Cloud

News & Commentary
The Security Perimeter Is Dead; Long Live the New Endpoint Perimeter
Ofer Amitai, CEO, PortnoxCommentary
The network no longer provides an air gap against external threats, but access devices can take up the slack.
By Ofer Amitai CEO, Portnox, 1/17/2019
Comment0 comments  |  Read  |  Post a Comment
Former IBM Security Execs Launch Cloud Data Security Startup
Kelly Sheridan, Staff Editor, Dark ReadingNews
Sonrai Security, the brainchild of two execs from IBM Security and Q1 Labs, debuts with $18.5 million in Series A funding.
By Kelly Sheridan Staff Editor, Dark Reading, 1/15/2019
Comment0 comments  |  Read  |  Post a Comment
Who Takes Responsibility for Cyberattacks in the Cloud?
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new CSA report addresses the issue of breach responsibility as more organizations move ERP application data the cloud.
By Kelly Sheridan Staff Editor, Dark Reading, 1/11/2019
Comment2 comments  |  Read  |  Post a Comment
Reddit Alerts Users to Possible Account Breaches
Dark Reading Staff, Quick Hits
User lockouts, combined with requirements for new passwords, indicate an attack on accounts at the popular social media platform.
By Dark Reading Staff , 1/10/2019
Comment0 comments  |  Read  |  Post a Comment
Container Deployments Bring Security Woes at DevOps Speed
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Nearly half of all companies know that they're deploying containers with security flaws, according to a new survey.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/9/2019
Comment0 comments  |  Read  |  Post a Comment
Security at the Speed of DevOps: Maturity, Orchestration, and Detection
Kamal Shah, CEO at StackRoxCommentary
Container and microservices technologies, including the orchestrator Kubernetes, create an extraordinary opportunity to build infrastructure and applications that are secure by design.
By Kamal Shah CEO at StackRox, 1/9/2019
Comment0 comments  |  Read  |  Post a Comment
New 'Crypto Dusting' Attack Gives Cash, Takes Reputation
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
This new form of crypto wallet fraud enlists unwary consumers and companies to help defeat anti-money laundering methods for law enforcement and regulators.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 1/8/2019
Comment0 comments  |  Read  |  Post a Comment
Your Life Is the Attack Surface: The Risks of IoT
Jason Haddix, Vice President of Researcher Growth at BugcrowdCommentary
To protect yourself, you must know where you're vulnerable and these tips can help.
By Jason Haddix Vice President of Researcher Growth at Bugcrowd, 1/8/2019
Comment0 comments  |  Read  |  Post a Comment
Sophos Buys Cloud Security Company
Dark Reading Staff, Quick Hits
Deal gives Sophos a new AI-based cloud security platform.
By Dark Reading Staff , 1/8/2019
Comment0 comments  |  Read  |  Post a Comment
Report: Consumers Buy New Smart Devices But Don't Trust Them
Dark Reading Staff, Quick Hits
The gap between acceptance and trust for new smart devices is huge, according to a new survey.
By Dark Reading Staff , 1/7/2019
Comment1 Comment  |  Read  |  Post a Comment
Managing Security in Today's Compliance and Regulatory Environment
Andrew Williams, Product Director, Cyber Risk Advisory and FedRAMP Assessment Services, CoalfireCommentary
Instead of losing sight of the cybersecurity forest as we navigate the compliance trees, consolidate and simplify regulatory compliance efforts to keep your eyes on the security prize.
By Andrew Williams Product Director, Cyber Risk Advisory and FedRAMP Assessment Services, Coalfire, 1/4/2019
Comment0 comments  |  Read  |  Post a Comment
Attackers Use Google Cloud to Target US, UK Banks
Dark Reading Staff, Quick Hits
Employees at financial services firms hit with an email attack campaign abusing a Google Cloud storage service.
By Dark Reading Staff , 12/26/2018
Comment3 comments  |  Read  |  Post a Comment
Spending Spree: What's on Security Investors' Minds for 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cybersecurity threats, technology, and investment trends that are poised to dictate venture capital funding in 2019.
By Kelly Sheridan Staff Editor, Dark Reading, 12/26/2018
Comment2 comments  |  Read  |  Post a Comment
Security 101: How Businesses and Schools Bridge the Talent Gap
Kelly Sheridan, Staff Editor, Dark ReadingNews
Security experts share the skills companies are looking for, the skills students are learning, and how to best find talent you need.
By Kelly Sheridan Staff Editor, Dark Reading, 12/20/2018
Comment0 comments  |  Read  |  Post a Comment
US Indicts 2 APT10 Members for Years-Long Hacking Campaign
Dark Reading Staff, Quick Hits
In an indictment unsealed this morning, the US ties China's state security agency to a widespread campaign of personal and corporate information theft.
By Dark Reading Staff , 12/20/2018
Comment0 comments  |  Read  |  Post a Comment
How to Remotely Brick a Server
Kelly Sheridan, Staff Editor, Dark ReadingNews
Researchers demonstrate the process of remotely bricking a server, which carries serious and irreversible consequences for businesses.
By Kelly Sheridan Staff Editor, Dark Reading, 12/19/2018
Comment0 comments  |  Read  |  Post a Comment
Cybersecurity in 2019: From IoT & Struts to Gray Hats & Honeypots
Phillip Maddux, Principal Application Security Researcher & Advisor at Signal SciencesCommentary
While you prepare your defenses against the next big thing, also pay attention to the longstanding threats that the industry still hasn't put to rest.
By Phillip Maddux Principal Application Security Researcher & Advisor at Signal Sciences, 12/19/2018
Comment0 comments  |  Read  |  Post a Comment
Shhhhh! The Secret to Secrets Management
Mark B. Cooper, President and Founder, PKI SolutionsCommentary
Companies need to take a centralized approach to protecting confidential data and assets. Here are 12 ways to get a handle on the problem.
By Mark B. Cooper President and Founder, PKI Solutions, 12/17/2018
Comment0 comments  |  Read  |  Post a Comment
Who Are You, Really? A Peek at the Future of Identity
Kelly Sheridan, Staff Editor, Dark ReadingNews
Experts dive into the trends and challenges defining the identity space and predict how online identities will change in years to come.
By Kelly Sheridan Staff Editor, Dark Reading, 12/14/2018
Comment2 comments  |  Read  |  Post a Comment
2019 Attacker Playbook
Ericka Chickowski, Contributing Writer, Dark Reading
Security pundits predict the ways that cybercriminals, nation-state actors, and other attackers will refine their tactics, techniques, and procedures in the coming year.
By Ericka Chickowski Contributing Writer, Dark Reading, 12/14/2018
Comment3 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by fredweiser
Current Conversations Thanks for the information!
In reply to: Great post
Post Your Own Reply
More Conversations
PR Newswire
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-0624
PUBLISHED: 2019-01-17
A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype.
CVE-2019-0646
PUBLISHED: 2019-01-17
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team.
CVE-2019-0647
PUBLISHED: 2019-01-17
An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka "Team Foundation Server Information Disclosure Vulnerability." This affects Team.
CVE-2018-20727
PUBLISHED: 2019-01-17
Multiple command injection vulnerabilities in NeDi before 1.7Cp3 allow authenticated users to execute code on the server side via the flt parameter to Nodes-Traffic.php, the dv parameter to Devices-Graph.php, or the tit parameter to drawmap.php.
CVE-2018-20728
PUBLISHED: 2019-01-17
A cross site request forgery (CSRF) vulnerability in NeDi before 1.7Cp3 allows remote attackers to escalate privileges via User-Management.php.