Cloud

News & Commentary
GDPR Oddsmakers: Who, Where, When Will Enforcement Hit First?
Sara Peters, Senior Editor at Dark ReadingNews
The GDPR grace period ends today. Experts take their best guesses on when data protection authorities will strike - and what kind of organizations will be first to feel the sting of the EU privacy law.
By Sara Peters Senior Editor at Dark Reading, 5/25/2018
Comment0 comments  |  Read  |  Post a Comment
Privacy Group: Facebook, Google Policies Break GDPR Laws
Dark Reading Staff, News
Nonprofit 'None of Your Business' files complaints against Facebook, Google, WhatsApp, and Instagram.
By Dark Reading Staff , 5/25/2018
Comment0 comments  |  Read  |  Post a Comment
Most Expensive Data Breaches Start with Third Parties: Report
Kelly Sheridan, Staff Editor, Dark ReadingNews
Data breach costs increased 24% for enterprise victims and 36% for SMBs from 2017 to 2018, researchers found.
By Kelly Sheridan Staff Editor, Dark Reading, 5/24/2018
Comment0 comments  |  Read  |  Post a Comment
GDPR, WHOIS & the Impact on Merchant Risk Security Monitoring
Ron Teicher, CEO & Founder, EverCompliantCommentary
The EU's General Data Protection Regulation will make it harder for law enforcement, forensic investigators, and others to track down everything from credit card fraud to child porn rings.
By Ron Teicher CEO & Founder, EverCompliant, 5/24/2018
Comment0 comments  |  Read  |  Post a Comment
A Data Protection Officer's Guide to the Post-GDPR Deadline Reality
Jen Brown, Compliance and Data Protection Officer at Sumo LogicCommentary
The EU's General Data Protection Regulation deadline is here -- now what? These four tips can help guide your next steps.
By Jen Brown Compliance and Data Protection Officer at Sumo Logic, 5/24/2018
Comment0 comments  |  Read  |  Post a Comment
What Should Post-Quantum Cryptography Look Like?
Ericka Chickowski, Contributing Writer, Dark ReadingNews
Researchers are tackling the difficult problem of transitioning toward a new mode of cryptographic protections that won't break under the pressure of quantum computing power.
By Ericka Chickowski Contributing Writer, Dark Reading, 5/23/2018
Comment1 Comment  |  Read  |  Post a Comment
Windows 10 Adoption Grew 75%, Adobe Flash Plummeted 188% in 2017: Report
Kelly Sheridan, Staff Editor, Dark ReadingNews
Authentication data reveals an increase in Apple devices, poor mobile security, and the rapid disappearance of Flash from browsers.
By Kelly Sheridan Staff Editor, Dark Reading, 5/23/2018
Comment1 Comment  |  Read  |  Post a Comment
LA County Nonprofit Exposes 3.2M PII Files via Unsecured S3 Bucket
Dark Reading Staff, Quick Hits
A misconfiguration accidentally compromised credentials, email addresses, and 200,000 rows of notes describing abuse and suicidal distress.
By Dark Reading Staff , 5/23/2018
Comment1 Comment  |  Read  |  Post a Comment
US Senator to DOD CIO: 'Take Immediate Action' on HTTPS
Kelly Sheridan, Staff Editor, Dark ReadingNews
US Senator Ron Wyden pens a letter to the Department of Defense CIO, urging stronger security on public-facing government sites.
By Kelly Sheridan Staff Editor, Dark Reading, 5/22/2018
Comment0 comments  |  Read  |  Post a Comment
Pet Tracker Flaws Expose Pets and Their Owners to Cybercrime
Dark Reading Staff, Quick Hits
Hackers can exploit vulnerabilities in popular pet trackers to intercept location coordinates and access owners' personal data.
