Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

News & Commentary
One Arrested in Ecuador's Mega Data Leak
Dark Reading Staff, Quick Hits
Officials arrest a leader of consulting firm Novaestrat, which owned an unprotected server that exposed 20.8 million personal records.
By Dark Reading Staff , 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
How Ransomware Criminals Turn Friends into Enemies
Chester Wisniewski, Principal Research Scientist, SophosCommentary
Managed service providers are the latest pawns in ransomware's game of chess.
By Chester Wisniewski Principal Research Scientist, Sophos, 9/18/2019
Comment0 comments  |  Read  |  Post a Comment
Five Common Cloud Configuration Mistakes
Peter Smith, Founder & Chief Executive Officer, Edgewise NetworksCommentary
It's a joint responsibility to keep data safe in the cloud. Here's what cloud customers must do to keep their end of the bargain.
By Peter Smith Founder & Chief Executive Officer, Edgewise Networks, 9/17/2019
Comment0 comments  |  Read  |  Post a Comment
Oracle Expands Cloud Security Services at OpenWorld 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
The company broadens its portfolio with new services developed to centralize and automate cloud security.
By Kelly Sheridan Staff Editor, Dark Reading, 9/16/2019
Comment0 comments  |  Read  |  Post a Comment
Data Leak Affects Most of Ecuador's Population
Kelly Sheridan, Staff Editor, Dark ReadingNews
An unsecured database containing 18GB of data exposed more than 20 million records, most of which held details about Ecuadorian citizens.
By Kelly Sheridan Staff Editor, Dark Reading, 9/16/2019
Comment0 comments  |  Read  |  Post a Comment
Security Leaders Share Tips for Boardroom Chats
Kelly Sheridan, Staff Editor, Dark Reading
Cisco, Oracle, and LinkedIn security leaders share their challenges in communicating with business teams and advice for how CISOs can navigate the relationship.
By Kelly Sheridan Staff Editor, Dark Reading, 9/12/2019
Comment0 comments  |  Read  |  Post a Comment
Third-Party Features Leave Websites More Vulnerable to Attack
Dark Reading Staff, Quick Hits
A new report points out the dangers to customer data of website reliance on multiple third parties.
By Dark Reading Staff , 9/10/2019
Comment2 comments  |  Read  |  Post a Comment
Two Zero-Days Fixed in Microsoft Patch Rollout
Kelly Sheridan, Staff Editor, Dark ReadingNews
September's Patch Tuesday addressed 80 vulnerabilities, two of which have already been exploited in the wild.
By Kelly Sheridan Staff Editor, Dark Reading, 9/10/2019
Comment0 comments  |  Read  |  Post a Comment
AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at ZscalerCommentary
Artificial intelligence is no substitute for common sense, and it works best in combination with conventional cybersecurity technology. Here are the basic requirements and best practices you need to know.
By Howie Xu Vice President of AI and Machine Learning at Zscaler, 9/10/2019
Comment2 comments  |  Read  |  Post a Comment
More Than 99% of Cyberattacks Need Victims' Help
Kelly Sheridan, Staff Editor, Dark ReadingNews
Research highlights how most criminals exploit human curiosity and trust to click, download, install, open, and send money or information.
By Kelly Sheridan Staff Editor, Dark Reading, 9/9/2019
Comment1 Comment  |  Read  |  Post a Comment
Job-Seeker Data Exposed in Monster File Leak
Dark Reading Staff, Quick Hits
The job website says it cannot notify users since the exposure occurred on a third-party organization's servers.
By Dark Reading Staff , 9/6/2019
Comment0 comments  |  Read  |  Post a Comment
Crimeware: How Criminals Built a Business to Target Businesses
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report investigates the evolution of crimeware, how businesses underestimate the threat, and why they should be concerned.
By Kelly Sheridan Staff Editor, Dark Reading, 9/5/2019
Comment1 Comment  |  Read  |  Post a Comment
419M Facebook User Phone Numbers Publicly Exposed
Dark Reading Staff, Quick Hits
It's still unclear who owned the server storing hundreds of millions of records online without a password.
By Dark Reading Staff , 9/5/2019
Comment1 Comment  |  Read  |  Post a Comment
Phishing Campaign Uses SharePoint to Slip Past Defenses
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybercriminals targeting financial institutions in the UK bypassed Symantec email gateway and other perimeter technologies.
By Kelly Sheridan Staff Editor, Dark Reading, 9/4/2019
Comment2 comments  |  Read  |  Post a Comment
Cartoon Contest: Bedtime Stories
John Klossner, Cartoonist
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
By John Klossner Cartoonist, 9/4/2019
Comment10 comments  |  Read  |  Post a Comment
A Tale of Two Buzzwords: 'Automated' and 'Autonomous' Solutions Aren't the Same Thing
Scott Totman, VP of Engineering, DivvyCloudCommentary
Enterprises must learn the difference between the two and the appropriate use cases for each.
By Scott Totman VP of Engineering, DivvyCloud, 9/4/2019
Comment0 comments  |  Read  |  Post a Comment
Multicloud Businesses Face Higher Breach Risk
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report finds 52% of multicloud environments have suffered a breach within the past year, compared with 24% of hybrid cloud users.
By Kelly Sheridan Staff Editor, Dark Reading, 9/3/2019
Comment0 comments  |  Read  |  Post a Comment
3 Promising Technologies Making an Impact on Cybersecurity
Jon Oltsik, Senior Principal Analyst & Fellow, Enterprise Strategy GroupCommentary
The common thread: Each acts as a force multiplier, adding value to every other security technology around it.
By Jon Oltsik Senior Principal Analyst & Fellow, Enterprise Strategy Group, 9/3/2019
Comment0 comments  |  Read  |  Post a Comment
Google Uncovers Massive iPhone Attack Campaign
Kelly Sheridan, Staff Editor, Dark ReadingNews
A group of hacked websites has been silently compromising fully patched iPhones for at least two years, Project Zero reports.
By Kelly Sheridan Staff Editor, Dark Reading, 8/30/2019
Comment0 comments  |  Read  |  Post a Comment
Google Announces New, Expanded Bounty Programs
Dark Reading Staff, Quick Hits
The company is significantly expanding the bug-bounty program for Google Play and starting a program aimed at user data protection.
By Dark Reading Staff , 8/29/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
Preventing PTSD and Burnout for Cybersecurity Professionals
Craig Hinkley, CEO, WhiteHat Security,  9/16/2019
NetCAT Vulnerability Is Out of the Bag
Dark Reading Staff 9/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16413
PUBLISHED: 2019-09-19
An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
CVE-2019-3738
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
CVE-2019-3739
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
CVE-2019-3740
PUBLISHED: 2019-09-18
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
CVE-2019-3756
PUBLISHED: 2019-09-18
RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information disclosure vulnerability. Information relating to the backend database gets disclosed to low-privileged RSA Archer users' UI under certain error conditions.