Zero-Day Attacks Major Concern in Hybrid Cloud
2/28/2018Hybrid cloud environments are particularly vulnerable to zero-day exploits, according to a new study.
Post a Comment
Author
Profile of Kelly Sheridan
Staff Editor, Dark Reading Member Since: 11/15/2013Author
News & Commentary Posts: 520
Comments: 4
Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial services. Sheridan earned her BA in English at Villanova University. You can follow her on Twitter @kellymsheridan.
Articles by Kelly Sheridan
posted in February 2018
posted in February 2018
Hybrid cloud environments are particularly vulnerable to zero-day exploits, according to a new study.
Post a Comment
SAML Flaw Lets Hackers Assume Users' Identities
2/27/2018Vulnerability affects single sign-on for SAML-reliant services including OneLogin, Duo Security, Clever, and OmniAuth.
Post a Comment
Adobe Flash Vulnerability Reappears in Malicious Word Files
2/26/2018CVE-2018-4878, a Flash zero-day patched earlier this month, has resurfaced in another campaign as attackers capitalize on the bug.
Post a Comment
93% of Cloud Applications Aren't Enterprise-Ready
2/23/2018The average business uses 1,181 cloud services, and most don't meet all recommended security requirements, Netskope says.
Post a Comment
10 Can't-Miss Talks at Black Hat Asia
2/23/2018With threats featuring everything from nation-states to sleep states, the sessions taking place from March 20-23 in Singapore are relevant to security experts around the world.
Post a Comment
The Mobile Threat: 4 out of 10 Businesses Report 'Significant' Risk
2/21/2018Organizations put efficiency and profit before security, leading to system downtime and data loss, according to inaugural research from Verizon.
Post a Comment
Facebook Aims to Make Security More Social
2/20/2018Facebook's massive user base creates an opportunity to educate billions on security.
Post a Comment
13 Russians Indicted for Massive Operation to Sway US Election
2/16/2018Russian nationals reportedly used stolen American identities and infrastructure to influence the 2016 election outcome.
Post a Comment
North Korea-Linked Cyberattacks Spread Out of Control: Report
2/15/2018New details on old cyberattacks originating from North Korea indicate several forms of malware unintentionally spread wider than authors intended.
Post a Comment
Windows 10 Critical Vulnerability Reports Grew 64% in 2017
2/14/2018The launch and growth of new operating systems is mirrored by an increase in reported vulnerabilities.
Post a Comment
AI and Machine Learning: Breaking Down Buzzwords
2/13/2018Security experts explain two of today's trendiest technologies to explain what they mean and where you need them.
Post a Comment
Lazarus Group Attacks Banks, Bitcoin Users in New Campaign
2/13/2018A new Lazarus Group cyberattack campaign combines spear-phishing techniques with a cryptocurrency scanner designed to scan for Bitcoin wallets.
Post a Comment
Cyberattack Aimed to Disrupt Opening of Winter Olympics
2/12/2018Researchers who identified malware targeting the 2018 Winter Olympics say the attackers had previously compromised the Games' infrastructure.
Post a Comment
Google Paid $2.9M for Vulnerabilities in 2017
2/9/2018The Google Vulnerability Reward Program issued a total of 1,230 rewards in 2017. The single largest payout was $112,500.
Post a Comment
Cyber Warranties: What to Know, What to Ask
2/9/2018The drivers and details behind the growth of cyber warranties, which more businesses are using to guarantee their products.
Post a Comment
8 Nation-State Hacking Groups to Watch in 2018
2/9/2018The aliases, geographies, famous attacks, and behaviors of some of the most prolific threat groups.
Post a Comment
New Zero-Day Ransomware Evades Microsoft, Google Cloud Malware Detection
2/7/2018Shurl0ckr, a form of Gojdue ransomware, was not detected on SharePoint or Google Drive.
Post a Comment
Security vs. Speed: The Risk of Rushing to the Cloud
2/6/2018Companies overlook critical security steps as they move to adopt the latest cloud applications and services.
Post a Comment
Microsoft Updates Payment, Criteria for Windows Bug Bounty
2/6/2018The Windows Insider Preview Bounty Program will award between $500 and $15,000 for eligible submissions.
Post a Comment
Over 12,000 Business Websites Leveraged for Cybercrime
2/5/2018Attackers exploit trust in popular websites to launch phishing campaigns and spread malware.
Post a Comment
Poor Visibility, Weak Passwords Compromise Active Directory
2/1/2018Security experts highlight the biggest problems they see putting Microsoft Active Directory at risk.
Post a Comment
White Papers
Video
4 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Since we installed the new security system we have not lost a single security camera.
Latest Comment: Since we installed the new security system we have not lost a single security camera.
Current Issue
10 Best Practices That Could Reshape Your IT Security DepartmentThis Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
How Enterprises Are Using IT Threat Intelligence
Large organizations are harnessing data about cyberattackers and their exploits to improve the safety of their critical data. Find out what they're doing.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-6705
PUBLISHED: 2018-12-12
PUBLISHED: 2018-12-12
PUBLISHED: 2018-12-12
PUBLISHED: 2018-12-12
PUBLISHED: 2018-12-12
From DHS/US-CERT's National Vulnerability Database CVE-2018-6705
PUBLISHED: 2018-12-12
Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.
CVE-2018-15717PUBLISHED: 2018-12-12
Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes.
CVE-2018-15718PUBLISHED: 2018-12-12
Open Dental before version 18.4 transmits the entire user database over the network when a remote unathenticated user accesses the command prompt. This allows the attacker to gain access to usernames, password hashes, privilege levels, and more.
CVE-2018-15719PUBLISHED: 2018-12-12
Open Dental before version 18.4 installs a mysql database and uses the default credentials of "root" with a blank password. This allows anyone on the network with access to the server to access all database information.
CVE-2018-6704PUBLISHED: 2018-12-12
Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This