Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Cloud posted in August 2019
Google Uncovers Massive iPhone Attack Campaign
News  |  8/30/2019  | 
A group of hacked websites has been silently compromising fully patched iPhones for at least two years, Project Zero reports.
Google Announces New, Expanded Bounty Programs
Quick Hits  |  8/29/2019  | 
The company is significantly expanding the bug-bounty program for Google Play and starting a program aimed at user data protection.
Google Cloud Releases Beta of Managed Service to Microsoft AD
Quick Hits  |  8/29/2019  | 
Managed Service for Microsoft Active Directory was built to help admins handle cloud-based workloads.
Malware Found in Android App with 100M Users
Quick Hits  |  8/28/2019  | 
CamScanner, a legitimate app used to scan and manage documents, was found executing payloads on Android devices.
Imperva Customer Database Exposed
Quick Hits  |  8/27/2019  | 
A subset of customers for the company's Incapsula web application firewall had their email addresses, hashed/salted passwords, and more open to unauthorized access, Imperva announced.
CrowdStrike Launches Fund for Early-Stage Endpoint Security Startups
News  |  8/27/2019  | 
It's goal is to accelerate delivery of third-party apps that add on and extend the company's Falcon cloud-hosted services.
WannaCry Remains No. 1 Ransomware Weapon
News  |  8/27/2019  | 
Of all of the ransomware variants spotted targeting victims in the first half of 2019, the infamous WannaCry was by far the most prevalent, according to Trend Micro's detection data.
6 Ways Airlines and Hotels Can Keep Their Networks Secure
Slideshows  |  8/27/2019  | 
As recent news can attest, travel and hospitality companies are prime targets for cybercriminals. Here are six privacy and security tips that can help lock down privacy and security.
More Than Half of Social Media Login Attempts Are Fraud
News  |  8/26/2019  | 
Overall, account registrations for tech companies are four times more likely to be malicious than legitimate, a new report states.
IBM Announces Quantum Safe Encryption
Quick Hits  |  8/23/2019  | 
Techniques too tough for quantum computing solutions will be part of public cloud and tape storage encryption.
VMware to Buy Carbon Black for $2.1B
Quick Hits  |  8/23/2019  | 
Virtual machine giant's big cloud move includes plans to shell out $2.7 billion in stock transactions for Pivotal Software.
Capital One Breach: What Security Teams Can Do Now
Commentary  |  8/23/2019  | 
Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks.
Microsoft Tops Phishers' Favorite Brands as Facebook Spikes
News  |  8/22/2019  | 
Microsoft remains the favorite brand to spoof in phishing campaigns, but more attackers are impersonating Facebook.
Threat Intelligence Gateways: A Useful Adjunct to Overworked Perimeter Security
Commentary  |  8/22/2019  | 
Comparative research shows the relative strengths and weaknesses of five TIG vendors and which kinds of security organization will reap the most benefit.
LinkedIn Details Features of Fight Against Fakes
Quick Hits  |  8/22/2019  | 
A recent blog post explains how the social network is fighting to protect its users from interactions with fake accounts.
Splunk Buys SignalFx for $1.05 Billion
Quick Hits  |  8/21/2019  | 
Deal will yield 'one platform that can monitor the entire enterprise application lifecycle,' Splunk CEO says.
MoviePass Leaves Credit Card Numbers, Personal Data Exposed Online
News  |  8/21/2019  | 
Thousands of customers' credit card numbers, MoviePass card numbers, and sensitive data were left in an unprotected database.
'Box Shield' Brings New Security Controls
News  |  8/21/2019  | 
New controls and threat detection capabilities built into Box aim to prevent accidental data leakage and misuse.
New Confidential Computing Consortium Includes Google, Intel, Microsoft
Quick Hits  |  8/21/2019  | 
The Linux Foundation plans to form a community to "define and accelerate" the adoption of confidential computing.
7 Big Factors Putting Small Businesses At Risk
Slideshows  |  8/21/2019  | 
Small organizations still face a long list of security threats. These threats and vulnerabilities should be top of mind.
Cyberthreats Against Financial Services Up 56%
Quick Hits  |  8/20/2019  | 
Financial institutions interacting with customers online must prepare for a broader, more sophisticated variety of threats.
US Chamber of Commerce, FICO Report National Risk Score of 688
Quick Hits  |  8/19/2019  | 
While the score was up for large businesses and down for small firms, the report urges all to prioritize third-party risk management.
European Central Bank Website Hit by Malware Attack
Quick Hits  |  8/16/2019  | 
The website was infected with malware that stole information on subscribers to a bank newsletter.
7 Biggest Cloud Security Blind Spots
Slideshows  |  8/15/2019  | 
Cloud computing boon is for innovation, yet security organizations find themselves running into obstacles.
Why Companies Fail to Learn from Peers' Mistakes (and How They Can Change)
Commentary  |  8/14/2019  | 
Far too often, there's a new breach in the headlines. Companies need to start learning some obvious lessons.
Microservices Flip App Security on Its Head
Commentary  |  8/14/2019  | 
With faster application deployment comes increased security considerations.
Microsoft Patches Wormable RCE Vulns in Remote Desktop Services
News  |  8/13/2019  | 
Similar to the now-patched 'BlueKeep' vulnerability, two flaws fixed today could let malware spread across vulnerable computers.
700K Guest Records Stolen in Choice Hotels Breach
Quick Hits  |  8/13/2019  | 
Cybercriminals reportedly stole the information from an exposed MongoDB database on a third-party server.
History Doesn't Repeat Itself in Cyberspace
Commentary  |  8/13/2019  | 
The 10th anniversary of the US Cyber Command is an opportunity to prepare for unknowns in the rapidly changing cybersecurity landscape.
DEF CON Voting Village: It's About 'Risk'
News  |  8/12/2019  | 
DHS, security experts worry about nation-state or other actors waging a disruptive or other attack on the 2020 election to sow distrust of the election process.
Dark Reading News Desk Live at Black Hat USA 2019
News  |  8/8/2019  | 
Watch right here for 40 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.
Enterprises Must Be Wary of Ransomware Targeting Network File Shares & Cloud Assets
News  |  8/7/2019  | 
New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.
Microsoft Opens Azure Security Lab, Raises Top Azure Bounty to $40K
News  |  8/5/2019  | 
Microsoft has invited security experts to 'come and do their worst' to mimic cybercriminals in the Azure Security Lab.
Capital One: What We Should Learn This Time
News  |  8/2/2019  | 
Where Capital One went wrong, what the bank did right, and more key takeaways from the latest mega-breach.


News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3287
PUBLISHED: 2021-04-22
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class.
CVE-2021-31547
PUBLISHED: 2021-04-22
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules.
CVE-2021-31548
PUBLISHED: 2021-04-22
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed.
CVE-2021-31549
PUBLISHED: 2021-04-22
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. The Special:AbuseFilter/examine form allowed for the disclosure of suppressed MediaWiki usernames to unprivileged users.
CVE-2021-31550
PUBLISHED: 2021-04-22
An issue was discovered in the CommentBox extension for MediaWiki through 1.35.2. Via crafted configuration variables, a malicious actor could introduce XSS payloads into various layers.