Cloud
News & Commentary
EU, US Agree On New Data Transfer Pact, But Will It Hold?
Sara Peters, Senior Editor at Dark ReadingNews
So long Safe Harbor, hello 'Privacy Shield.'
By Sara Peters Senior Editor at Dark Reading, 2/2/2016
Comment0 comments  |  Read  |  Post a Comment
Cloud Security: It’s Become A People Problem
Kaushik Narayan, Co-Founder and CTO at Skyhigh NetworksCommentary
Now that the cloud is becoming secure enough for sensitive data, are cloud customers ready to hold up their end of a shared liability model?
By Kaushik Narayan Co-Founder and CTO at Skyhigh Networks, 1/29/2016
Comment1 Comment  |  Read  |  Post a Comment
No Safe Harbor Is Coming -- CISA Made Sure Of It
Sara Peters, Senior Editor at Dark ReadingNews
It's time to take your data classification procedures more seriously. If not, that helpful information-sharing you did in the US could cost you hefty fines for privacy violations in the European Union.
By Sara Peters Senior Editor at Dark Reading, 1/22/2016
Comment3 comments  |  Read  |  Post a Comment
Cloud Security: To Scale Safely, Think Small
Amrit Williams, CTO, CloudPassageCommentary
Why today's enterprises need an adaptable cloud infrastructure centered around flexibility, portability, and speed.
By Amrit Williams CTO, CloudPassage, 1/19/2016
Comment2 comments  |  Read  |  Post a Comment
'Main Target' Of DD4BC DDoS Extortionist Group Arrested
Sara Peters, Senior Editor at Dark ReadingNews
International group of law enforcement agencies zeroes in on group that spawned the DDoS for Bitcoin cyber-extortion business.
By Sara Peters Senior Editor at Dark Reading, 1/12/2016
Comment0 comments  |  Read  |  Post a Comment
FBI Tweaks Stance On Encryption BackDoors, Admits To Using 0-Day Exploits
Dark Reading Staff, Quick Hits
FBI retreats a step, but makes stand on end-to-end encryption. Meanwhile, European Union gets ready with a rougher, tougher replacement for Safe Harbor.
By Dark Reading Staff , 12/10/2015
Comment1 Comment  |  Read  |  Post a Comment
Spy Banker Trojan Being Hosted On Google Cloud
Sara Peters, Senior Editor at Dark ReadingNews
Spy Banker spreading through Brazil via malicious links posted on social networks.
By Sara Peters Senior Editor at Dark Reading, 12/10/2015
Comment0 comments  |  Read  |  Post a Comment
Cyber Extortion, DDoS-For-Bitcoin Campaigns Rise
Sara Peters, Senior Editor at Dark ReadingNews
Now that the model is proven, more cyber-extortionists are entering the scene, stealing their predecessors' ideas and even their names.
By Sara Peters Senior Editor at Dark Reading, 12/7/2015
Comment1 Comment  |  Read  |  Post a Comment
Perimeter Inversion: Turning Digital Security Inside Out
Michael Sentonas, Chief Technology and Strategy Officer, APAC
We need security solutions that are designed from the ground up to operate in today’s dynamic environment.
By Michael Sentonas Chief Technology and Strategy Officer, APAC, 12/7/2015
Comment2 comments  |  Read  |  Post a Comment
CryptoWall 4.0 Spreading Via Angler Drive-By Download Campaign
Sara Peters, Senior Editor at Dark ReadingNews
Sweet-talking ransomware making rounds in attacks originating from Ukraine-based hosts.
By Sara Peters Senior Editor at Dark Reading, 12/2/2015
Comment0 comments  |  Read  |  Post a Comment
Cyber Monday: What Retailers & Shoppers Should Watch For
Sara Peters, Senior Editor at Dark ReadingNews
Attackers have a variety of ways to commit fraud and may take advantage of busy time to sneak in a data breach.
By Sara Peters Senior Editor at Dark Reading, 11/24/2015
Comment12 comments  |  Read  |  Post a Comment
Docker Tightens Security Over Container Vulnerabilities
Charles Babcock, Editor at Large, CloudNews
Docker unveils three ways to make containers more secure, especially when code is changed during its update cycle.
By Charles Babcock Editor at Large, Cloud, 11/17/2015
Comment1 Comment  |  Read  |  Post a Comment
More Ransomware Being Spread Via Malvertising
Dark Reading Staff, Quick Hits
Magnitude exploit kit has popped up in new malvertising campaign and dropping CryptoWall.
By Dark Reading Staff , 11/13/2015
Comment3 comments  |  Read  |  Post a Comment
CloudFlare Supplies Security At Network's Edge
Charles Babcock, Editor at Large, CloudNews
CloudFlare is a startup that has invested in security-as-a-service, and distributes it with a low latency to the edge of the network. Microsoft, Google, and others have taken notice.
By Charles Babcock Editor at Large, Cloud, 11/9/2015
Comment2 comments  |  Read  |  Post a Comment
U.K. Bill Aims To Limit Use Of Encryption
Dark Reading Staff, Quick Hits
Members of British government taking a stab what members of American government have also been attempting to push through.
By Dark Reading Staff , 11/3/2015
Comment1 Comment  |  Read  |  Post a Comment
Xen Patches 'Worst'-Ever Virtual Machine Escape Vulnerability
Jai Vijayan, Freelance writerNews
Bug remained undetected for seven years and enabled complete control of host system.
By Jai Vijayan Freelance writer, 10/30/2015
Comment2 comments  |  Read  |  Post a Comment
15-Year-Old Arrested For TalkTalk Attack
Sara Peters, Senior Editor at Dark ReadingNews
U.K. police collar Northern Ireland youth for questioning, while security industry tries to make sense of confusing information out of TalkTalk CEO.
By Sara Peters Senior Editor at Dark Reading, 10/26/2015
Comment18 comments  |  Read  |  Post a Comment
Navigating New Security Architectures For Cloud Data Centers
Marc Woolward, CTO, vArmourCommentary
Micro-segmentation is a revolutionary approach to data center complexity and security. But not all architectures are created equal.
By Marc Woolward CTO, vArmour, 10/21/2015
Comment0 comments  |  Read  |  Post a Comment
Former White House Advisor: Marry Infosec To Economics
Sara Peters, Senior Editor at Dark ReadingNews
Melissa Hathaway, former cybersecurity policy advisor to the White House, says the security and economy agendas should go hand-in-hand, and Western nations' use of surveillance technology is 'alarming.'
By Sara Peters Senior Editor at Dark Reading, 10/19/2015
Comment3 comments  |  Read  |  Post a Comment
Survey Shows Little Accord On Responsibility For Cloud Security
Jai Vijayan, Freelance writerNews
With procurement teams and business groups doing most vendor selection and vetting, IT groups have little role in security.
By Jaikumar Vijayn , 10/15/2015
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by Jamesbrownpal
Current Conversations good information nice
In reply to: Re: Pending Review
Post Your Own Reply
Posted by Griezmannpal
Current Conversations GREAT INFORMATION
In reply to: Re: Pending Review
Post Your Own Reply
Posted by Benwatanabe
Current Conversations nice post great one
In reply to: Re: Pending Review
Post Your Own Reply
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: nice one good
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas in a thought-provoking discussion about the evolving role of the CISO.