Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Cloud posted in March 2019
Microsoft Tackles IoT Security with New Azure Updates
News  |  3/28/2019  | 
The Azure Security Center for IoT provides teams with an overview of IoT devices and helps monitor their security properties.
New Shodan Tool Warns Organizations of Their Internet-Exposed Devices
News  |  3/27/2019  | 
Shodan Monitor is free to members of the popular Internet search engine.
Small Businesses Turn to Managed Service Providers for Security
News  |  3/26/2019  | 
The average cost of a cyberattack at an SMB is $54,650, a new study shows.
Under Attack: Over Half of SMBs Breached Last Year
Commentary  |  3/26/2019  | 
Many small and midsize businesses work faster and harder than large enterprises, but they're just as vulnerable to cybercrime.
87% of Cloud Pros Say Lack of Visibility Masks Security
Quick Hits  |  3/26/2019  | 
The majority of cloud IT professionals find a direct link between network visibility and business value, new data shows.
Inside Incident Response: 6 Key Tips to Keep in Mind
Slideshows  |  3/22/2019  | 
Experts share the prime window for detecting intruders, when to contact law enforcement, and what they wish they did differently after a breach.
SaaS Ecosystem Complexity Ratcheting Up Risk of Insider Threats
News  |  3/21/2019  | 
Even with common security platforms like CASBs, organizations struggle to deal with the volume of apps and accounts that interact with business-critical data.
Microsoft Brings Defender Security Tools to Mac
News  |  3/21/2019  | 
Windows Defender becomes Microsoft Defender, and it's available in limited preview for Mac users.
6 Ways Mature DevOps Teams Are Killing It in Security
Slideshows  |  3/19/2019  | 
New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
On Norman Castles and the Internet
Commentary  |  3/15/2019  | 
When the Normans conquered England, they built castles to maintain security. But where are the castles of the Internet?
4 Reasons to Take an 'Inside Out' View of Security
Commentary  |  3/14/2019  | 
When you approach security from the inside out, you're protecting your data by determining the most vital applications and using a risk-based strategy, which focuses on the most valuable and vulnerable assets.
Box Mistakes Leave Enterprise Data Exposed
Quick Hits  |  3/12/2019  | 
User errors in enterprise Box accounts have left hundreds of thousands of sensitive documents exposed to thieves and peeping toms.
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
News  |  3/12/2019  | 
Meanwhile, organizations are looking at unconventional ways to staff up and train their workforce as technical expertise gets even harder to find.
The 12 Worst Serverless Security Risks
Commentary  |  3/12/2019  | 
A new guide from the Cloud Security Alliance offers mitigations, best practices, and a comparison between traditional applications and their serverless counterparts.
763M Email Addresses Exposed in Latest Database Misconfiguration Episode
News  |  3/11/2019  | 
MongoDB once again used by database admin who opens unencrypted database to the whole world.
Debunking 5 Myths About Zero Trust Security
Commentary  |  3/7/2019  | 
Rather than "trust but verify," a zero trust model assumes that attackers will inevitably get in if they aren't already. However, several misconceptions are impeding its adoption.
Meet the New 'Public-Interest Cybersecurity Technologist'
News  |  3/6/2019  | 
A grassroots movement is emerging to train high-risk groups and underrepresented communities in cybersecurity protection and skills all for the public good.
Incident Response: Having a Plan Isn't Enough
News  |  3/5/2019  | 
Data shows organizations neglect to review and update breach response plans as employees and processes change, putting data at risk.
Security Pros Agree: Cloud Adoption Outpaces Security
News  |  3/1/2019  | 
Oftentimes, responsibility for securing the cloud falls to IT instead of the security organization, researchers report.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Dan Blum, Cybersecurity & Risk Management Strategist,  5/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13438
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.
CVE-2020-13439
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
CVE-2020-13440
PUBLISHED: 2020-05-24
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
CVE-2020-13433
PUBLISHED: 2020-05-24
Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter.
CVE-2020-13434
PUBLISHED: 2020-05-24
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.