Zero-Day Attacks Major Concern in Hybrid Cloud
2/28/2018Hybrid cloud environments are particularly vulnerable to zero-day exploits, according to a new study.
Post a Comment
Author
Profile of Kelly Sheridan
Staff Editor, Dark Reading Member Since: 11/15/2013Author
News & Commentary Posts: 553
Comments: 4
Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial services. Sheridan earned her BA in English at Villanova University. You can follow her on Twitter @kellymsheridan.
Articles by Kelly Sheridan
posted in February 2018
posted in February 2018
Hybrid cloud environments are particularly vulnerable to zero-day exploits, according to a new study.
Post a Comment
SAML Flaw Lets Hackers Assume Users' Identities
2/27/2018Vulnerability affects single sign-on for SAML-reliant services including OneLogin, Duo Security, Clever, and OmniAuth.
Post a Comment
Adobe Flash Vulnerability Reappears in Malicious Word Files
2/26/2018CVE-2018-4878, a Flash zero-day patched earlier this month, has resurfaced in another campaign as attackers capitalize on the bug.
Post a Comment
93% of Cloud Applications Aren't Enterprise-Ready
2/23/2018The average business uses 1,181 cloud services, and most don't meet all recommended security requirements, Netskope says.
Post a Comment
10 Can't-Miss Talks at Black Hat Asia
2/23/2018With threats featuring everything from nation-states to sleep states, the sessions taking place from March 20-23 in Singapore are relevant to security experts around the world.
Post a Comment
The Mobile Threat: 4 out of 10 Businesses Report 'Significant' Risk
2/21/2018Organizations put efficiency and profit before security, leading to system downtime and data loss, according to inaugural research from Verizon.
Post a Comment
Facebook Aims to Make Security More Social
2/20/2018Facebook's massive user base creates an opportunity to educate billions on security.
Post a Comment
13 Russians Indicted for Massive Operation to Sway US Election
2/16/2018Russian nationals reportedly used stolen American identities and infrastructure to influence the 2016 election outcome.
Post a Comment
North Korea-Linked Cyberattacks Spread Out of Control: Report
2/15/2018New details on old cyberattacks originating from North Korea indicate several forms of malware unintentionally spread wider than authors intended.
Post a Comment
Windows 10 Critical Vulnerability Reports Grew 64% in 2017
2/14/2018The launch and growth of new operating systems is mirrored by an increase in reported vulnerabilities.
Post a Comment
AI and Machine Learning: Breaking Down Buzzwords
2/13/2018Security experts explain two of today's trendiest technologies to explain what they mean and where you need them.
Post a Comment
Lazarus Group Attacks Banks, Bitcoin Users in New Campaign
2/13/2018A new Lazarus Group cyberattack campaign combines spear-phishing techniques with a cryptocurrency scanner designed to scan for Bitcoin wallets.
Post a Comment
Cyberattack Aimed to Disrupt Opening of Winter Olympics
2/12/2018Researchers who identified malware targeting the 2018 Winter Olympics say the attackers had previously compromised the Games' infrastructure.
Post a Comment
Google Paid $2.9M for Vulnerabilities in 2017
2/9/2018The Google Vulnerability Reward Program issued a total of 1,230 rewards in 2017. The single largest payout was $112,500.
Post a Comment
Cyber Warranties: What to Know, What to Ask
2/9/2018The drivers and details behind the growth of cyber warranties, which more businesses are using to guarantee their products.
Post a Comment
8 Nation-State Hacking Groups to Watch in 2018
2/9/2018The aliases, geographies, famous attacks, and behaviors of some of the most prolific threat groups.
Post a Comment
New Zero-Day Ransomware Evades Microsoft, Google Cloud Malware Detection
2/7/2018Shurl0ckr, a form of Gojdue ransomware, was not detected on SharePoint or Google Drive.
Post a Comment
Security vs. Speed: The Risk of Rushing to the Cloud
2/6/2018Companies overlook critical security steps as they move to adopt the latest cloud applications and services.
Post a Comment
Microsoft Updates Payment, Criteria for Windows Bug Bounty
2/6/2018The Windows Insider Preview Bounty Program will award between $500 and $15,000 for eligible submissions.
Post a Comment
Over 12,000 Business Websites Leveraged for Cybercrime
2/5/2018Attackers exploit trust in popular websites to launch phishing campaigns and spread malware.
Post a Comment
Poor Visibility, Weak Passwords Compromise Active Directory
2/1/2018Security experts highlight the biggest problems they see putting Microsoft Active Directory at risk.
Post a Comment
White Papers
Video
10 Comments
Current Issue
5 Emerging Cyber Threats to Watch for in 2019Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-8360
PUBLISHED: 2019-02-16
PUBLISHED: 2019-02-16
PUBLISHED: 2019-02-16
PUBLISHED: 2019-02-16
PUBLISHED: 2019-02-16
From DHS/US-CERT's National Vulnerability Database CVE-2019-8360
PUBLISHED: 2019-02-16
Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find/assets/external/data_2.php cate parameter.
CVE-2019-8361PUBLISHED: 2019-02-16
PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar. This might, for example, be leveraged for HTML injection or URL redirection.
CVE-2019-8362PUBLISHED: 2019-02-16
DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg, .png, o...
CVE-2019-8363PUBLISHED: 2019-02-16
Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value.
CVE-2019-8358PUBLISHED: 2019-02-16
In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This