By Dark Reading Staff , 5/22/2018
Comment1 Comment  |  Read  |  Post a Comment
The State of Information Sharing 20 Years after the First White House Mandate
Paul Kurtz, CEO & Cofounder, TruSTAR TechnologyCommentary
Finally! Actionable guidance for ISACs and enterprises on what threat intel to share, how to share it, and which key technologies will automate redaction and protect privacy.
By Paul Kurtz CEO & Cofounder, TruSTAR Technology, 5/22/2018
Comment0 comments  |  Read  |  Post a Comment
North Korean Defectors Targeted with Malicious Apps on Google Play
Kelly Sheridan, Staff Editor, Dark ReadingNews
Sun Team hacking group is behind RedDawn, which steals victims' photos and data and passes them to threat actors.
By Kelly Sheridan Staff Editor, Dark Reading, 5/21/2018
Comment0 comments  |  Read  |  Post a Comment
Google to Delete 'Secure' Label from HTTPS Sites
Kelly Sheridan, Staff Editor, Dark ReadingQuick Hits
Google acknowledges HTTPS as the Internet standard with plans to remove secure from all HTTPS sites.
By Kelly Sheridan Staff Editor, Dark Reading, 5/21/2018
Comment1 Comment  |  Read  |  Post a Comment
Syrian Electronic Army Members Indicted for Conspiracy
Dark Reading Staff, Quick Hits
Two men have been charged for their involvement in a plot to commit computer hacking as members of the Syrian Electronic Army.
By Dark Reading Staff , 5/18/2018
Comment1 Comment  |  Read  |  Post a Comment
Cracking 2FA: How It's Done and How to Stay Safe
Kelly Sheridan, Staff Editor, Dark Reading
Two-factor authentication is a common best security practice but not ironclad. Here's how it can be bypassed, and how you can improve security.
By Kelly Sheridan Staff Editor, Dark Reading, 5/17/2018
Comment2 comments  |  Read  |  Post a Comment
7 Tools for Stronger IoT Security, Visibility
Curtis Franklin Jr., Senior Editor at Dark Reading
If you don't know what's on your IoT network, you don't know what to protect -- or protect from. These tools provide visibility into your network so you can be safe with (and from) what you see.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 5/16/2018
Comment0 comments  |  Read  |  Post a Comment
25% of Businesses Targeted with Cryptojacking in the Cloud
Kelly Sheridan, Staff Editor, Dark ReadingNews
New public cloud security report detects a spike in cryptojacking, mismanaged cloud storage, account takeover, and major patches getting overlooked.
By Kelly Sheridan Staff Editor, Dark Reading, 5/15/2018
Comment0 comments  |  Read  |  Post a Comment
Smashing Silos and Building Bridges in the IT-Infosec Divide
Kelly Sheridan, Staff Editor, Dark ReadingNews
A strong relationship between IT and security leads to strong defense, but it's not always easy getting the two to collaborate.
By Kelly Sheridan Staff Editor, Dark Reading, 5/14/2018
Comment0 comments  |  Read  |  Post a Comment
Email Security Tools Try to Keep Up with Threats
Kelly Sheridan, Staff Editor, Dark ReadingNews
Email has long been a prime vector for cyberattacks, and hackers are only getting sneakier. Can email platforms and security tools keep up?
By Kelly Sheridan Staff Editor, Dark Reading, 5/9/2018
Comment1 Comment  |  Read  |  Post a Comment
Calculating Cloud Cost: 8 Factors to Watch
Kelly Sheridan, Staff Editor, Dark Reading
If you're not careful and don't regularly assess the impact of your usage, moving to the cloud could have a negative impact on your bottom line.
By Kelly Sheridan Staff Editor, Dark Reading, 5/9/2018
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11471
PUBLISHED: 2018-05-25
Cockpit 0.5.5 has XSS via a collection, form, or region.
CVE-2018-11472
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php).
CVE-2018-11473
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).
CVE-2018-11474
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser.
CVE-2018-11475
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1/edit does not invalidate a session that is open in a different browser.