Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Cloud
Page 1 / 2   >   >>
Cloud Security Startup Lightspin Emerges From Stealth
News  |  11/24/2020  | 
The startup, founded by former white-hat hackers, has secured a $4 million seed round to close security gaps in cloud environments.
How Retailers Can Fight Fraud and Abuse This Holiday Season
Commentary  |  11/23/2020  | 
Online shopping will be more popular than ever with consumers... and with malicious actors too.
10 Undergraduate Security Degree Programs to Explore
Slideshows  |  11/23/2020  | 
Colleges and universities are ramping up cybersecurity education with a wider range of degree programs and more resources for students to build their infosec careers.
Telos Goes Public
News  |  11/19/2020  | 
Nearly a month after McAfee made its second appearance on the public market, the Virginia-based provider of security services to government and commercial organizations makes its own debut.
As Businesses Move to Multicloud Approach, Ransomware Follows
News  |  11/18/2020  | 
The average US company uses 16 cloud services, but only a third of IT professional believe their security measures have kept up with the change.
Nearly Two Dozen AWS APIs Are Vulnerable to Abuse
News  |  11/17/2020  | 
Attackers can conduct identity reconnaissance against an organization at leisure without being detected, Palo Alto Networks says.
Twitter Taps Mudge
Quick Hits  |  11/16/2020  | 
Noted security researcher Peiter Zatko joins the social network as head of security.
Security Hiring Plans Remain Constant Despite Pandemic
News  |  11/11/2020  | 
Although we saw workforce gains this year, 56% of businesses surveyed report staff shortages are putting their organization at risk.
Cloud Usage, Biometrics Surge As Remote Work Grows Permanent
News  |  11/10/2020  | 
A new report reveals organizations are increasing their adoption of biometric authentication and disallowing SMS as a login method.
Overlooked Security Risks of the M&A Rebound
Commentary  |  11/10/2020  | 
Successful technology integration, post-merger, is tricky in any market, and never more so than with today's remote work environments and distributed IT infrastructure.
Hotels.com & Expedia Provider Exposes Millions of Guests' Data
Quick Hits  |  11/9/2020  | 
Hotel reservation platform Prestige Software compromised personal data belonging to millions of travelers through a misconfigured AWS S3 bucket.
How COVID-19 Changed the VC Investment Landscape for Cybersecurity Companies
Commentary  |  11/6/2020  | 
What trends can startups and investors expect to see going forward?
CSA Moves to Redefine Cloud-Based Intelligence
Commentary  |  11/4/2020  | 
The new paradigm seeks to understand, integrate, and automate data workflows, and better yet, doesn't require significant investment or more personnel.
6 Cybersecurity Lessons From 2020
Slideshows  |  11/3/2020  | 
The COVID-19 pandemic exposed new weaknesses in enterprise cybersecurity preparedness.
McAfee Launches XDR, Browser Isolation, Cloud App Security Tools
Quick Hits  |  10/29/2020  | 
New additions are built to help organizations better respond to threats and protect applications and data in the cloud.
Akamai Acquires Asavie
Quick Hits  |  10/27/2020  | 
Asavie's mobile, IoT, and security products and services will become part of the Akamai Security and Personalization Services product line.
The Story of McAfee: How the Security Giant Arrived at a Second IPO
News  |  10/26/2020  | 
Industry watchers explore the story of McAfee, from its founding in 1987, to its spinoff from Intel, to how it's keeping up with competitors.
McAfee Raises $740M in Second IPO
Quick Hits  |  10/22/2020  | 
The security software giant and its investors sold 37 million shares priced at $20 each, putting McAfee's value around $8.6 billion.
Need for 'Guardrails' in Cloud-Native Applications Intensifies
News  |  10/22/2020  | 
With more organizations shifting to cloud services in the pandemic, experts say the traditionally manual process of securing them will be replaced by automated tools in 2021 and beyond.
Businesses Rethink Endpoint Security for 2021
News  |  10/20/2020  | 
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?
Building the Human Firewall
Commentary  |  10/20/2020  | 
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
Zoom Announces Rollout of End-to-End Encryption
Quick Hits  |  10/14/2020  | 
Phase 1 removes Zoom servers from the key generation and distribution processes.
Assuring Business Continuity by Reducing Malware Dwell Time
Commentary  |  10/14/2020  | 
Here's how CISOs and IT security operations teams can best address key challenges to network monitoring that could increase malware dwell time.
Intel's Ice Lake Beefs Up CPU Security for Cloud Workloads
News  |  10/14/2020  | 
The third-generation Xeon processors build in hardware security features to provide extra protection to data in transit, at rest, and in use.
Microsoft Fixes Critical Windows TCP/IP Flaw in Patch Rollout
News  |  10/13/2020  | 
The October 2020 Patch Tuesday fixed 87 vulnerabilities, including 21 remote code execution flaws, in Microsoft products and services.
Where Are the 'Great Exits' in the Data Security Market?
Commentary  |  10/13/2020  | 
If data security were a student, its report card would read "Not performing to potential." Here's why.
Why MSPs Are Hacker Targets, and What To Do About It
Commentary  |  10/9/2020  | 
Managed service providers are increasingly becoming the launching pad of choice for ransomware and other online malfeasance.
