Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Cloud posted in March 2019
Microsoft Tackles IoT Security with New Azure Updates
News  |  3/28/2019  | 
The Azure Security Center for IoT provides teams with an overview of IoT devices and helps monitor their security properties.
New Shodan Tool Warns Organizations of Their Internet-Exposed Devices
News  |  3/27/2019  | 
Shodan Monitor is free to members of the popular Internet search engine.
Small Businesses Turn to Managed Service Providers for Security
News  |  3/26/2019  | 
The average cost of a cyberattack at an SMB is $54,650, a new study shows.
Under Attack: Over Half of SMBs Breached Last Year
Commentary  |  3/26/2019  | 
Many small and midsize businesses work faster and harder than large enterprises, but they're just as vulnerable to cybercrime.
87% of Cloud Pros Say Lack of Visibility Masks Security
Quick Hits  |  3/26/2019  | 
The majority of cloud IT professionals find a direct link between network visibility and business value, new data shows.
Inside Incident Response: 6 Key Tips to Keep in Mind
Slideshows  |  3/22/2019  | 
Experts share the prime window for detecting intruders, when to contact law enforcement, and what they wish they did differently after a breach.
SaaS Ecosystem Complexity Ratcheting Up Risk of Insider Threats
News  |  3/21/2019  | 
Even with common security platforms like CASBs, organizations struggle to deal with the volume of apps and accounts that interact with business-critical data.
Microsoft Brings Defender Security Tools to Mac
News  |  3/21/2019  | 
Windows Defender becomes Microsoft Defender, and it's available in limited preview for Mac users.
6 Ways Mature DevOps Teams Are Killing It in Security
Slideshows  |  3/19/2019  | 
New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
On Norman Castles and the Internet
Commentary  |  3/15/2019  | 
When the Normans conquered England, they built castles to maintain security. But where are the castles of the Internet?
4 Reasons to Take an 'Inside Out' View of Security
Commentary  |  3/14/2019  | 
When you approach security from the inside out, you're protecting your data by determining the most vital applications and using a risk-based strategy, which focuses on the most valuable and vulnerable assets.
Box Mistakes Leave Enterprise Data Exposed
Quick Hits  |  3/12/2019  | 
User errors in enterprise Box accounts have left hundreds of thousands of sensitive documents exposed to thieves and peeping toms.
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
News  |  3/12/2019  | 
Meanwhile, organizations are looking at unconventional ways to staff up and train their workforce as technical expertise gets even harder to find.
The 12 Worst Serverless Security Risks
Commentary  |  3/12/2019  | 
A new guide from the Cloud Security Alliance offers mitigations, best practices, and a comparison between traditional applications and their serverless counterparts.
763M Email Addresses Exposed in Latest Database Misconfiguration Episode
News  |  3/11/2019  | 
MongoDB once again used by database admin who opens unencrypted database to the whole world.
Debunking 5 Myths About Zero Trust Security
Commentary  |  3/7/2019  | 
Rather than "trust but verify," a zero trust model assumes that attackers will inevitably get in if they aren't already. However, several misconceptions are impeding its adoption.
Meet the New 'Public-Interest Cybersecurity Technologist'
News  |  3/6/2019  | 
A grassroots movement is emerging to train high-risk groups and underrepresented communities in cybersecurity protection and skills all for the public good.
Incident Response: Having a Plan Isn't Enough
News  |  3/5/2019  | 
Data shows organizations neglect to review and update breach response plans as employees and processes change, putting data at risk.
Security Pros Agree: Cloud Adoption Outpaces Security
News  |  3/1/2019  | 
Oftentimes, responsibility for securing the cloud falls to IT instead of the security organization, researchers report.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15820
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
CVE-2020-15821
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
CVE-2020-15823
PUBLISHED: 2020-08-08
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVE-2020-15824
PUBLISHED: 2020-08-08
In JetBrains Kotlin before 1.4.0, there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
CVE-2020-15825
PUBLISHED: 2020-08-08
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.