Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

News & Commentary
10 Notable Security Acquisitions of 2019 (So Far)
Kelly Sheridan, Staff Editor, Dark Reading
In a year when security companies have been snapped up left and right, these deals stand out from the chaos.
By Kelly Sheridan Staff Editor, Dark Reading, 6/15/2019
Comment0 comments  |  Read  |  Post a Comment
Google Adds Two-Factor Authentication For Its Apps on iOS
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Android-based two-factor authentication now works for Google applications on iPad and iPhone.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/13/2019
Comment0 comments  |  Read  |  Post a Comment
CrowdStrike Prices IPO Above Range at $34
Kelly Sheridan, Staff Editor, Dark ReadingNews
The endpoint security firm raised $612 million ahead of today's public debut.
By Kelly Sheridan Staff Editor, Dark Reading, 6/12/2019
Comment0 comments  |  Read  |  Post a Comment
What 3 Powerful GoT Women Teach Us about Cybersecurity
Orion Cassetto, Senior Product Maester, ExabeamCommentary
Imagine Game of Thrones' Daenerys Targaryen, Arya Stark, and Cersei Lannister on the front lines in the real-world battleground of enterprise security.
By Orion Cassetto Senior Product Maester, Exabeam, 6/11/2019
Comment0 comments  |  Read  |  Post a Comment
Getting Up to Speed on Magecart
Casey Quinn, Associate, Newmeyer & DillionCommentary
Greater awareness of how Magecart works will give your company a leg up on the growing threat from this online credit card skimmer. Here are four places to start.
By Casey Quinn Associate, Newmeyer & Dillion, 6/11/2019
Comment0 comments  |  Read  |  Post a Comment
End User Lockdown: Dark Reading Caption Contest Winners
Marilyn Cohodas, Managing Editor, Dark ReadingCommentary
Phishing, cybersecurity training, biometrics and casual Fridays. And the winners are ...
By Marilyn Cohodas Managing Editor, Dark Reading, 6/7/2019
Comment2 comments  |  Read  |  Post a Comment
The Minefield of Corporate Email
Kelly Sheridan, Staff Editor, Dark ReadingNews
Email security challenges CISOs as cybercriminals target corporate inboxes with malware, phishing attempts, and various forms of fraud.
By Kelly Sheridan Staff Editor, Dark Reading, 6/7/2019
Comment3 comments  |  Read  |  Post a Comment
How Today's Cybercriminals Sneak into Your Inbox
Kelly Sheridan, Staff Editor, Dark ReadingNews
The tactics and techniques most commonly used to slip past security defenses and catch employees off guard.
By Kelly Sheridan Staff Editor, Dark Reading, 6/4/2019
Comment2 comments  |  Read  |  Post a Comment
Why FedRAMP Matters to Non-Federal Organizations
Daniel P. Kent, Director, Public Sector Engineering & CTO, Cisco SystemsCommentary
Commercial companies should explore how FedRAMP can help mitigate risk as they move to the cloud.
By Daniel P. Kent Director, Public Sector Engineering & CTO, Cisco Systems, 6/4/2019
Comment0 comments  |  Read  |  Post a Comment
7 Container Components That Increase a Network's Security
Curtis Franklin Jr., Senior Editor at Dark Reading
A proof of concept at Interop19 showed just how simple a container deployment can be.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/4/2019
Comment0 comments  |  Read  |  Post a Comment
Imperva Snaps Up Distil Networks for API, App Security
Dark Reading Staff, Quick Hits
Distil Networks' technology will be integrated into Imperva's security stack following the acquisition.
By Dark Reading Staff , 6/4/2019
Comment0 comments  |  Read  |  Post a Comment
GDPRs First-Year Impact By the Numbers
Ericka Chickowski, Contributing Writer
The latest statistics on GDPR spending, compliance rates, enforcement and consumer attitudes on privacy protection.
By Ericka Chickowski Contributing Writer, 5/31/2019
Comment1 Comment  |  Read  |  Post a Comment
Vulnerability Leaves Container Images Without Passwords
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A old vulnerability in Alpine Linux containers has spread and propagated to as much as 20% of the containers on the Docker Store.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/30/2019
Comment1 Comment  |  Read  |  Post a Comment
2.3B Files Currently Exposed via Online Storage
Kelly Sheridan, Staff Editor, Dark ReadingNews
Digital Shadows researchers scanned various online file-sharing services and concluded the number of exposed files is up 50% from March of 2018.
By Kelly Sheridan Staff Editor, Dark Reading, 5/30/2019
Comment0 comments  |  Read  |  Post a Comment
Palo Alto Networks Confirms PureSec Acquisition
Dark Reading Staff, Quick Hits
The company also agreed to buy container security company Twistlock as it develops its cloud security suite.
By Dark Reading Staff , 5/30/2019
Comment1 Comment  |  Read  |  Post a Comment
Docker Vulnerability Opens Servers to Container Code
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Under very specific conditions, code running in a Docker container could access files anywhere on a server, according to a new CVE.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/29/2019
Comment0 comments  |  Read  |  Post a Comment
Palo Alto Networks Said to Buy Twistlock
Dark Reading Staff, Quick Hits
Reports in Israel-based business publications say Palo Alto Networks has reached a deal to purchase the container security startup, as well as another Israeli security startup.
By Dark Reading Staff , 5/29/2019
Comment1 Comment  |  Read  |  Post a Comment
Keys for Working with Modern MSSPs
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
How to determine what an MSSP can do for your organization, and the questions to ask before signing a contract.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/28/2019
Comment0 comments  |  Read  |  Post a Comment
8 Ways to Authenticate Without Passwords
Steve Zurier, Contributing Writer
Passwordless authentication has a shot at becoming more ubiquitous in the next few years. We take a look at where things stand at the moment.
By Steve Zurier Contributing Writer, 5/28/2019
Comment2 comments  |  Read  |  Post a Comment
'Cattle, Not Pets' & the Rise of Security-as-Code
Andrew Williams, Director of Program Development, CoalfireCommentary
Nearly a decade in, the famous analogy has underpinned a sea change in enterprise IT, but still falls short of the security mark. More recent developments can help.
By Andrew Williams Director of Program Development, Coalfire, 5/28/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
Cognitive Bias Can Hamper Security Decisions
Kelly Sheridan, Staff Editor, Dark Reading,  6/10/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7472
PUBLISHED: 2019-06-15
The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.
CVE-2019-12839
PUBLISHED: 2019-06-15
In OrangeHRM 4.3.1 and before, there is an input validation error within admin/listMailConfiguration (txtSendmailPath parameter) that allows authenticated attackers to achieve arbitrary command execution.
CVE-2019-12840
PUBLISHED: 2019-06-15
In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
CVE-2019-12835
PUBLISHED: 2019-06-15
formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds write in xml_memory_writer::write via characters that require escaping.
CVE-2019-12830
PUBLISHED: 2019-06-15
In MyBB before 1.8.21, an attacker can exploit a parsing flaw in the Private Message / Post renderer that leads to [video] BBCode persistent XSS to take over any forum account, aka a nested video MyCode issue.