Cloud

News & Commentary
Timehop Releases New Details About July 4 Breach
Dark Reading Staff, Quick Hits
Additional information includes PII affected and the authentication issue that led to the breach.
By Dark Reading Staff , 7/12/2018
Comment0 comments  |  Read  |  Post a Comment
Getting Safe, Smart & Secure on S3
Eric Thomas, Director of Cloud, ExtraHopCommentary
AWS Simple Storage Service has proven to be a security minefield. It doesn't have to be if you pay attention to people, process, and technology.
By Eric Thomas Director of Cloud, ExtraHop, 7/11/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft July Security Updates Mostly Browser-Related
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Patch Tuesday includes 53 security updates, including mitigation for the latest side-channel attack.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 7/10/2018
Comment0 comments  |  Read  |  Post a Comment
Creating a Defensible Security Architecture
Justin Henderson, SANS Instructor and CEO of H & A Security SolutionsCommentary
Take the time to learn about your assets. You'll be able to layer in multiple prevention and detection solutions and have a highly effective security architecture.
By Justin Henderson SANS Instructor and CEO of H & A Security Solutions, 7/9/2018
Comment0 comments  |  Read  |  Post a Comment
Cryptocurrency Theft Drives 3x Increase in Money Laundering
Kelly Sheridan, Staff Editor, Dark ReadingNews
The first half of 2018 saw more cryptocurrency theft than all of 2017 combined, driving a rise in digital money laundering as criminals elude authorities.
By Kelly Sheridan Staff Editor, Dark Reading, 7/3/2018
Comment1 Comment  |  Read  |  Post a Comment
ThetaRay Raises $30M to Block Money Laundering
Dark Reading Staff, Quick Hits
With a total $60 million raised to date, the Israeli startup plans to expand operations in Europe, Asia, and the United States.
By Dark Reading Staff , 7/3/2018
Comment0 comments  |  Read  |  Post a Comment
Azure IoT Edge Exits Preview with Security Updates
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft rolls out its cloud-based IoT service to the general public, while upping data protection with new categories including device management and security.
By Kelly Sheridan Staff Editor, Dark Reading, 7/2/2018
Comment1 Comment  |  Read  |  Post a Comment
'Clipboard Hijacker' Malware Builds on Cryptocurrency Threat
Dark Reading Staff, Quick Hits
Clipboard Hijackers are not a new threat, but this one shows attackers are getting more advanced.
By Dark Reading Staff , 7/2/2018
Comment1 Comment  |  Read  |  Post a Comment
Natural Language Processing Fights Social Engineers
Kelly Sheridan, Staff Editor, Dark ReadingNews
Instead of trying to detect social engineering attacks based on a subject line or URL, a new tool conducts semantic analysis of text to determine malicious intent.
By Kelly Sheridan Staff Editor, Dark Reading, 6/29/2018
Comment0 comments  |  Read  |  Post a Comment
Equifax Software Manager Charged with Insider Trading
Dark Reading Staff, Quick Hits
Sudhakar Reddy Bonthu used insider information about the company's 2017 data breach to profit in stock transaction.
By Dark Reading Staff , 6/29/2018
Comment12 comments  |  Read  |  Post a Comment
Why Sharing Intelligence Makes Everyone Safer
Sanjay Vidyadharan, CAO & Head of Innovations at Marlabs Inc.Commentary
Security teams must expand strategies to go beyond simply identifying details tied to a specific threat to include context and information about attack methodologies.
By Sanjay Vidyadharan CAO & Head of Innovations at Marlabs Inc., 6/29/2018
Comment0 comments  |  Read  |  Post a Comment
Adidas US Website Hit by Data Breach
Dark Reading Staff, Quick Hits
The athletic apparel firm was hacked and data on potentially 'millions' of customers now at risk.
By Dark Reading Staff , 6/29/2018
Comment3 comments  |  Read  |  Post a Comment
The 6 Worst Insider Attacks of 2018 So Far
Ericka Chickowski, Contributing Writer, Dark Reading
Stalkers, fraudsters, saboteurs, and all nature of malicious insiders have put the hurt on some very high-profile employers.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/29/2018
Comment3 comments  |  Read  |  Post a Comment
65% of Resold Memory Cards Still Pack Personal Data
Kelly Sheridan, Staff Editor, Dark ReadingNews
Analyzed cards, mainly from smartphones and tablets, contained private personal information, business documentation, audio, video, and photos.
By Kelly Sheridan Staff Editor, Dark Reading, 6/28/2018
Comment1 Comment  |  Read  |  Post a Comment
Redefining Security with Blockchain
Stan Black, CSIO, CitrixCommentary
Blockchain offers a proactive approach to secure a new generation of digital platforms and services for both enterprises and individuals.
By Stan Black CSIO, Citrix, 6/28/2018
Comment1 Comment  |  Read  |  Post a Comment
Russia, Facebook & Cybersecurity: Combating Weaponized FUD in the Social Media Age
Mike Convertino, CISO & VP, Information Security, F5 NetworksCommentary
It's up to everyone -- users, security pros, government -- to be critical about the online information we encounter.
By Mike Convertino CISO & VP, Information Security, F5 Networks, 6/27/2018
Comment1 Comment  |  Read  |  Post a Comment
Coin Miner Malware Spikes 629% in 'Telling' Q1
Kelly Sheridan, Staff Editor, Dark ReadingNews
Drastic growth suggests adversaries are learning how they can maximize rewards with minimal effort.
By Kelly Sheridan Staff Editor, Dark Reading, 6/27/2018
Comment0 comments  |  Read  |  Post a Comment
The 3 R's for Surviving the Security Skills Shortage
Ericka Chickowski, Contributing Writer, Dark ReadingNews
How to recruit, retrain, and retain with creativity and discipline.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/27/2018
Comment0 comments  |  Read  |  Post a Comment
Insider Dangers Are Hiding in Collaboration Tools
Ericka Chickowski, Contributing Writer, Dark ReadingNews
The casual sharing of sensitive data, such as passwords, is opening the door to malicious insiders.
By Ericka Chickowski Contributing Writer, Dark Reading, 6/26/2018
Comment14 comments  |  Read  |  Post a Comment
'Have I Been Pwned' Now Built into Firefox, 1Password
Kelly Sheridan, Staff Editor, Dark ReadingNews
Users can search breach data in a new tool called Firefox Monitor and check if passwords have been exposed in 1Password on the Web.
By Kelly Sheridan Staff Editor, Dark Reading, 6/26/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
What We Talk About When We Talk About Risk
Jack Jones, Chairman, FAIR Institute,  7/11/2018
Ticketmaster Breach Part of Massive Payment Card Hacking Campaign
Jai Vijayan, Freelance writer,  7/10/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14084
PUBLISHED: 2018-07-16
An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell().
CVE-2018-14085
PUBLISHED: 2018-07-16
An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit { uint public start; function swe...
CVE-2018-14086
PUBLISHED: 2018-07-16
An issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell(...
CVE-2018-14087
PUBLISHED: 2018-07-16
An issue was discovered in a smart contract implementation for EUC (EUC), an Ethereum token. The contract has an integer overflow. If the owner sets the value of buyPrice to a large number in setPrices() then the "msg.value * buyPrice" will cause an integer overflow in the fallback functio...
CVE-2018-14088
PUBLISHED: 2018-07-16
An issue was discovered in a smart contract implementation for STeX White List (STE(WL)), an Ethereum token. The contract has an integer overflow. If the owner sets the value of amount to a large number then the "amount * 1000000000000000" will cause an integer overflow in withdrawToFounde...