Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Cloud posted in September 2016
6 Ways To Prepare For The EUs GDPR
News  |  9/30/2016  | 
In less than 20 months, all US companies doing business in the EU will face new consumer privacy requirements. Heres how to prepare for them.
EMV: The Anniversary Of One Deadline, The Eve of Another
News  |  9/29/2016  | 
How merchants and criminals responded since the EMV liability shift for point-of-sale devices one year ago. And what changes can we expect after the liability shift for ATMs, which is just days away?
Microsoft Launches Cloud-Based Fuzzing
News  |  9/28/2016  | 
'Project Springfield' debuts at Ignite conference.
Hacking The Polls: Where US Voting Processes Fall Short
Commentary  |  9/28/2016  | 
The patchwork of 50 decentralized state electoral systems threatens to disrupt our national election through ransomware attacks, hijacked voter registration rolls, and altered voting results.
5 Best Practices For Winning the IoT Security Arms Race
Commentary  |  9/27/2016  | 
By focusing on a pragmatic approach to security, its possible to develop IoT solutions that will reduce future risk without breaking the bank.
25 Security Vendors To Watch
Slideshows  |  9/27/2016  | 
A wave of security companies are armed with technologies to help businesses mitigate the next generation of cyberattacks. Who are these vendors and what can they offer?
Yahoo Confirms August Data Dump Issue Unrelated To Breach Of 500 Million Users
Quick Hits  |  9/27/2016  | 
No 'connection' between August 2016 data dump claims and 2014 nation-state attack, company says.
Yahoo Sued By User Over 2014 Hacking
Quick Hits  |  9/27/2016  | 
New Yorker files lawsuit against Yahoo for recklessness and delay in uncovering hack of half a billion accounts.
Yahoo Breach: US Senator Seeks SEC Role In Probe
Quick Hits  |  9/27/2016  | 
Democrat Mark Warner asks US Securities and Exchange Commission to investigate whether Yahoo completed obligations post breach discovery.
7 New Rules For IoT Safety & Vuln Disclosure
Commentary  |  9/24/2016  | 
In the Internet of Things, even the lowliest smart device can be used for a malicious purpose. Manufacturers take heed!
Spam Levels Spike, Thanks In Part To Ransomware
News  |  9/23/2016  | 
By shipping banking Trojans and ransomware that turn big profits fast, spammers can now afford the high overhead of high-volume spam campaigns.
7 Ways Cloud Alters The Security Equation
Slideshows  |  9/23/2016  | 
Would-be and existing customers must understand that security isn't set-and-forget just because it resides in the cloud.
D-FENSE! Using Research To Craft Effective Cyber Defenses
D-FENSE! Using Research To Craft Effective Cyber Defenses
Dark Reading Videos  |  9/23/2016  | 
A pair of experts from Imperva stops by the Dark Reading News Desk to chat.
On-Premises & In The Cloud: Making Sense Of Your Cybersecurity Ecosystem
Commentary  |  9/23/2016  | 
As enterprises continue to invest in hybrid cloud strategies, they need their fragmented security solutions to work together.
FTC Releases Video With Data Breach Recovery Advice
Quick Hits  |  9/23/2016  | 
The US Federal Trade Commission video has detailed instructions on what to do if personal data of a user is stolen and exposed.
SWIFT CISO: Cyber Threat 'Persistent'
Quick Hits  |  9/22/2016  | 
Alain Desausoi describes threat as persistent, and says there's been progress in combating it via new SWIFT initiatives.
How Cloud, Mobile Are Changing IT, Security Management: Study
News  |  9/21/2016  | 
The evolution of technology is changing the role of IT and security pros as more employees use cloud apps and connect personal devices to corporate networks.
Florida Man Charged With Hacking Linux Servers
Quick Hits  |  9/21/2016  | 
Donald Austin allegedly stole credentials of Linux employee to hack four company servers and install rootkit and Trojan software.
