News & Commentary

Latest Content tagged with Cloud
Page 1 / 2   >   >>
Who Does What in Cybersecurity at the C-Level
Slideshows  |  3/16/2018
As security evolve as a corporate priority, so do the roles and responsibilities of the executive team. These seven titles are already feeling the impact.
Google Rolls Out New Security Features for Chrome Enterprise
Quick Hits  |  3/16/2018
The business-friendly browser now includes new admin controls, EMM partnerships, and additions to help manage Active Directory.
The Containerization of Artificial Intelligence
Commentary  |  3/16/2018
AI automates repetitive tasks and alleviates mundane functions that often haunt decision makers. But it's still not a sure substitute for security best practices.
Microsoft Report: Cybersecurity's Top 3 Threats Intertwine
News  |  3/15/2018
Botnets, ransomware, and simple attack methods dominate the threat landscape and build on each other to drive effectiveness.
Critical Start to Buy Advanced Threat Analytics
Quick Hits  |  3/15/2018
Firms previously had teamed up in SOC services.
Palo Alto Buys to Secure the Cloud
News  |  3/15/2018
The $300 million deal is part of an industry-wide consolidation of cloud, data, and network security companies.
What CISOs Should Know About Quantum Computing
Slideshows  |  3/13/2018
As quantum computing approaches real-world viability, it also poses a huge threat to today's encryption measures.
Asia's Security Leaders Feel Underprepared for Future Threats: Report
News  |  3/12/2018
A new study highlights major concerns of cybersecurity leaders in Asia, where most fear critical infrastructure attacks, advanced threats, and social engineering.
FlawedAmmyy RAT Campaign Puts New Spin on Old Threat
News  |  3/12/2018
A remote access Trojan, in use since 2016, has a new tactic: combining zip files with the SMB protocol to infect target systems.
Disappearing Act: Dark Reading Caption Contest Winners
Commentary  |  3/12/2018
A standout field with hysterical puns about security policies, Meltdown, Amazon Web Services, and the right to be forgotten. And the winner is
CyberArk Buys Vaultive for Privileged Account Security Technology
Quick Hits  |  3/12/2018
The account security firm will use Vaultive's tech to protect privileged users at heightened risk for cyberattacks.
IoT Product Safety: If It Appears Too Good to Be True, It Probably Is
Commentary  |  3/12/2018
Proposed new connected-product repair laws will provide hackers with more tools to make our lives less secure.
Microsoft Windows Defender Prevents 400,000 Dofoil Infections
Quick Hits  |  3/9/2018
Improved anti-malware detection prevented spread of cryptomining software this week, says Microsoft.
7 University-Connected Cyber Ranges to Know Now
Slideshows  |  3/9/2018
Universities are beginning to add cyber ranges to the facilities for teaching cyber security to students and professionals.
Gozi Trojan Using Dark Cloud Botnet in New Wave of Attacks
News  |  3/8/2018
Gozi IFSB banking Trojan has rolled out new code, a new botnet and a high level of customization in the latest wave of attacks.
6 Questions to Ask Your Cloud Provider Right Now
Slideshows  |  3/5/2018
Experts share the security-focused issues all businesses should explore when researching and using cloud services.
Millions of Office 365 Accounts Hit with Password Stealers
News  |  3/2/2018
Phishing emails disguised as tax-related alerts aim to trick users into handing attackers their usernames and passwords.
How & Why the Cybersecurity Landscape Is Changing
Commentary  |  3/1/2018
A comprehensive new report from Cisco should "scare the pants off" enterprise security leaders.
What Enterprises Can Learn from Medical Device Security
Commentary  |  3/1/2018
In today's cloud-native world, organizations need a highly distributed approach that ties security to the workload itself in order to prevent targeted attacks.
Journey to the Cloud: Overcoming Security Risks
Partner Perspectives  |  3/1/2018
Lessons learned from a global consultancy's 10-year transition from on-premises to 99% cloud-based infrastructure.
The State of Application Penetration Testing
News  |  2/28/2018
Data from real-world pen tests shows configuration errors and cross-site scripting are the most commonly found vulnerabilities.
Zero-Day Attacks Major Concern in Hybrid Cloud
News  |  2/28/2018
Hybrid cloud environments are particularly vulnerable to zero-day exploits, according to a new study.
Virtual Private Networks: Why Their Days Are Numbered
Partner Perspectives  |  2/28/2018
As companies move to the cloud and depend less on physical servers and network connections, their reliance on VPNs for security will eventually evolve, if not disappear altogether.
SAML Flaw Lets Hackers Assume Users' Identities
News  |  2/27/2018
Vulnerability affects single sign-on for SAML-reliant services including OneLogin, Duo Security, Clever, and OmniAuth.
Splunk to Acquire Phantom
Quick Hits  |  2/27/2018
$350 million deal scheduled to close Q1 2018.
Adobe Flash Vulnerability Reappears in Malicious Word Files
News  |  2/26/2018
CVE-2018-4878, a Flash zero-day patched earlier this month, has resurfaced in another campaign as attackers capitalize on the bug.
