Zero-Day Attacks Major Concern in Hybrid Cloud
2/28/2018Hybrid cloud environments are particularly vulnerable to zero-day exploits, according to a new study.
Post a Comment
Author
Profile of Kelly Sheridan
Staff Editor, Dark Reading Member Since: 11/15/2013Author
News & Commentary Posts: 401
Comments: 4
Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial services. Sheridan earned her BA in English at Villanova University. You can follow her on Twitter @kellymsheridan.
Articles by Kelly Sheridan
posted in February 2018
posted in February 2018
Hybrid cloud environments are particularly vulnerable to zero-day exploits, according to a new study.
Post a Comment
SAML Flaw Lets Hackers Assume Users' Identities
2/27/2018Vulnerability affects single sign-on for SAML-reliant services including OneLogin, Duo Security, Clever, and OmniAuth.
Post a Comment
Adobe Flash Vulnerability Reappears in Malicious Word Files
2/26/2018CVE-2018-4878, a Flash zero-day patched earlier this month, has resurfaced in another campaign as attackers capitalize on the bug.
Post a Comment
93% of Cloud Applications Aren't Enterprise-Ready
2/23/2018The average business uses 1,181 cloud services, and most don't meet all recommended security requirements, Netskope says.
Post a Comment
10 Can't-Miss Talks at Black Hat Asia
2/23/2018With threats featuring everything from nation-states to sleep states, the sessions taking place from March 20-23 in Singapore are relevant to security experts around the world.
Post a Comment
The Mobile Threat: 4 out of 10 Businesses Report 'Significant' Risk
2/21/2018Organizations put efficiency and profit before security, leading to system downtime and data loss, according to inaugural research from Verizon.
Post a Comment
Facebook Aims to Make Security More Social
2/20/2018Facebook's massive user base creates an opportunity to educate billions on security.
Post a Comment
13 Russians Indicted for Massive Operation to Sway US Election
2/16/2018Russian nationals reportedly used stolen American identities and infrastructure to influence the 2016 election outcome.
Post a Comment
North Korea-Linked Cyberattacks Spread Out of Control: Report
2/15/2018New details on old cyberattacks originating from North Korea indicate several forms of malware unintentionally spread wider than authors intended.
Post a Comment
Windows 10 Critical Vulnerability Reports Grew 64% in 2017
2/14/2018The launch and growth of new operating systems is mirrored by an increase in reported vulnerabilities.
Post a Comment
AI and Machine Learning: Breaking Down Buzzwords
2/13/2018Security experts explain two of today's trendiest technologies to explain what they mean and where you need them.
Post a Comment
Lazarus Group Attacks Banks, Bitcoin Users in New Campaign
2/13/2018A new Lazarus Group cyberattack campaign combines spear-phishing techniques with a cryptocurrency scanner designed to scan for Bitcoin wallets.
Post a Comment
Cyberattack Aimed to Disrupt Opening of Winter Olympics
2/12/2018Researchers who identified malware targeting the 2018 Winter Olympics say the attackers had previously compromised the Games' infrastructure.
Post a Comment
Google Paid $2.9M for Vulnerabilities in 2017
2/9/2018The Google Vulnerability Reward Program issued a total of 1,230 rewards in 2017. The single largest payout was $112,500.
Post a Comment
Cyber Warranties: What to Know, What to Ask
2/9/2018The drivers and details behind the growth of cyber warranties, which more businesses are using to guarantee their products.
Post a Comment
8 Nation-State Hacking Groups to Watch in 2018
2/9/2018The aliases, geographies, famous attacks, and behaviors of some of the most prolific threat groups.
Post a Comment
New Zero-Day Ransomware Evades Microsoft, Google Cloud Malware Detection
2/7/2018Shurl0ckr, a form of Gojdue ransomware, was not detected on SharePoint or Google Drive.
Post a Comment
Security vs. Speed: The Risk of Rushing to the Cloud
2/6/2018Companies overlook critical security steps as they move to adopt the latest cloud applications and services.
Post a Comment
Microsoft Updates Payment, Criteria for Windows Bug Bounty
2/6/2018The Windows Insider Preview Bounty Program will award between $500 and $15,000 for eligible submissions.
Post a Comment
Over 12,000 Business Websites Leveraged for Cybercrime
2/5/2018Attackers exploit trust in popular websites to launch phishing campaigns and spread malware.
Post a Comment
Poor Visibility, Weak Passwords Compromise Active Directory
2/1/2018Security experts highlight the biggest problems they see putting Microsoft Active Directory at risk.
Post a Comment
White Papers
Video
0 Comments
Current Issue
Flash Poll
The State of IT and Cybersecurity
IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-0363
PUBLISHED: 2018-06-21
PUBLISHED: 2018-06-21
PUBLISHED: 2018-06-21
PUBLISHED: 2018-06-21
PUBLISHED: 2018-06-21
From DHS/US-CERT's National Vulnerability Database CVE-2018-0363
PUBLISHED: 2018-06-21
A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulne...
CVE-2018-0364PUBLISHED: 2018-06-21
A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSR...
CVE-2018-0365PUBLISHED: 2018-06-21
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protecti...
CVE-2018-0371PUBLISHED: 2018-06-21
A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of incoming HTTP requests. An attacker could exploit this vulnerability by sending a craf...
CVE-2018-0373PUBLISHED: 2018-06-21
A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyConnect Secure Mobility Client for Windows Desktop could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to improper ...
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This