Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

News & Commentary
Researchers Find New Approach to Attacking Cloud Infrastructure
Kelly Sheridan, Staff Editor, Dark ReadingNews
Cloud APIs' accessibility over the Internet opens a new window for adversaries to gain highly privileged access to cloud assets.
By Kelly Sheridan Staff Editor, Dark Reading, 11/11/2019
Comment0 comments  |  Read  |  Post a Comment
OpenText to Buy Carbonite for $800M Cash in $1.42B Deal
Dark Reading Staff, Quick Hits
The acquisition was confirmed just six months after Carbonite bought Webroot.
By Dark Reading Staff , 11/11/2019
Comment0 comments  |  Read  |  Post a Comment
To Prove Cybersecurity's Worth, Create a Cyber Balance Sheet
Andrew Morrison, Principal, Cyber Risk Services, at DeloitteCommentary
How tying and measuring security investments to business impacts can elevate executives' understanding and commitment to cyber-risk reduction.
By Andrew Morrison Principal, Cyber Risk Services, at Deloitte, 11/7/2019
Comment0 comments  |  Read  |  Post a Comment
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQCommentary
There is no premium that will recover the millions of dollars your company spends on R&D if your intellectual property is hacked and stolen.
By Chris Kennedy CISO & VP Customer Success, AttackIQ, 11/7/2019
Comment3 comments  |  Read  |  Post a Comment
CrowdStrike Adds New Products & Web Store Apps
Dark Reading Staff, Quick Hits
Company introduces Falcon for AWS, Falcon Firewall Management, and third-party applications.
By Dark Reading Staff , 11/5/2019
Comment0 comments  |  Read  |  Post a Comment
Proofpoint Acquires ObserveIT to Bolster DLP Capabilities
Dark Reading Staff, Quick Hits
The $225 million acquisition will help Proofpoint expand its data loss prevention capabilities with email, CASB, and data at rest.
By Dark Reading Staff , 11/5/2019
Comment0 comments  |  Read  |  Post a Comment
Microsoft Tools Focus on Insider Risk, Data Protection at Ignite 2019
Kelly Sheridan, Staff Editor, Dark ReadingNews
New tools and updates aimed at addressing ongoing challenges with insider threats and sensitive data classification.
By Kelly Sheridan Staff Editor, Dark Reading, 11/4/2019
Comment1 Comment  |  Read  |  Post a Comment
Sumo Logic Buys JASK Labs to Tackle SOC Challenges
Dark Reading Staff, Quick Hits
Sumo Logic plans to integrate JASK's autonomous security operations center software into a new intelligence tool.
By Dark Reading Staff , 11/4/2019
Comment0 comments  |  Read  |  Post a Comment
To Secure Multicloud Environments, First Acknowledge You Have a Problem
Chris Schueler, Senior VP, Managed Security Services, TrustwaveCommentary
Multicloud environments change rapidly. Organizations need a security framework that is purpose-built for the cloud and that aligns with their digital transformation strategy.
By Chris Schueler Senior VP, Managed Security Services, Trustwave, 11/4/2019
Comment0 comments  |  Read  |  Post a Comment
Free & Discounted Security Services Now Available for US Election Orgs
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
Nonprofit Defending Digital Campaigns (DDC) offers security services for email, user education, mobile, and encrypted communications, to federal election committees.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 11/1/2019
Comment0 comments  |  Read  |  Post a Comment
8 Holiday Security Tips for Retailers
Steve Zurier, Contributing Writer
Here's how retailers can protect their businesses from attackers and scammers hoping to wreak havoc during the most wonderful time of the year.
By Steve Zurier Contributing Writer, 11/1/2019
Comment1 Comment  |  Read  |  Post a Comment
New Office 365 Phishing Scam Leaves A Voicemail
Dark Reading Staff, Quick Hits
A fake voice message lures victims to a fake Microsoft 365 login page that prompts them to enter credentials.