7 Key Stats that Size Up the Cybercrime Deluge
Slideshows  |  2/26/2018
Updated data on zero-days, IoT threats, cryptomining and economic costs should keep eyebrows raised in 2018.
6 Cybersecurity Trends to Watch
Commentary  |  2/26/2018
Expect more as the year goes on: more breaches, more IoT attacks, more fines
93% of Cloud Applications Aren't Enterprise-Ready
News  |  2/23/2018
The average business uses 1,181 cloud services, and most don't meet all recommended security requirements, Netskope says.
10 Can't-Miss Talks at Black Hat Asia
Slideshows  |  2/23/2018
With threats featuring everything from nation-states to sleep states, the sessions taking place from March 20-23 in Singapore are relevant to security experts around the world.
7 Cryptominers & Cryptomining Botnets You Can't Ignore
Slideshows  |  2/21/2018
Cryptominers have emerged as a major threat to organizations worldwide. Here are seven you cannot afford to ignore.
Facebook Aims to Make Security More Social
News  |  2/20/2018
Facebook's massive user base creates an opportunity to educate billions on security.
Siemens Leads Launch of Global Cybersecurity Initiative
News  |  2/16/2018
The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.
FedEx Customer Data Exposed on Unsecured S3 Server
Quick Hits  |  2/16/2018
Thousands of documents from US and international citizens were exposed on an Amazon S3 bucket configured for public access.
Democracy & DevOps: What Is the Proper Role for Security?
Commentary  |  2/15/2018
Security experts need a front-row seat in the application development process but not at the expense of the business.
Oracle Buys Zenedge for Cloud Security
Quick Hits  |  2/15/2018
Oracle announces its acquisition of Zenedge, which focuses on cloud-based network and infrastructure security.
Windows 10 Critical Vulnerability Reports Grew 64% in 2017
News  |  2/14/2018
The launch and growth of new operating systems is mirrored by an increase in reported vulnerabilities.
Microsoft Adds Windows Defender ATP Support to Windows 7, 8.1
Quick Hits  |  2/12/2018
Microsoft brings Windows Defender ATP down-level support to older versions of Windows for businesses transitioning to Windows 10.
Man Formerly on FBI Most Wanted List Pleads Guilty in 'Scareware' Hack
Quick Hits  |  2/7/2018
Latvian man ran bulletproof Web hosting service that served cybercriminals.
New Zero-Day Ransomware Evades Microsoft, Google Cloud Malware Detection
News  |  2/7/2018
Shurl0ckr, a form of Gojdue ransomware, was not detected on SharePoint or Google Drive.
Top Cloud Security Misconceptions Plaguing Enterprises
Partner Perspectives  |  2/7/2018
Contrary to popular opinion, there is no one single cloud. There are a wealth of cloud-based providers that own dedicated server space across the globe. Heres how to find the best fit for your company.
Security vs. Speed: The Risk of Rushing to the Cloud
News  |  2/6/2018
Companies overlook critical security steps as they move to adopt the latest cloud applications and services.
2017 Smashed World's Records for Most Data Breaches, Exposed Information
News  |  2/6/2018
Five mega-breaches last year accounted for more than 72% of all data records exposed in 2017.
Mastering Security in the Zettabyte Era
Commentary  |  2/5/2018
Many businesses are ill-equipped to deal with potential risks posed by billions of connected devices, exponential data growth, and an unprecedented number of cyber threats. Here's how to prepare.
3 Ways Hackers Steal Your Company's Mobile Data
Commentary  |  2/2/2018
The most effective data exfiltration prevention strategies are those that are as rigorous in vetting traffic entering the network as they are traffic leaving it.
Securing Cloud-Native Apps
Commentary  |  2/1/2018
A useful approach for securing cloud-native platforms can be adapted for securing apps running on top of the platform as well.
Google Cloud Least-Privilege Function Goes Live
Quick Hits  |  1/31/2018
Custom Roles for Cloud IAM now available in production from Google.
Breach-Proofing Your Data in a GDPR World
Commentary  |  1/30/2018
Here are six key measures for enterprises to prioritize over the next few months.
Endpoint and Mobile Top Security Spending at 57% of Businesses
Quick Hits  |  1/26/2018
Businesses say data-at-rest security tools are most effective at preventing breaches, but spend most of their budgets securing endpoint and mobile devices.
Selling Cloud-Based Cybersecurity to a Skeptic
Partner Perspectives  |  1/26/2018
When it comes to security, organizations dont need to look at cloud as an either/or proposition. But there are misconceptions that need to be addressed.
Page 1 / 2   >   >>

Who Does What in Cybersecurity at the C-Level
Steve Zurier, Freelance Writer,  3/16/2018
New 'Mac-A-Mal' Tool Automates Mac Malware Hunting & Analysis
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/14/2018
IoT Product Safety: If It Appears Too Good to Be True, It Probably Is
Pat Osborne, Principal - Executive Consultant at Outhaul Consulting, LLC, & Cybersecurity Advisor for the Security Innovation Center,  3/12/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.