Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Cloud posted in January 2021
Cloud Security Startup Armo Emerges from Stealth with $4.5M
Quick Hits  |  1/29/2021  | 
Armo's platform was developed to protect cloud-native workloads and provide DevOps teams with greater visibility and control.
2020 Marked a Renaissance in DDoS Attacks
News  |  1/29/2021  | 
Amid the global pandemic, cybercriminals ramped up use of one of the oldest attack techniques around.
Microsoft Security Business Exceeds $10B in Revenue
Quick Hits  |  1/27/2021  | 
Microsoft's security division has grown more than 40% year-over-year, the company reports alongside security product updates.
Security's Inevitable Shift to the Edge
Commentary  |  1/27/2021  | 
As the edge becomes the place for DDoS mitigation, Web app security, and other controls, SASE is the management platform to handle them all.
Startup Offers Free Version of its 'Passwordless' Technology
News  |  1/26/2021  | 
Beyond Identity co-founders hope to move the needle in eliminating the need for passwords, but experts say killing passwords altogether won't be easy.
How to Better Secure Your Microsoft 365 Environment
Slideshows  |  1/25/2021  | 
Security experts offer Microsoft 365 security guidance as more attackers target enterprise cloud environments.
Cloud Jacking: The Bold New World of Enterprise Cybersecurity
Commentary  |  1/21/2021  | 
Increased reliance on cloud computing puts more weight on robust authentication systems to protect data against hijackers.
SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics
News  |  1/19/2021  | 
Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot signs of the attack.
'Chimera' Threat Group Abuses Microsoft & Google Cloud Services
Quick Hits  |  1/14/2021  | 
Researchers detail a new threat group targeting cloud services to achieve goals aligning with Chinese interests.
Businesses Struggle with Cloud Availability as Attackers Take Aim
News  |  1/14/2021  | 
Researchers find organizations struggle with availability for cloud applications as government officials warn of cloud-focused cyberattacks.
NSA Recommends Using Only 'Designated' DNS Resolvers
Quick Hits  |  1/14/2021  | 
Agency provides guidelines on securely deploying DNS over HTTPS, aka DoH.
Virtual Pen-Testing Competition Tasks College Students With Running a Red Team Operation
News  |  1/13/2021  | 
Aimed at developing offensive cyber talent, last weekend's sixth annual Collegiate Penetration Testing Competition brought out some of the brightest from RIT and Stanford, among other universities.
The Data-Centric Path to Zero Trust
Commentary  |  1/13/2021  | 
Data is an organization's most valuable asset, so a data-centric approach would provide the best value for organizations, now and in the future.
Nissan Source Code Leaked via Misconfigured Git Server
Quick Hits  |  1/6/2021  | 
Leaked information includes source code of Nissan mobile apps, diagnostics tool, and market research tools and data, among other assets.
6 Open Source Tools for Your Security Team
Slideshows  |  1/6/2021  | 
Open source tools can be great additions to your cloud security arsenal. Here are a half-dozen to get you started.
COVID-19's Acceleration of Cloud Migration & Identity-Centric Security
Commentary  |  1/4/2021  | 
Here are some tips for updating access control methods that accommodate new remote working norms without sacrificing security.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Machine Learning, AI & Deep Learning Improve Cybersecurity
Machine intelligence is influencing all aspects of cybersecurity. Organizations are implementing AI-based security to analyze event data using ML models that identify attack patterns and increase automation. Before security teams can take advantage of AI and ML tools, they need to know what is possible. This report covers: -How to assess the vendor's AI/ML claims -Defining success criteria for AI/ML implementations -Challenges when implementing AI
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-40826
PUBLISHED: 2022-10-07
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() function.
CVE-2022-40827
PUBLISHED: 2022-10-07
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function.
CVE-2022-40828
PUBLISHED: 2022-10-07
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_not_in() function.
CVE-2022-40829
PUBLISHED: 2022-10-07
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() function.
CVE-2022-40830
PUBLISHED: 2022-10-07
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() function.