Cloud Misconfiguration Mishaps Businesses Must Watch
News  |  9/30/2020  | 
Cloud security experts explain which misconfigurations are most common and highlight other areas of the cloud likely to threaten businesses.
IDaaS: A New Era of Cloud Identity
Commentary  |  9/30/2020  | 
As identity-as-a-service becomes the standard for enterprise identity management, upstarts and established competitors are competing to define the market's future. Participate in Omdia's IDaaS research.
The Shared Irresponsibility Model in the Cloud Is Putting You at Risk
Commentary  |  9/29/2020  | 
Step up, put the architecture and organization in place, and take responsibility. If you don't, who will?
9 Tips to Prepare for the Future of Cloud & Network Security
Slideshows  |  9/28/2020  | 
Cloud and network security analysts outline trends and priorities businesses should keep top of mind as they grow more reliant on cloud.
Getting Over the Security-to-Business Communication Gap in DevSecOps
News  |  9/25/2020  | 
Application security in a DevOps world takes more than great teamwork among security, developers, and operations staff.
CrowdStrike Agrees to Acquire Preempt Security for $96M
Quick Hits  |  9/24/2020  | 
CrowdStrike plans to use Preempt Security's conditional access technology to strengthen its Falcon platform.
Shopify's Employee Data Theft Underscores Risk of Rogue Insiders
News  |  9/23/2020  | 
The e-commerce platform has alerted more than 100 merchants of a data breach, highlighting the danger of malicious insiders.
My Journey Toward SAP Security
Commentary  |  9/23/2020  | 
When applications are critical to the business's core functions, the CISO and their staff better get the security right.
New Google Search Hacks Push Viruses & Porn
Commentary  |  9/22/2020  | 
Three incidents demonstrate how cybercriminals leverage the scourge of black-hat search engine optimization to manipulate search results.
Startup Aims to Map and Track All the IT and Security Things
News  |  9/22/2020  | 
Security service JupiterOne spins off from a healthcare service provider's homegrown technology.
Microsoft Extends Data Loss Prevention to Cloud App Security
News  |  9/22/2020  | 
The update, one of several announced today, is intended to help employees remain compliant when handling data across cloud applications.
Remote Work Exacerbating Data Sprawl
News  |  9/21/2020  | 
More than three-quarters of IT executives worry that data sprawl puts their data at risk, especially with employees working from insecure home networks, survey finds.
Sumo Logic IPO Prices Higher Than Expected
News  |  9/17/2020  | 
Co-founder and CTO Christian Beedgen explains what this means for the future of the cloud-based data analytics company.
Most Organizations Plan to Make COVID-19 Changes Permanent
News  |  9/16/2020  | 
After the pandemic, companies will continue to invest in improving IT infrastructure and security as well as automate tasks to reduce errors and improve network resiliency.
8 Reasons Perimeter Security Alone Won't Protect Your Crown Jewels
Commentary  |  9/16/2020  | 
Most firewalls and security devices effectively protect systems and data, but are they enough to safeguard business-critical applications?
Cybersecurity Bounces Back, but Talent Still Absent
Commentary  |  9/16/2020  | 
While the demand for cybersecurity talent rebounds, organizations will need to focus on cyber-enabled roles to fill immediate skills gaps.
Taking Security With You in the WFH Era: What to Do Next
Commentary  |  9/15/2020  | 
As many organizations pivot to working from home, here are some considerations for prioritizing the new security protocols.
Research Finds Nearly 800,000 Access Keys Exposed Online
Quick Hits  |  9/15/2020  | 
The keys were primarily for access to databases and cloud services.
APT Groups Set Sights on Linux Targets: Inside the Trend
News  |  9/11/2020  | 
Researchers see more advanced attack groups creating tools and platforms to target Linux-based devices.
Spear-Phishers Leverage Office 365 Ecosystem to Validate Stolen Creds in Real Time
News  |  9/11/2020  | 
New attack technique uses Office 365 APIs to cross-check credentials against Azure Active Directory as victim types them in.
Inova Suffers Third-Party Data Breach
Quick Hits  |  9/9/2020  | 
The breach occurred as part of a ransomware attack against service provider Blackbaud.
Secureworks to Buy Delve Laboratories for Vulnerability Management
Quick Hits  |  9/9/2020  | 
Delve's automated vulnerability platform provides insight on high-risk vulnerabilities across an organization's network, endpoints, and cloud.
Google Cloud Expands Confidential Computing Lineup
Quick Hits  |  9/8/2020  | 
Google plans to build out its Confidential Computing portfolio with the launch of Confidential GKE Nodes for Kubernetes workloads.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25159
PUBLISHED: 2020-11-24
499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution.
CVE-2020-25654
PUBLISHED: 2020-11-24
An ACL bypass flaw was found in pacemaker before 1.1.24-rc1 and 2.0.5-rc2. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went throu...
CVE-2020-28329
PUBLISHED: 2020-11-24
Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19.
CVE-2020-29053
PUBLISHED: 2020-11-24
HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_date parameter.
CVE-2020-25640
PUBLISHED: 2020-11-24
A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.