Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Cloud posted in October 2016
Microsoft Launches Security Program For Azure IoT
News  |  10/31/2016  | 
As part of the program, Microsoft has partnered with security auditors who will examine customers' IoT infrastructure, find problems, and provide guidance.
Leak Of 1.3 Million Blood Donor Records Is Australia's Biggest Breach Ever
Quick Hits  |  10/31/2016  | 
Sensitive medical data of 550,000 Red Cross blood donors exposed online inadvertently in countrys most damaging data breach to date.
Preparing For Government Data Requests After Apple Vs. FBI
Preparing For Government Data Requests After Apple Vs. FBI
Dark Reading Videos  |  10/31/2016  | 
Jennifer Granick and Riana Pfefferkorn discuss lessons learned from the Apple-FBI case, and how security pros should be prepared if government data requests hit closer to home.
Is Your Business Prepared for the SaaS Tsunami?
Commentary  |  10/29/2016  | 
You dont always have to choose between security and productivity when faced with the challenges of Shadow IT.
Getting To The 'Just Right' Level Of Encryption
Commentary  |  10/26/2016  | 
The key to unlocking secure business messaging is controlling who has the key.
CloudFanta Malware Targets Victims Via Cloud Storage App
News  |  10/25/2016  | 
The malware campaign uses the Sugarsync cloud storage app to distribute malware that steals user credentials and monitors online banking activity.
Why Poor Cyber Hygiene Invites Risk
Commentary  |  10/20/2016  | 
Modern cybersecurity today is all about risk management. That means eliminating and mitigating risks where possible, and knowingly accepting those that remain.
Yahoo Demands Government Be More Transparent About Data Requests
Quick Hits  |  10/20/2016  | 
In a letter to the Director of National Intelligence, the tech company says this transparency would also help clear Yahoo's name in customer email scan case.
US GOP Senate Committee Allegedly Target Of Russian Hackers
Quick Hits  |  10/18/2016  | 
Dutch researcher finds NRSC web store among 5,900 e-commerce sites infected with malware designed to steal payment card details.
Public Wi-Fi Use Grows, Despite Security Risks
Quick Hits  |  10/18/2016  | 
Survey says although 91% of the respondents admit that public Wi-Fi is insecure, 89% still use it.
California Victims Of Yahoo Breach Pursue Claims In State, Not Federal Court
News  |  10/17/2016  | 
Plaintiffs hope to benefit from California's history of stricter cybersecurity and data privacy law.
Cloud Security Replacing Cybersecurity Industry, Says Analyst
Quick Hits  |  10/17/2016  | 
UBS predicts flat corporate spending on IT as cloud computing service providers look set to take over cybersecurity customers.
80% Of IT Pros Say Users Set Up Unapproved Cloud Services
News  |  10/13/2016  | 
Shadow IT is a growing risk concern among IT pros, with most reporting users have gone behind their backs to set up unapproved cloud services.
Executable Files, Old Exploit Kits Top Most Effective Attack Methods
News  |  10/12/2016  | 
Researchers for the new 'Hacker's Playbook' analyzed 4 million breach methods from an attacker's point of view to gauge the real risks today to enterprises.
Businesses Sacrifice Security To Get Apps Released Faster
News  |  10/11/2016  | 
As the app economy continues to drive change in IT security, businesses struggle to meet customer demands while keeping their data secure.
Online Gaming Currency Funds Cybercrime In Real Life
News  |  10/11/2016  | 
You really needed Cristiano Ronaldo or that Doomhammer. Cybercriminals will help you get it for a price, and it's not even entirely illegal.
For The Birds: Dark Reading Cartoon Caption Contest Winners
Commentary  |  10/8/2016  | 
Birdwatching-as-a-Service, live tweeting and NESTFLIX. And the winner is ...
Partners In The Battle Against Cyberthreats
Partners In The Battle Against Cyberthreats
Dark Reading Videos  |  10/6/2016  | 
George Karidis of CompuCom and Rodel Alejo from Intel stop by the Dark Reading News Desk.
Cyber-Anything-As-A-Service: Should The Government Just Outsource Everything?
Partner Perspectives  |  10/4/2016  | 
Agencies should be able to select and provision from a variety of cybersecurity services and capabilities to improve their overall effectiveness and efficiency.
IoT DDoS Attack Code Released
News  |  10/3/2016  | 
Mirai malware could signal the beginning of new trend in using Internet of Things devices as bots for DDoS attacks.
Microsoft Execs Talk Public Policy Changes For Cloud
News  |  10/3/2016  | 
Microsoft highlights security and privacy among 78 public-policy recommendations for the future of global cloud growth.
Hackers Attacked Voter Registration Systems Of 20 US States, Says Official
Quick Hits  |  10/3/2016  | 
US Homeland Security Department calls for scan of election websites and improve security even as FBI probes Russian involvement.
Grading Obama: D-
President Failed To Protect Us From The Bad Guys
Commentary  |  10/3/2016  | 
A barely passing grade from a former special agent in charge of the NYC FBI cybercrimes division for failing to create deterrents and policies that encourage self defense.
Grading Obama: C+
Administration Missed Key Opportunities To Civilize Cyberspace
Commentary  |  10/3/2016  | 
A middling grade because the President's cyber policy initiatives were reactive, laisse faire, and didnt buttress American economic opportunity.


Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Our Endpoint Protection system is a little outdated... 
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19767
PUBLISHED: 2019-12-12
The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163.
CVE-2019-19768
PUBLISHED: 2019-12-12
In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).
CVE-2019-19769
PUBLISHED: 2019-12-12
In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).
CVE-2019-19770
PUBLISHED: 2019-12-12
In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file).
CVE-2019-19771
PUBLISHED: 2019-12-12
The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have been installed by persons who mistyped the lodash package name. In particular, the Trojan horse finds and exfiltrates cryptocurrency wallets.