Cloud

News & Commentary
Netskope Announces Series F Funding Round
Dark Reading Staff, Quick Hits
The $168.7 million round will go toward R&D and global expansion, says cloud access security broker provider.
By Dark Reading Staff , 11/13/2018
Comment0 comments  |  Read  |  Post a Comment
7 Cool New Security Tools to be Revealed at Black Hat Europe
Ericka Chickowski, Contributing Writer, Dark Reading
Black Hat Europe's Arsenal lineup will include demoes of new security tools, from AI malware research to container orchestration.
By Ericka Chickowski Contributing Writer, Dark Reading, 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Cyberattacks Top Business Risks in North America, Europe, EAP
Dark Reading Staff, Quick Hits
The World Economic Forum reports cyberattacks are a top enterprise concern following WannaCry and the rise of e-commerce.
By Dark Reading Staff , 11/12/2018
Comment0 comments  |  Read  |  Post a Comment
Dropbox Teams with Israeli Security Firm Coronet
Dark Reading Staff, Quick Hits
The partnership is expected to improve threat detection for Dropbox while growing Coronet's user base.
By Dark Reading Staff , 11/9/2018
Comment0 comments  |  Read  |  Post a Comment
'PortSmash' Brings New Side-Channel Attack to Intel Processors
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
New vulnerability exposes encryption keys in the first proof-of-concept code.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 11/6/2018
Comment1 Comment  |  Read  |  Post a Comment
Most Businesses to Add More Cloud Security Tools
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cloud adoption drives organizations to spend in 2019 as they learn traditional security practices can't keep up.
By Kelly Sheridan Staff Editor, Dark Reading, 11/6/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft, Amazon Top BEC's Favorite Brands
Kelly Sheridan, Staff Editor, Dark ReadingNews
When attackers want to impersonate a brand via email, the majority turn to Microsoft and Amazon because of their ubiquity in enterprise environments.
By Kelly Sheridan Staff Editor, Dark Reading, 11/1/2018
Comment0 comments  |  Read  |  Post a Comment
Qualys Snaps Up Container Firm
Dark Reading Staff, Quick Hits
Plans to use Layered Insight's technology to add runtime capabilities and automated enforcement to its container security tool.
By Dark Reading Staff , 10/31/2018
Comment0 comments  |  Read  |  Post a Comment
How the Power of Quantum Can Be Used Against Us
Rodney Joffe, SVP and Senior Technologist, Neustar Commentary
There has been a palpable shift from volumetric attacks to "quantum attacks," and they look to be one of the biggest cybersecurity challenges on the rise today.
By Rodney Joffe SVP and Senior Technologist, Neustar , 10/31/2018
Comment0 comments  |  Read  |  Post a Comment
9 Traits of A Strong Infosec Resume
Kelly Sheridan, Staff Editor, Dark Reading
Security experts share insights on which skills and experiences are most helpful to job hunters looking for their next gig.
By Kelly Sheridan Staff Editor, Dark Reading, 10/31/2018
Comment1 Comment  |  Read  |  Post a Comment
The Case for MarDevSecOps
Jim Kaskade, CEO, JanrainCommentary
Why security must lead the integration of marketing into the collaborative security and development model in the cloud.
By Jim Kaskade CEO, Janrain, 10/30/2018
Comment11 comments  |  Read  |  Post a Comment
Security Implications of IBM-Red Hat Merger Unclear
Jai Vijayan, Freelance writerNews
But enterprises and open source community likely have little to be concerned about, industry experts say.
By Jai Vijayan Freelance writer, 10/29/2018
Comment8 comments  |  Read  |  Post a Comment
Windows Defender: First Full Antivirus Tool to Run in a Sandbox
Kelly Sheridan, Staff Editor, Dark ReadingNews
Sandboxed version now available to Windows Insiders and anyone else who force-enables it in Windows 10 version 1703 and above.
By Kelly Sheridan Staff Editor, Dark Reading, 10/29/2018
Comment0 comments  |  Read  |  Post a Comment
AppSec Is Dead, but Software Security Is Alive & Well
Matt Rose, Global Director Application Security Strategy, at CheckmarxCommentary
Application security must be re-envisioned to support software security. It's time to shake up your processes.
By Matt Rose Global Director Application Security Strategy, at Checkmarx, 10/29/2018
Comment2 comments  |  Read  |  Post a Comment
3 Keys to Reducing the Threat of Ransomware
Joe Merces, CEO at Cloud DaddyCommentary
Following these steps could mean the difference between an inconvenience and a multimillion-dollar IT system rebuild -- for the public and private sectors alike.
By Joe Merces CEO at Cloud Daddy, 10/26/2018
Comment9 comments  |  Read  |  Post a Comment
Side-Channel Attack Exposes User Accounts on Facebook, XBox, Other Social Sites
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Researcher will demonstrate at Black Hat Europe his team's recent discovery: a way to exploit popular user-blocking feature on social media and other sites.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/25/2018
Comment0 comments  |  Read  |  Post a Comment
Securing Serverless: Attacking an AWS Account via a Lambda Function
Ory Segal, CTO, PureSecCommentary
Its not every day that someone lets you freely wreak havoc on their account just to find out what happens when you do.
By Ory Segal CTO, PureSec, 10/25/2018
Comment2 comments  |  Read  |  Post a Comment
Securing Severless: Defend or Attack?
Caleb Sima, Founder, Badkode VenturesCommentary
The best way to protect your cloud infrastructure is to pay attention to the fundamentals of application security, identity access management roles, and follow configuration best-practices.
By Caleb Sima Founder, Badkode Ventures, 10/25/2018
Comment0 comments  |  Read  |  Post a Comment
Windows 7 End-of-Life: Are You Ready?
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft will terminate support for Windows 7 in January 2020, but some there's still some confusion among enterprises about when the OS officially gets retired.
By Kelly Sheridan Staff Editor, Dark Reading, 10/24/2018
Comment1 Comment  |  Read  |  Post a Comment
Benefits of DNS Service Locality
Paul Vixie, Chairman & CEO, Farsight Security, Inc.Commentary
Operating one's own local DNS resolution servers is one of the simplest and lowest-cost things an IT administrator can do to monitor and protect applications, services, and users from potential risks.
By Paul Vixie Chairman & CEO, Farsight Security, Inc., 10/24/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by janjikiu
Current Conversations very nice
In reply to: very nice
Post Your Own Reply
More Conversations
PR Newswire
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
5 Reasons Why Threat Intelligence Doesn't Work
Jonathan Zhang, CEO/Founder of WhoisXML API and TIP,  11/7/2018
Why Password Management and Security Strategies Fall Short
Steve Zurier, Freelance Writer,  11/7/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-8584
PUBLISHED: 2018-11-14
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.
CVE-2018-8588
PUBLISHED: 2018-11-14
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8...
CVE-2018-8589
PUBLISHED: 2018-11-14
An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.
CVE-2018-8592
PUBLISHED: 2018-11-14
An elevation of privilege vulnerability exists in Windows 10 version 1809 when installed from physical media (USB, DVD, etc, aka "Windows Elevation Of Privilege Vulnerability." This affects Windows 10, Windows Server 2019.
CVE-2018-8600
PUBLISHED: 2018-11-14
A Cross-site Scripting (XSS) vulnerability exists when Azure App Services on Azure Stack does not properly sanitize user provided input, aka "Azure App Service Cross-site Scripting Vulnerability." This affects Azure App.