in the application development process but not at the expense of the business.
By PJ Kirner CTO & Founder, Illumio, 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
Oracle Buys Zenedge for Cloud Security
Dark Reading Staff, Quick Hits
Oracle announces its acquisition of Zenedge, which focuses on cloud-based network and infrastructure security.
By Dark Reading Staff , 2/15/2018
Comment0 comments  |  Read  |  Post a Comment
Windows 10 Critical Vulnerability Reports Grew 64% in 2017
Kelly Sheridan, Associate Editor, Dark ReadingNews
The launch and growth of new operating systems is mirrored by an increase in reported vulnerabilities.
By Kelly Sheridan Associate Editor, Dark Reading, 2/14/2018
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Adds Windows Defender ATP Support to Windows 7, 8.1
Dark Reading Staff, Quick Hits
Microsoft brings Windows Defender ATP down-level support to older versions of Windows for businesses transitioning to Windows 10.
By Dark Reading Staff , 2/12/2018
Comment0 comments  |  Read  |  Post a Comment
Man Formerly on FBI Most Wanted List Pleads Guilty in 'Scareware' Hack
Dark Reading Staff, Quick Hits
Latvian man ran bulletproof Web hosting service that served cybercriminals.
By Dark Reading Staff , 2/7/2018
Comment0 comments  |  Read  |  Post a Comment
New Zero-Day Ransomware Evades Microsoft, Google Cloud Malware Detection
Kelly Sheridan, Associate Editor, Dark ReadingNews
Shurl0ckr, a form of Gojdue ransomware, was not detected on SharePoint or Google Drive.
By Kelly Sheridan Associate Editor, Dark Reading, 2/7/2018
Comment0 comments  |  Read  |  Post a Comment
Top Cloud Security Misconceptions Plaguing Enterprises
Paul Martini, The CEO, co-founder and chief architect of iboss
Contrary to popular opinion, there is no one single cloud. There are a wealth of cloud-based providers that own dedicated server space across the globe. Heres how to find the best fit for your company.
By Paul Martini The CEO, co-founder and chief architect of iboss, 2/7/2018
Comment0 comments  |  Read  |  Post a Comment
Security vs. Speed: The Risk of Rushing to the Cloud
Kelly Sheridan, Associate Editor, Dark ReadingNews
Companies overlook critical security steps as they move to adopt the latest cloud applications and services.
By Kelly Sheridan Associate Editor, Dark Reading, 2/6/2018
Comment6 comments  |  Read  |  Post a Comment
2017 Smashed World's Records for Most Data Breaches, Exposed Information
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Five mega-breaches last year accounted for more than 72% of all data records exposed in 2017.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 2/6/2018
Comment0 comments  |  Read  |  Post a Comment
Mastering Security in the Zettabyte Era
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
Many businesses are ill-equipped to deal with potential risks posed by billions of connected devices, exponential data growth, and an unprecedented number of cyber threats. Here's how to prepare.
By Marc Wilczek Digital Strategist & CIO Advisor, 2/5/2018
Comment0 comments  |  Read  |  Post a Comment
3 Ways Hackers Steal Your Company's Mobile Data
Paul Martini, The CEO, co-founder and chief architect of ibossCommentary
The most effective data exfiltration prevention strategies are those that are as rigorous in vetting traffic entering the network as they are traffic leaving it.
By Paul Martini The CEO, co-founder and chief architect of iboss, 2/2/2018
Comment0 comments  |  Read  |  Post a Comment
Securing Cloud-Native Apps
Guy Podjarny, CEO & Cofounder, SnykCommentary
A useful approach for securing cloud-native platforms can be adapted for securing apps running on top of the platform as well.
By Guy Podjarny CEO & Cofounder, Snyk, 2/1/2018
Comment0 comments  |  Read  |  Post a Comment
Google Cloud Least-Privilege Function Goes Live
Dark Reading Staff, Quick Hits
Custom Roles for Cloud IAM now available in production from Google.
By Dark Reading Staff , 1/31/2018
Comment0 comments  |  Read  |  Post a Comment
Breach-Proofing Your Data in a GDPR World
Sanjay Beri, Co-Founder & CEO, NetskopeCommentary
Here are six key measures for enterprises to prioritize over the next few months.
By Sanjay Beri Co-Founder & CEO, Netskope, 1/30/2018
Comment0 comments  |  Read  |  Post a Comment
Endpoint and Mobile Top Security Spending at 57% of Businesses
Dark Reading Staff, Quick Hits
Businesses say data-at-rest security tools are most effective at preventing breaches, but spend most of their budgets securing endpoint and mobile devices.
By Dark Reading Staff , 1/26/2018
Comment1 Comment  |  Read  |  Post a Comment
Selling Cloud-Based Cybersecurity to a Skeptic
Paul Martini, The CEO, co-founder and chief architect of iboss
When it comes to security, organizations dont need to look at cloud as an either/or proposition. But there are misconceptions that need to be addressed.
By Paul Martini The CEO, co-founder and chief architect of iboss, 1/26/2018
Comment0 comments  |  Read  |  Post a Comment
How Containers & Serverless Computing Transform Attacker Methodologies
Tyler Shields,  VP of Marketing, Strategy & Partnerships,  Signal SciencesCommentary
The pace of hacker innovation never slows. Now security technologies and methods must adapt with equal urgency.
By Tyler Shields VP of Marketing, Strategy & Partnerships, Signal Sciences, 1/25/2018
Comment0 comments  |  Read  |  Post a Comment
Meet Chronicle: Alphabet's New Cybersecurity Business
Kelly Sheridan, Associate Editor, Dark ReadingNews
Google parent company Alphabet introduces Chronicle, which will combine a security analytics platform and VirusTotal.
By Kelly Sheridan Associate Editor, Dark Reading, 1/24/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
One in Three SOC Analysts Now Job-Hunting
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/12/2018
Encrypted Attacks Continue to Dog Perimeter Defenses
Ericka Chickowski, Contributing Writer, Dark Reading,  2/14/2018
Can Android for Work Redefine Enterprise Mobile Security?
Satish Shetty, CEO, Codeproof Technologies,  2/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: One agent too many was installed on Bob's desktop.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.