Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Cloud posted in October 2017
Office 365 Missed 34,000 Phishing Emails Last Month
News  |  10/31/2017  | 
Nearly 10% of emails delivered to Office 365 inboxes were spam, phishing messages, and known or zero-day malware.
Security Gets Social: 10 of Dark Reading's Most Shared Stories
Slideshows  |  10/30/2017  | 
We scared up our most popular stories on Facebook, Twitter, and LinkedIn.
Kaspersky Expects US Sales to Decline in 2017
Quick Hits  |  10/30/2017  | 
CEO points to an "information war" against his company as the cause of the revenue drop.
Identity Theft Ring Hit with Credit Card Fraud Indictment
Quick Hits  |  10/27/2017  | 
A federal grand jury indicts six individuals on criminal charges relating to credit card and debit card fraud.
Security Forecast: Cloudy with Low Data Visibility
News  |  10/26/2017  | 
Businesses are moving more sensitive data to the cloud but struggle to monitor and manage it once it's there.
Dark Web Marketplaces' New Home: Mobile Messaging Apps
News  |  10/26/2017  | 
Telegram, Discord, Whatsapp grow in popularity as criminals look for more alternatives to fly under the radar.
Windows 10 Update: 10 Key New Security Features
Slideshows  |  10/25/2017  | 
Microsoft is tightening its focus on Windows 10 security with several new security tools in its latest major OS update.
10 Steps for Stretching Your IT Security Budget
Slideshows  |  10/24/2017  | 
When the budget gods decline your request for an increase, here are 10 ways to stretch that dollar.
One-Third of Businesses Can't Keep Up with Cloud Security
Quick Hits  |  10/24/2017  | 
One in three organizations cannot maintain security as cloud and container environments expand.
Opera, Vivaldi Co-Founder Talks Internet Privacy
News  |  10/24/2017  | 
Most people don't understand the extent to which their personal information is at risk, says Jon von Tetzchner, who founded the Opera and Vivaldi browser firms.
The Week in Crypto: Bad News for SSH, WPA2, RSA & Privacy
News  |  10/20/2017  | 
Between KRACK, ROCA, new threats to SSH keys, and the European Commission's loosey-goosey stance on encryption backdoors, it's been a difficult time for cryptography.
Banks Start Broad Use of Blockchain, as JP Morgan, IBM Lead Way
News  |  10/17/2017  | 
Two major players announced cross-border payment networks built on blockchain technologies Monday, and more financial services will follow soon, despite opinions about Bitcoin.
Google Bolsters Security for Select Groups
Quick Hits  |  10/17/2017  | 
Business leaders, political campaign teams, journalists, and other high-risk groups will receive advanced email and account protection.
Printers: The Weak Link in Enterprise Security
News  |  10/16/2017  | 
Organizations frequently overlook printer security, leaving systems exposed to malware and theft. New tools aim to lessen the risk.
DoubleLocker Delivers Unique Two-Punch Hit to Android
News  |  10/13/2017  | 
Combines Android ransomware with capability to change users device PINs.
Getting the Most Out of Cyber Threat Intelligence
Commentary  |  10/13/2017  | 
How security practitioners can apply structured analysis and move from putting out fires to fighting the arsonists.
10 Major Cloud Storage Security Slip-Ups (So Far) this Year
Slideshows  |  10/13/2017  | 
Accenture is the latest in a string of major companies to expose sensitive cloud data this year, following Verizon, Deloitte, and Dow Jones.
Kaspersky Lab and the AV Security Hole
News  |  10/12/2017  | 
It's unclear what happened in the reported theft of NSA data by Russian spies, but an attacker would need little help to steal if he or she had privileged access to an AV vendor's network, security experts say.
Security No. 1 Inhibitor to Microsoft Office 365 Adoption
News  |  10/12/2017  | 
More businesses are switching to Office 365 despite fear of social engineering and ransomware attacks, but some remain wary.
Cybersecurity's 'Broken' Hiring Process
News  |  10/11/2017  | 
New study shows the majority of cybersecurity positions get filled at salaries above the original compensation cap, while jobs sit unfilled an average of six months.
Equifax: 12.5 Million UK Client Records Exposed in Breach
Quick Hits  |  10/10/2017  | 
But of that data, it affects 700K of British consumers, credit-monitoring company said today.
Microsoft Patches Windows Zero-Day Flaws Tied to DNSSEC
News  |  10/10/2017  | 
Security experts advise 'immediate' patching of critical DNS client vulnerabilities in Windows 8, 10, and other affected systems.
Key New Security Features in Android Oreo
Slideshows  |  10/10/2017  | 
Android 8.0 Oreo marks a major revamp of Google's mobile operating system, putting in a number of new security-hardening measures.
More Businesses Accidentally Exposing Cloud Services
Quick Hits  |  10/9/2017  | 
53% of businesses using cloud storage services unintentionally expose them to the public.
Russian Hackers Targeted NSA Employee's Home Computer
Quick Hits  |  10/6/2017  | 
New reports today say it was a National Security Agency employee, not a a contractor, whose home machine running Kaspersky Lab antivirus was hacked for classified files.
Russian Hackers Pilfered Data from NSA Contractor's Home Computer: Report
News  |  10/5/2017  | 
Classified information and hacking tools from the US National Security Agency landed in the hands of Russian cyberspies, according to a Wall Street Journal report.
10 Steps for Writing a Secure Mobile App
Slideshows  |  10/5/2017  | 
Best practices to avoid the dangers of developing vulnerability-ridden apps.
Ransomware Will Target Backups: 4 Ways to Protect Your Data
Commentary  |  10/4/2017  | 
Backups are the best way to take control of your defense against ransomware, but they need protecting as well.
Google Updates Cloud Access Management Policies
Quick Hits  |  10/3/2017  | 
Custom roles for Cloud Identity and Access Management will give users full control of 1,287 public permissions in the Google Cloud.
DevOpsSec: A Big Step in Cloud Application Security
Commentary  |  10/3/2017  | 
Why it's time for DevOps and security teams to bury the hatchet -- and not in each other's back.
Equifax: Number of US Breach Victims Rises to 145.5 Million
Quick Hits  |  10/2/2017  | 
Credit bureau provides update on its breach investigation.
Google Tightens Web Security for 45 TLDs with HSTS
Quick Hits  |  10/2/2017  | 
Google broadens HTTPS Strict Transport Security to Top Level Domains under its control and makes them secure by default.


Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.