Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Google's Origin & the Danger of Link Sharing
Newest First  |  Oldest First  |  Threaded View
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/29/2019 | 7:52:42 AM
Good questions
At that point, once a spider has scanned and indexed the files in the cloud share, the data owner has lost the ability to control access to it; in essence, all bets are off. So, the immediate questions security teams need to know are: What was lost? Who is affected? Who is responsible? How did it get lost? Can it be prevented from happening again? All good questions, as a security expert you would be expected to know the answers tough.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/29/2019 | 7:50:53 AM
Re: Frightening thought too
And also, if you are hunting, give hunting employers an entirely wrong impression of you particularly if you have MOVED as I have. Agree. Keep the information current to avoid unnecessary troubles.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/29/2019 | 7:48:54 AM
Near future
At some point in the near to distant future, the information in cloud activity logs could be automatically analyzed using artificial intelligence, machine learning, or other technologies to lessen the workload of security professionals. This makes sense. It is not practical otherwise.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/29/2019 | 7:47:14 AM
Re: Frightening thought too
How MUCH of your old information is OUT THERE? Good point. I would say more than we thought.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/29/2019 | 7:46:17 AM
AI for logs
It makes sense to analyze logs with AI/ML then letting a human to look at it as it could not possibly be efficient at all.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
5/23/2019 | 2:49:53 PM
Frightening thought too
How MUCH of your old information is OUT THERE?  I just reviewed my linked-in profile and I need to modify my personal bio very badly tonight.  OK, that is not vital stuff but tons of old resumes are probably on a dozen websites and from those one can learn all kinds of things.  And also, if you are hunting, give hunting employers an entirely wrong impression of you particularly if you have MOVED as I have.  (I still get job leads for 5 states away).  So consider the amount of old data you have set in place and considering changing, revision or deletion actions asap.


News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27941
PUBLISHED: 2021-05-06
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the...
CVE-2021-29203
PUBLISHED: 2021-05-06
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gai...
CVE-2021-31737
PUBLISHED: 2021-05-06
emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerability due to upload of database backup file in admin/data.php.
CVE-2020-28198
PUBLISHED: 2021-05-06
** UNSUPPORTED WHEN ASSIGNED ** The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerability can be exploited when it is used in "interactive" mode wh...
CVE-2021-28665
PUBLISHED: 2021-05-06
Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.