Why You May Need To Shake Up Your DevOps Team To Manage The Cloud
Commentary  |  9/16/2016  | 
The security approaches of yesterday wont work in the cloud world of today and tomorrow.
Yes, The Cloud Can Be A Security Win
Commentary  |  9/15/2016  | 
With the right controls in place, the cloud doesnt have to be a scary place. These guidelines can help your company stay safe.
Keep It Simple: Security For A Complex Enterprise
Keep It Simple: Security For A Complex Enterprise
Dark Reading Videos  |  9/14/2016  | 
Michelle Cobb of Skybox Security talks to Dark Reading about security management.
Wisdom From A Thought Leader: AppSec Best Practices
Wisdom From A Thought Leader: AppSec Best Practices
Dark Reading Videos  |  9/14/2016  | 
The Black Hat News Desk chats with Jeff Williams, CTO at Contrast Security.
Google, Facebook, Twitter, Petition Congress To Support ICANN Transition
Quick Hits  |  9/14/2016  | 
Google, Facebook, Twitter, Yahoo and other tech companies ask Congress to not oppose the scheduled October 1 transfer of Internet control to global community.
Don't Trust That Trust Mechanism: Vulnerabilities In Digital Certificates
Don't Trust That Trust Mechanism: Vulnerabilities In Digital Certificates
Dark Reading Videos  |  9/14/2016  | 
Tom Nipravsky, security researcher at Deep Instinct, explains how to tell the difference between a digital certificate that's worth your trust and one that isn't.
Startup Focuses On Real-Time Security Monitoring Of Plant Networks
News  |  9/13/2016  | 
With $32 million in venture capital funding and co-founders from Siemens and Israeli Defense Force research teams, Claroty emerges from stealth.
A Moving Target: Tackling Cloud Security As A Data Issue
Commentary  |  9/13/2016  | 
Todays challenge is protecting critical information that an increasingly mobile workforce transfers every day between clouds, between cloud and mobile, and between cloud, mobile, and IoT.
White House Names First Federal CISO
Quick Hits  |  9/12/2016  | 
Retired Brigadier General Touhill will serve as federal CISO.
Dan Kaminsky On How Not To Lose The Internet As We Know It
Dan Kaminsky On How Not To Lose The Internet As We Know It
Dark Reading Videos  |  9/12/2016  | 
Dan Kaminsky discusses how to improve the security and privacy of the Internet without destroying the openness and freedom to innovate that it has always provided.
Data Manipulation: An Imminent Threat
Commentary  |  9/12/2016  | 
Critical industries are largely unprepared for a potential wave of destructive attacks.
Avoiding The Blame Game For A Cyberattack
Commentary  |  9/8/2016  | 
How organizations can develop a framework of acceptable care for cybersecurity risk.
Crimeware-as-a-Service Hack Turns Potential Hackers Into Victims
News  |  9/8/2016  | 
Cybercriminals are using Google Docs to host a new Facebook scamming tool, which is designed to steal credentials from potential hackers who try to access other users' accounts.
Defining The Common Core Of Cybersecurity: Certifications + Practical Experience
Commentary  |  9/7/2016  | 
Security certifications are necessary credentials, but alone wont solve the industrys critical talent gap.
Cloud Security Alliance: 10 Ways To Achieve Access Control For Big Data
Slideshows  |  9/3/2016  | 
A look at granular access control of the big data security and privacy.
Social Media Fraud Spikes, Study Finds
News  |  9/1/2016  | 
Nearly 20% of social media accounts associated with ten major global brands are fraudulent.
How To Talk About Security With Every C-Suite Member
Commentary  |  9/1/2016  | 
Reframe your approach with context in order to get your message across.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/14/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10287
PUBLISHED: 2020-07-15
The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running these exact default cre...
CVE-2020-10288
PUBLISHED: 2020-07-15
IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted.
CVE-2020-15780
PUBLISHED: 2020-07-15
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
CVE-2019-17639
PUBLISHED: 2020-07-15
In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This...
CVE-2019-20908
PUBLISHED: 2020-07-15
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.