Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

News & Commentary
Zscaler Buys Edge Networks
Dark Reading Staff, Quick Hits
The acquisition is Zscaler's second major buy this quarter.
By Dark Reading Staff , 5/29/2020
Comment0 comments  |  Read  |  Post a Comment
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing WriterNews
A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.
By Robert Lemos Contributing Writer, 5/27/2020
Comment6 comments  |  Read  |  Post a Comment
Cloud Security Architect Proves Hardest Infosec Role to Fill
Dark Reading Staff, Quick Hits
Nearly 70% of businesses struggle to recruit, hire, and retain cybersecurity talent, and many link security incidents to lack of skills.
By Dark Reading Staff , 5/27/2020
Comment8 comments  |  Read  |  Post a Comment
Benefits of a Cloud-Based, Automated Cyber Range
Rocky Yuan, Cybersecurity Engineer at BAE systemsCommentary
A cyber range is an irreplaceable tool that allows cybersecurity professionals to improve their response capabilities as well as their ability to identify risks.
By Rocky Yuan Cybersecurity Engineer at BAE systems, 5/26/2020
Comment1 Comment  |  Read  |  Post a Comment
Content Delivery Networks Adding Checks for Magecart Attacks
Robert Lemos, Contributing WriterNews
Modern web applications make significant use of third-party code to drive innovation, but the software supply chain has also turned into a major source of threat. CDNs aim to change that.
By Robert Lemos Contributing Writer, 5/26/2020
Comment0 comments  |  Read  |  Post a Comment
Former Salesforce Execs Launch Data Protection Startup
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Cloud-based API service stores and manages sensitive consumer data with a zero-trust, database-as-a service approach.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 5/22/2020
Comment0 comments  |  Read  |  Post a Comment
10 iOS Security Tips to Lock Down Your iPhone
Kelly Sheridan, Staff Editor, Dark Reading
Mobile security experts share their go-to advice for protecting iPhones from hackers, thieves, and fraudsters.
By Kelly Sheridan Staff Editor, Dark Reading, 5/22/2020
Comment2 comments  |  Read  |  Post a Comment
Hackers Serve Up Stolen Credentials from Home Chef
Dark Reading Staff, Quick Hits
Some 8 million of the meal delivery company's customer records have been offered for sale on the Dark Web.
By Dark Reading Staff , 5/21/2020
Comment0 comments  |  Read  |  Post a Comment
Telcos Become Richer Hacking Targets
Alison Diana, Contributing WriterNews
The shift of moving telecommunications networks toward more commercial networking equipment and systems also expanded their attack surface.
By Alison Diana Contributing Writer, 5/21/2020
Comment0 comments  |  Read  |  Post a Comment
Web Application Attacks Double from 2019: Verizon DBIR
Kelly Sheridan, Staff Editor, Dark ReadingNews
Verizon's annual data breach report shows most attackers are external, money remains their top motivator, and web applications and unsecured cloud storage are hot targets.
By Kelly Sheridan Staff Editor, Dark Reading, 5/19/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Open Sources Its Coronavirus Threat Data
Dark Reading Staff, Quick Hits
Microsoft's COVID-19 intelligence will be made publicly available to help businesses fight virus-related security threats.
By Dark Reading Staff , 5/15/2020
Comment0 comments  |  Read  |  Post a Comment
As Businesses Rush to the Cloud, Security Teams Struggle to Keep Up
Kelly Sheridan, Staff Editor, Dark ReadingNews
Most organizations have a gap between current and planned cloud usage and the maturity of their cloud security programs.
By Kelly Sheridan Staff Editor, Dark Reading, 5/14/2020
Comment0 comments  |  Read  |  Post a Comment
8 Supply Chain Security Requirements
Curtis Franklin Jr., Senior Editor at Dark Reading
Complex supply chains have complex security requirements, but secure them you must. Here's where to start.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/14/2020
Comment1 Comment  |  Read  |  Post a Comment
Organizations Conduct App Penetration Tests More Frequently - and Broadly
Jai Vijayan, Contributing WriterNews
Compliance is no longer the primary motivator. AppSec is, Cobalt.io says.
By Jai Vijayan Contributing Writer, 5/13/2020
Comment0 comments  |  Read  |  Post a Comment
CyberArk Acquires Idaptive for Identity-as-a-Service Tech
Dark Reading Staff, Quick Hits
The $70 million deal is intended to help CyberArk strengthen its portfolio with secure and SaaS-based identity management.
By Dark Reading Staff , 5/13/2020
Comment0 comments  |  Read  |  Post a Comment
Microsoft Fixes 111 Vulnerabilities for Patch Tuesday
Kelly Sheridan, Staff Editor, Dark ReadingNews
This marks the third month in a row that Microsoft patched more than 100 bugs, of which 16 are classified as critical.
By Kelly Sheridan Staff Editor, Dark Reading, 5/12/2020
Comment0 comments  |  Read  |  Post a Comment
As Remote Work Becomes the Norm, Security Fight Moves to Cloud, Endpoints
Robert Lemos, Contributing WriterNews
A majority of firms expect to keep more employees working remotely post-pandemic, forcing businesses to undertake more comprehensive digital and cloud transformations.
By Robert Lemos Contributing Writer, 5/8/2020
Comment0 comments  |  Read  |  Post a Comment
Why DevSecOps Is Critical for Containers and Kubernetes
Kirsten Newcomer, Senior Principal Product Manager at Red Hat OpenShiftCommentary
DevSecOps is a big and sometimes difficult shift for organizations. The key to success? Take small steps.
By Kirsten Newcomer Senior Principal Product Manager at Red Hat OpenShift, 5/8/2020
Comment0 comments  |  Read  |  Post a Comment
Malicious Bots Infiltrate Online Food Delivery
Nicole Ferraro, Contributing WriterNews
With grocery delivery in higher demand than ever, new add-ons have emerged to secure slots for consumers, presenting a new pathway for bad bots to wreak havoc.
By Nicole Ferraro Contributing Writer, 5/7/2020
Comment0 comments  |  Read  |  Post a Comment
Breach Hits GoDaddy SSH Customers
Dark Reading Staff, Quick Hits
The October 2019 breach left some customer data open to hacking eyes.
By Dark Reading Staff , 5/5/2020
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/1/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10136
PUBLISHED: 2020-06-02
Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface and lead to spoofing, access cont...
CVE-2020-13757
PUBLISHED: 2020-06-01
Python-RSA 4.0 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing exces...
CVE-2020-13758
PUBLISHED: 2020-06-01
modules/security/classes/general.post_filter.php/post_filter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload.
CVE-2020-9291
PUBLISHED: 2020-06-01
An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevated privileges via exhausting the pool of temporary file names combined with a symbolic link attack.
CVE-2019-15709
PUBLISHED: 2020-06-01
An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.