Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Cloud posted in June 2017
8tracks Hit With Breach of 18 Million Accounts
Quick Hits  |  6/30/2017  | 
Hackers attack Internet radio user database, gaining access to email addresses and encrypted passwords.
Half of Ransomware Victims Suffer Repeat Attacks
News  |  6/28/2017  | 
Half of ransomware victims are likely to get hit again as threat actors change their strategies to target servers and accelerate the spread of ransomware.
Microsoft Integrates EMET into Fall Windows 10 Update
News  |  6/27/2017  | 
The Windows 10 Creators Update, slated to launch this fall, will include components from the Enhanced Mitigation Experience Toolkit (EMET).
Compliance in the Cloud Needs To Be Continuous & Automated
Partner Perspectives  |  6/27/2017  | 
Complex IT environments require timely visibility into risk and compliance.
9 Ways to Protect Your Cloud Environment from Ransomware
Slideshows  |  6/27/2017  | 
The same technology driving faster collaboration and data transfer also enables cybercriminals to quickly spread ransomware.
Recovering from Bad Decisions in the Cloud
Commentary  |  6/26/2017  | 
The cloud makes it much easier to make changes to security controls than in traditional networks.
Cloud Security Lessons from the Voter Data Leak
News  |  6/22/2017  | 
A poorly configured Amazon S3 bucket that led to a massive data leak could easily happen to any organization not adopting proper cloud security measures.
Cloud Security & the Power of Shared Responsibility
Partner Perspectives  |  6/20/2017  | 
When you and your CSP jointly embrace the shared security responsibility model you can achieve greater success than you or your provider can achieve alone.
Microsoft, Accenture Team up on Blockchain for Digital ID Network
Quick Hits  |  6/19/2017  | 
Microsoft and Accenture use blockchain tech to build a digital ID network, which will help give legal identification to 1.1 billion people without official documents.
Forrester: Rapid Cloud Adoption Drives Demand for Security Tools
News  |  6/16/2017  | 
Cloud services revenue is poised to skyrocket from $114 billion in 2016 to $236 billion by 2020, driving the market for products to secure data in the cloud.
Climbing the Security Maturity Ladder in Cloud
Commentary  |  6/15/2017  | 
These five steps will insure that you achieve the broadest coverage for onboarding your most sensitive workloads.
Trumps Executive Order: What It Means for US Cybersecurity
Commentary  |  6/15/2017  | 
The provisions are all well and good, but its hardly the first time theyve been ordered by the White House.
Malware Incidents at US SMBs Spiked 165% in Q1
News  |  6/15/2017  | 
Texas-based SMBs suffered the most malware attack attempts in the first quarter while those in Arizona had the biggest year-over-year increase, according to new Malwarebytes report.
How End-User Devices Get Hacked: 8 Easy Ways
Slideshows  |  6/9/2017  | 
Security experts share the simplest and most effective methods bad guys employ to break into end-user devices.
Security Orchestration Fine-Tunes the Incident Response Process
News  |  6/8/2017  | 
Emerging orchestration technology can cut labor-intensive tasks for security analysts.
Microsoft to Buy Hexadite for AI, Enterprise Security
News  |  6/8/2017  | 
Acquisition of Israeli security startup aims to strengthen Windows 10 security with artificial intelligence, company says.
Hide & Seek: Security Teams Lack Visibility in the Cloud
Partner Perspectives  |  6/8/2017  | 
IT leaders remain on the hot seat when it comes to their ability to continuously monitor the state of their data and operations. How hot is your seat?
Security in the Cloud: Pitfalls and Potential of CASB Systems
News  |  6/7/2017  | 
The transition to cloud has driven a demand for CASB systems, but today's systems lack the full breadth of functionality businesses need.
Cloud, Hackers, Trump Presidency, Drive Security Spend
News  |  6/7/2017  | 
Businesses reevaluate their security spending in response to the growth of cloud, fear of malicious hackers, and the Trump presidency, research finds.
Why Phishing Season Lasts All Year for Top US Retailers
Commentary  |  6/6/2017  | 
No major brand is immune from cyber squatters; the more popular the company, the more look-alike domains phishers register as bait. Here are some techniques to watch out for.
Oracle Brings Machine Learning to its CASB Service
News  |  6/5/2017  | 
Machine learning is a next step for cloud systems, as Oracle integrates new capabilities into its CASB offering to discern and leverage user behavior.
Majority of DDoS Attacks are Short, Low-Volume Bursts
Quick Hits  |  6/5/2017  | 
DDoS attacks largely fall into the camp of short, low-volume sieges, but large-volume attacks are sharply on the rise, according to a study released today.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/1/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4019
PUBLISHED: 2020-06-01
The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability.
CVE-2020-4020
PUBLISHED: 2020-06-01
The file downloading functionality in the Atlassian Companion App before version 1.0.0 allows remote attackers, who control a Confluence Server instance that the Companion App is connected to, execute arbitrary .exe files via a Protection Mechanism Failure.
CVE-2020-4021
PUBLISHED: 2020-06-01
Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the XML export view.
CVE-2020-4023
PUBLISHED: 2020-06-01
The review coverage resource in Atlassian Fisheye and Crucible before version 4.8.2 allows remote attackers to inject arbitrary HTML or Javascript via a cross site scripting (XSS) vulnerability through the committerFilter parameter.
CVE-2020-4013
PUBLISHED: 2020-06-01
The review resource in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to inject arbitrary HTML or Javascript via a cross site scripting (XSS) vulnerability through the review objectives.