Cloud

News & Commentary
Report: Tens of Thousands of E-Commerce Sites at Heightened Security Risk
Dark Reading Staff, Quick Hits
Report delivered at Payment Card Industry Security Standards Council meeting flags issues in deployments of Magento, a popular e-commerce platform.
By Dark Reading Staff , 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
Consumers Are Forgiving After a Data Breach, but Companies Need To Respond Well
Steve Zurier, Freelance WriterNews
A solid response and reputation management program will go a long way in surviving a major breach.
By Steve Zurier Freelance Writer, 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
8 Security Buzzwords That Are Too Good to Be True
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA Commentary
If you can't get straight answers about popular industry catchphrases, maybe it's time to ask your vendor: How do you actually use the technology?
By Joshua Goldfarb Co-founder & Chief Product Officer, IDRRA , 11/20/2018
Comment0 comments  |  Read  |  Post a Comment
Instagram Privacy Tool Exposed Passwords
Dark Reading Staff, Quick Hits
The 'Download Your Data' tool, intended to improve users' privacy, actually became a privacy risk.
By Dark Reading Staff , 11/19/2018
Comment0 comments  |  Read  |  Post a Comment
BlackBerry Doubles Down on Security in $1.4B Acquisition of Cylance
Kelly Sheridan, Staff Editor, Dark ReadingNews
BlackBerry aims to bring Cylance artificial intelligence and security tools into its software portfolio.
By Kelly Sheridan Staff Editor, Dark Reading, 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
26M Texts Exposed in Poorly Secured Vovox Database
Dark Reading Staff, Quick Hits
The server, which lacked password protection, contained tens of millions of SMS messages, two-factor codes, shipping alerts, and other user data.
By Dark Reading Staff , 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
AI Poised to Drive New Wave of Exploits
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Criminals are ready to use AI to dramatically speed the process of finding zero-day vulnerabilities in systems.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/16/2018
Comment0 comments  |  Read  |  Post a Comment
7 Free (or Cheap) Ways to Increase Your Cybersecurity Knowledge
Curtis Franklin Jr., Senior Editor at Dark Reading
Building cybersecurity skills is a must; paying a lot for the education is optional. Here are seven options for increasing knowledge without depleting a budget.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/15/2018
Comment1 Comment  |  Read  |  Post a Comment
Cloud, China, Generic Malware Top Security Concerns for 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
FireEye researchers unveil an extensive list of security risks waiting in the new year's wings.
By Kelly Sheridan Staff Editor, Dark Reading, 11/15/2018
Comment0 comments  |  Read  |  Post a Comment
Security Teams Struggle with Container Security Strategy
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Fewer than 30% of firms have more than a basic container security plan in place.
By Ericka Chickowski Contributing Writer, Dark Reading, 11/14/2018
Comment0 comments  |  Read  |  Post a Comment
Netskope Announces Series F Funding Round
Dark Reading Staff, Quick Hits
The $168.7 million round will go toward R&D and global expansion, says cloud access security broker provider.
By Dark Reading Staff , 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
7 Cool New Security Tools to be Revealed at Black Hat Europe
Ericka Chickowski, Contributing Writer, Dark Reading
Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.
By Ericka Chickowski Contributing Writer, Dark Reading, 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Cyberattacks Top Business Risks in North America, Europe, EAP
Dark Reading Staff, Quick Hits
The World Economic Forum reports cyberattacks are a top enterprise concern following WannaCry and the rise of e-commerce.
By Dark Reading Staff , 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Dropbox Teams with Israeli Security Firm Coronet
Dark Reading Staff, Quick Hits
The partnership is expected to improve threat detection for Dropbox while growing Coronet's user base.
By Dark Reading Staff , 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
'PortSmash' Brings New Side-Channel Attack to Intel Processors
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
New vulnerability exposes encryption keys in the first proof-of-concept code.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/6/2018
Comment1 Comment  |  Read  |  Post a Comment
Most Businesses to Add More Cloud Security Tools
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cloud adoption drives organizations to spend in 2019 as they learn traditional security practices can't keep up.
By Kelly Sheridan Staff Editor, Dark Reading, 11/6/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft, Amazon Top BEC's Favorite Brands
Kelly Sheridan, Staff Editor, Dark ReadingNews
When attackers want to impersonate a brand via email, the majority turn to Microsoft and Amazon because of their ubiquity in enterprise environments.
By Kelly Sheridan Staff Editor, Dark Reading, 11/1/2018
Comment0 comments  |  Read  |  Post a Comment
Qualys Snaps Up Container Firm
Dark Reading Staff, Quick Hits
Plans to use Layered Insight's technology to add runtime capabilities and automated enforcement to its container security tool.
By Dark Reading Staff , 10/31/2018
Comment0 comments  |  Read  |  Post a Comment
How the Power of Quantum Can Be Used Against Us
Rodney Joffe, SVP and Senior Technologist, Neustar Commentary
There has been a palpable shift from volumetric attacks to "quantum attacks," and they look to be one of the biggest cybersecurity challenges on the rise today.
By Rodney Joffe SVP and Senior Technologist, Neustar , 10/31/2018
Comment0 comments  |  Read  |  Post a Comment
9 Traits of A Strong Infosec Resume
Kelly Sheridan, Staff Editor, Dark Reading
Security experts share insights on which skills and experiences are most helpful to job hunters looking for their next gig.
By Kelly Sheridan Staff Editor, Dark Reading, 10/31/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
PR Newswire
New Bluetooth Hack Affects Millions of Vehicles
Dark Reading Staff 11/16/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19406
PUBLISHED: 2018-11-21
kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.
CVE-2018-19407
PUBLISHED: 2018-11-21
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
CVE-2018-19404
PUBLISHED: 2018-11-21
In YXcms 1.4.7, protected/apps/appmanage/controller/indexController.php allow remote authenticated Administrators to execute any PHP code by creating a ZIP archive containing a config.php file, hosting the .zip file at an external URL, and visiting index.php?r=appmanage/index/onlineinstall&url= ...
CVE-2018-19387
PUBLISHED: 2018-11-20
format_cb_pane_tabs in format.c in tmux 2.7 through 2.8 might allow attackers to cause a denial of service (NULL Pointer Dereference and application crash) by arranging for a malloc failure.
CVE-2018-19388
PUBLISHED: 2018-11-20
FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read, access violation, and application crash) via TIFF data because of a ConvertToPDF_x86!ReleaseFXURLToHtml issue.