Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Cloud posted in June 2019
Cloud Provider PCM Suffers Data Breach
Quick Hits  |  6/28/2019  | 
Attackers were reportedly able to compromise email and file-sharing systems for some of PCM's customers.
Chronicle Folds into Google
News  |  6/27/2019  | 
Alphabet's enterprise cybersecurity division will become part of the Google security portfolio.
Inside MLS, the New Protocol for Secure Enterprise Messaging
News  |  6/27/2019  | 
As personal messaging platforms see the rise of end-to-end encryption, businesses struggle to provide strong levels of security.
Office 365 Multifactor Authentication Done Right
Commentary  |  6/27/2019  | 
Why the ubiquitous nature of Office 365 poses unique challenges for MFA-based security and how organizations can protect themselves.
Developers and Security Teams Under Pressure to Collaborate
News  |  6/26/2019  | 
The challenges and benefits to getting two traditionally adversarial groups on the same page.
AWS CISO Talks Risk Reduction, Development, Recruitment
News  |  6/25/2019  | 
Steve Schmidt says limiting access to data has dramatically changed the security posture across Amazon Web Services.
Microsoft Adds New Secure Storage Area to OneDrive
Quick Hits  |  6/25/2019  | 
PersonalVault locks down files with MFA and encryption.
AWS Makes Control Tower & Security Hub Generally Available
Quick Hits  |  6/25/2019  | 
Security Hub aims to manage security across an AWS environment; Control Tower handles security and compliance for multi-account environments.
How to Avoid Becoming the Next Riviera Beach
Commentary  |  6/25/2019  | 
Be prepared by following these five steps so you don't have to pay a ransom to get your data back.
7 2019 Security Venture Fund Deals You Should Know
Slideshows  |  6/20/2019  | 
2019 has, so far, been a busy year for venture capitalists in the security industry. Here are 7 funding rounds important because of the technologies or market trends they represent.
Serverless Computing from the Inside Out
Commentary  |  6/19/2019  | 
The biggest 'serverless' risks don't stem from the technology itself. They occur when organizations respond to the adoption from the outside in.
Insecure Home IoT Devices a Clear and Present Danger to Corporate Security
News  |  6/19/2019  | 
Avast-sponsored study shows wide prevalence of IoT devices, many with weak credentials and other security vulnerabilities.
As Cloud Adoption Grows, DLP Remains Key Challenge
News  |  6/18/2019  | 
As businesses use the cloud to fuel growth, many fail to enforce data loss prevention or control how people share data.
Advertising Alliance Plans Protocols to Reduce Dangerous Content
Quick Hits  |  6/18/2019  | 
The Global Alliance for Responsible Media will seek ways to clamp down on dangerous and fake content.
The Life-Changing Magic of Tidying Up the Cloud
Commentary  |  6/17/2019  | 
Most companies' cloud security operations would benefit significantly from clean-up, alignment, and organization.
10 Notable Security Acquisitions of 2019 (So Far)
Slideshows  |  6/15/2019  | 
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
Google Adds Two-Factor Authentication for Its Apps on iOS
News  |  6/13/2019  | 
Android-based two-factor authentication now works for Google applications on iPad and iPhone.
CrowdStrike Prices IPO Above Range at $34
News  |  6/12/2019  | 
The endpoint security firm raised $612 million ahead of today's public debut.
What 3 Powerful GoT Women Teach Us about Cybersecurity
Commentary  |  6/11/2019  | 
Imagine Game of Thrones' Daenerys Targaryen, Arya Stark, and Cersei Lannister on the front lines in the real-world battleground of enterprise security.
Getting Up to Speed on Magecart
Commentary  |  6/11/2019  | 
Greater awareness of how Magecart works will give your company a leg up on the growing threat from this online credit card skimmer. Here are four places to start.
End User Lockdown: Dark Reading Caption Contest Winners
Commentary  |  6/7/2019  | 
Phishing, cybersecurity training, biometrics and casual Fridays. And the winners are ...
The Minefield of Corporate Email
News  |  6/7/2019  | 
Email security challenges CISOs as cybercriminals target corporate inboxes with malware, phishing attempts, and various forms of fraud.
How Today's Cybercriminals Sneak into Your Inbox
News  |  6/4/2019  | 
The tactics and techniques most commonly used to slip past security defenses and catch employees off guard.
Why FedRAMP Matters to Non-Federal Organizations
Commentary  |  6/4/2019  | 
Commercial companies should explore how FedRAMP can help mitigate risk as they move to the cloud.
7 Container Components That Increase a Network's Security
Slideshows  |  6/4/2019  | 
A proof of concept at Interop19 showed just how simple a container deployment can be.
Imperva Snaps Up Distil Networks for API, App Security
Quick Hits  |  6/4/2019  | 
Distil Networks' technology will be integrated into Imperva's security stack following the acquisition.


Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
US Sets $5 Million Bounty For Russian Hacker Behind Zeus Banking Thefts
Jai Vijayan, Contributing Writer,  12/5/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Our Endpoint Protection system is a little outdated... 
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19719
PUBLISHED: 2019-12-11
Tableau Server 10.3 through 2019.4 on Windows and Linux allows XSS via the embeddedAuthRedirect page.
CVE-2019-19720
PUBLISHED: 2019-12-11
Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() function in flex.c via a crafted BASIC source file.
CVE-2019-19707
PUBLISHED: 2019-12-11
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery packets.
CVE-2019-19708
PUBLISHED: 2019-12-11
The VisualEditor extension through 1.34 for MediaWiki allows XSS via pasted content containing an element with a data-ve-clipboard-key attribute.
CVE-2019-19709
PUBLISHED: 2019-12-11
MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page.