By Dark Reading Staff , 10/31/2019
Comment0 comments  |  Read  |  Post a Comment
Security Pros Fear Insider Attacks Stem from Cloud Apps
Dark Reading Staff, Quick Hits
More than half of security practitioners surveyed say insider attack detection has grown more difficult since migrating to cloud.
By Dark Reading Staff , 10/30/2019
Comment0 comments  |  Read  |  Post a Comment
Why Cloud-Native Applications Need Cloud-Native Security
Trevor Pott, Product Marketing Director at Juniper NetworksCommentary
Today's developers and the enterprises they work for must prioritize security in order to reap the speed and feature benefits these applications and new architectures provide.
By Trevor Pott Product Marketing Director at Juniper Networks, 10/29/2019
Comment0 comments  |  Read  |  Post a Comment
Google Cloud Adds New Security Management Tools to G Suite
Dark Reading Staff, Quick Hits
Desktop devices that log into G Suite will have device management enabled by default, streamlining processes for IT admins.
By Dark Reading Staff , 10/29/2019
Comment0 comments  |  Read  |  Post a Comment
40% of Security Pros Job Hunting as Satisfaction Drops
Kelly Sheridan, Staff Editor, Dark ReadingNews
Symptoms of job dissatisfaction creep into an industry already plagued with gaps in diversity and work-life balance.
By Kelly Sheridan Staff Editor, Dark Reading, 10/24/2019
Comment8 comments  |  Read  |  Post a Comment
Eight-Hour DDoS Attack Struck AWS Customers
Dark Reading Staff, Quick Hits
Google Cloud Platform suffered issues around the same time as Amazon Web Services but claims they were not caused by DDoS.
By Dark Reading Staff , 10/24/2019
Comment0 comments  |  Read  |  Post a Comment
NordVPN Breached Via Data Center Provider's Error
Dark Reading Staff, Quick Hits
The VPN company said that one of its 3,000 servers in a third-party data center was open to exploitation through a misconfigured management tool.
By Dark Reading Staff , 10/22/2019
Comment2 comments  |  Read  |  Post a Comment
Autoclerk Database Spills 179GB of Customer, US Government Data
Dark Reading Staff, Quick Hits
An open Elasticsearch database exposed hundreds of thousands of hotel booking reservations, compromising data from full names to room numbers.
By Dark Reading Staff , 10/22/2019
Comment0 comments  |  Read  |  Post a Comment
Researchers Turn Alexa and Google Home Into Credential Thieves
Dark Reading Staff, Quick Hits
Eight Amazon Alexa and Google Home apps were approved for official app stores even though their actual purposes were eavesdropping and phishing.
By Dark Reading Staff , 10/21/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by adamp672
Current Conversations Thanks for the Tips!
In reply to: Thanks
Post Your Own Reply
More Conversations
PR Newswire
The Cold Truth about Cyber Insurance
Chris Kennedy, CISO & VP Customer Success, AttackIQ,  11/7/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Black Hat Q&A: Hacking a '90s Sports Car
Black Hat Staff, ,  11/7/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprise
Assessing Cybersecurity Risk in Today's Enterprise
Security leaders are struggling to understand their organizations risk exposure. While many are confident in their security strategies and processes, theyre also more concerned than ever about getting breached. Download this report today and get insights on how today's enterprises assess and perceive the risks they face in 2019!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18862
PUBLISHED: 2019-11-11
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.
CVE-2019-18853
PUBLISHED: 2019-11-11
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
CVE-2019-18854
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to unlimited recursion for a '<use ... xlink:href="#identifier">' substring.
CVE-2019-18855
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for WordPress, related to potentially unwanted elements or attributes.
CVE-2019-18856
PUBLISHED: 2019-11-11
A Denial Of Service vulnerability exists in the SVG Sanitizer module through 8.x-1.0-alpha1 for Drupal because access to external resources with an SVG use element is mishandled.