Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

News & Commentary
Universal Health Services Suffered $67 Million Loss Due to Ransomware Attack
Dark Reading Staff, Quick Hits
Earnings report points to diversion of care during incident for financial loss.
By Dark Reading Staff , 3/1/2021
Comment0 comments  |  Read  |  Post a Comment
Inside Strata's Plans to Solve the Cloud Identity Puzzle
Kelly Sheridan, Staff Editor, Dark ReadingNews
Strata Identity was founded to change businesses' approach to identity management as multicloud environments become the norm.
By Kelly Sheridan Staff Editor, Dark Reading, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
New APT Group Targets Airline Industry & Immigration
Jai Vijayan, Contributing WriterNews
LazyScript bears similarities to some Middle Eastern groups but appears to be a distinct operation of its own, Malwarebytes says.
By Jai Vijayan Contributing Writer, 2/24/2021
Comment0 comments  |  Read  |  Post a Comment
Google Invests in Linux Kernel Developers to Focus on Security
Kelly Sheridan, Staff Editor, Dark ReadingNews
Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term.
By Kelly Sheridan Staff Editor, Dark Reading, 2/24/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Concludes Internal Investigation into Solorigate Breach
Robert Lemos, Contributing WriterNews
The software giant found no evidence that attackers gained extensive access to services or customer data.
By Robert Lemos Contributing Writer, 2/18/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Azure Front Door Gets a Security Upgrade
Kelly Sheridan, Staff Editor, Dark ReadingNews
New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.
By Kelly Sheridan Staff Editor, Dark Reading, 2/18/2021
Comment0 comments  |  Read  |  Post a Comment
Ransomware? Let's Call It What It Really Is: Extortionware
Charlie Winckless, Senior Director, Cybersecurity Solutions, at PresidioCommentary
Just as the targets of these attacks have shifted from individuals to corporations, so too has the narrow focus given way to applying force and pressure to pay.
By Charlie Winckless Senior Director, Cybersecurity Solutions, at Presidio, 2/17/2021
Comment0 comments  |  Read  |  Post a Comment
Firms Patch Greater Number of Systems, but Still Slowly
Robert Lemos, Contributing WriterNews
Fewer systems have flaws; however, the time to remediate vulnerabilities stays flat, and many issues targeted by in-the-wild malware remain open to attack.
By Robert Lemos Contributing Writer, 2/16/2021
Comment0 comments  |  Read  |  Post a Comment
Palo Alto Networks Plans to Acquire Cloud Security Firm
Dark Reading Staff, Quick Hits
Most of Fortune 100 firms have used Bridgecrew's service in their application development processes.
By Dark Reading Staff , 2/16/2021
Comment0 comments  |  Read  |  Post a Comment
Malware Exploits Security Teams' Greatest Weakness: Poor Relationships With Employees
Jason Meller, CEO & Founder, KolideCommentary
Users' distrust of corporate security teams is exposing businesses to unnecessary vulnerabilities.
By Jason Meller CEO & Founder, Kolide, 2/15/2021
Comment0 comments  |  Read  |  Post a Comment
How to Submit a Column to Dark Reading
Dark Reading Staff, Commentary
Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.
By Dark Reading Staff , 2/15/2021
Comment0 comments  |  Read  |  Post a Comment
Water Utility Hack Could Inspire More Intruders
Robert Lemos, Contributing WriterNews
If past cyberattacks are any indication, success begets imitation. In the wake of last week's hack of Florida water utility, other water utilities and users of remote desktop software would be wise to shore up defenses, experts say.
By Robert Lemos Contributing Writer, 2/12/2021
Comment0 comments  |  Read  |  Post a Comment
Pandemic Initially Led to Fewer Disclosed Vulnerabilities, Data Suggests
Robert Lemos, Contributing WriterNews
Vulnerability disclosure started off slow but caught up by the end of the year, according to a new report.
By Robert Lemos Contributing Writer, 2/11/2021
Comment0 comments  |  Read  |  Post a Comment
Game Over: Stopping DDoS Attacks Before They Start
Philippe Alcoy, Cyber Security Technologist, APACCommentary
Video games are poised for a revolution, but benefits will come to fruition only if the industry can guarantee consistent performance and availability.
By Philippe Alcoy Cyber Security Technologist, APAC, 2/11/2021
Comment0 comments  |  Read  |  Post a Comment
7 Things We Know So Far About the SolarWinds Attacks
Jai Vijayan, Contributing Writer
Two months after the news first broke, many questions remain about the sophisticated cyber-espionage campaign.
By Jai Vijayan Contributing Writer, 2/11/2021
Comment0 comments  |  Read  |  Post a Comment
Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever
Tsvi Korren, Field CTO, Aqua SecurityCommentary
Cloud-native deployments tend to be small, interchangeable, and easier to protect, but their software supply chains require closer attention.
By Tsvi Korren Field CTO, Aqua Security, 2/11/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Fixes Windows Zero-Day in Patch Tuesday Rollout
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft's monthly security fixes addressed a Win32k zero-day, six publicly known flaws, and three bugs in the Windows TCP/IP stack.
By Kelly Sheridan Staff Editor, Dark Reading, 2/9/2021
Comment0 comments  |  Read  |  Post a Comment
SolarWinds Attack Reinforces Importance of Principle of Least Privilege
Yash Prakash, Chief Strategy OfficerCommentary
Taking stock of least-privilege policies will go a long way toward hardening an organization's overall security posture.
By Yash Prakash Chief Strategy Officer, 2/9/2021
Comment0 comments  |  Read  |  Post a Comment
Malicious Code Injected via Google Chrome Extension Highlights App Risks
Robert Lemos, Contributing WriterNews
An open source plug-in purportedly introduced tracking and malicious download code to infect nearly 2 million users, reports say.
By Robert Lemos Contributing Writer, 2/8/2021
Comment0 comments  |  Read  |  Post a Comment
Android App Infects Millions of Devices With a Single Update
Dark Reading Staff, Quick Hits
The popular Barcode Scanner app, which as been available on Google Play for years, turned malicious with one software update.
By Dark Reading Staff , 2/8/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by raudrera
Current Conversations Flintstones haha
In reply to: answer
Post Your Own Reply
More Conversations
PR Newswire
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26854
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
CVE-2021-26855
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
CVE-2021-26857
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
CVE-2021-26858
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078.
CVE-2021-27065
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27078.