Cloud

News & Commentary
7 Ways A Collaboration System Could Wreck Your IT Security
Curtis Franklin Jr., Senior Editor at Dark Reading
The same traits that make collaboration systems so useful for team communications can help hackers, too.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/18/2018
Comment0 comments  |  Read  |  Post a Comment
Oracle Issues Massive Collection of Critical Security Updates
Dark Reading Staff, Quick Hits
The software updates from Oracle address a record number of vulnerabilities.
By Dark Reading Staff , 10/17/2018
Comment0 comments  |  Read  |  Post a Comment
(ISC) : Global Cybersecurity Workforce Short 3 Million People
Kelly Sheridan, Staff Editor, Dark ReadingNews
With the skills gap still wide, security leaders explain the challenges of hiring and retaining security experts.
By Kelly Sheridan Staff Editor, Dark Reading, 10/17/2018
Comment0 comments  |  Read  |  Post a Comment
Startup Spun Out of Securosis Secures $2.5 Million Seed Investment
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
DistruptOps officially rolls out its SaaS for automating control of cloud operations and security.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/17/2018
Comment0 comments  |  Read  |  Post a Comment
The Three Dimensions of the Threat Intelligence Scale Problem
Todd Weller, Chief Strategy Officer at Bandura CyberCommentary
To succeed, organizations must be empowered to reduce their attack surface and staff overload so they can get more out of their existing firewall and threat intelligence investments.
By Todd Weller Chief Strategy Officer at Bandura Cyber, 10/17/2018
Comment0 comments  |  Read  |  Post a Comment
A Cybersecurity Weak Link: Linux and IoT
Migo Kedem, Senior Director of Products and Marketing at SentinelOneCommentary
Linux powers many of the IoT devices on which we've come to rely -- something that enterprises must address.
By Migo Kedem Senior Director of Products and Marketing at SentinelOne, 10/16/2018
Comment0 comments  |  Read  |  Post a Comment
Rapid7 Acquires tCell
Dark Reading Staff, Quick Hits
The purchase brings together a cloud security platform with a web application firewall.
By Dark Reading Staff , 10/16/2018
Comment0 comments  |  Read  |  Post a Comment
6 Reasons Why Employees Violate Security Policies
Ericka Chickowski, Contributing Writer, Dark Reading
Get into their heads to find out why they're flouting your corporate cybersecurity rules.
By Ericka Chickowski Contributing Writer, Dark Reading, 10/16/2018
Comment1 Comment  |  Read  |  Post a Comment
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
Speaking at the Gartner Symposium/ITxpo, analyst Peter Firstbrook's list of trends is likely to inform executive committee conversations for the next 12 months.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/15/2018
Comment2 comments  |  Read  |  Post a Comment
Millions of Voter Records Found for Sale on the Dark Web
Dark Reading Staff, Quick Hits
Voter registration databases from 19 US states are being hawked in an underground hacking forum, researchers say.
By Dark Reading Staff , 10/15/2018
Comment0 comments  |  Read  |  Post a Comment
Facebook Update: 30 Million Users Actually Hit in its Recent Breach
Kelly Jackson Higgins, Executive Editor at Dark ReadingNews
The good news: That number is less than the original estimate of 50 million. The bad news: It might not have been the only attack.
By Kelly Jackson Higgins Executive Editor at Dark Reading, 10/12/2018
Comment0 comments  |  Read  |  Post a Comment
Window Snyder Shares Her Plans for Intel Security
Kelly Sheridan, Staff Editor, Dark ReadingNews
The security leader, known for her role in securing Microsoft, Apple, and Mozilla, discusses her new gig and what she's working on now.
By Kelly Sheridan Staff Editor, Dark Reading, 10/11/2018
Comment0 comments  |  Read  |  Post a Comment
Google Adds New Identity, Security Tools to Cloud Platform
Kelly Sheridan, Staff Editor, Dark ReadingNews
A wave of cloud news includes new tools for identity and access management and policies for stronger controls on cloud resources.
By Kelly Sheridan Staff Editor, Dark Reading, 10/11/2018
Comment0 comments  |  Read  |  Post a Comment
Imperva to Be Acquired by Thoma Bravo for $2.1 Billion
Dark Reading Staff, Quick Hits
But two law firms are investigating whether the security vendor breached its fiduciary duty to shareholders by not actively seeking buyers offering a higher price.
By Dark Reading Staff , 10/10/2018
Comment0 comments  |  Read  |  Post a Comment
Google+ Vulnerability Hits Service, Leads to Shutdown
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
In response to the breach, Google is changing policies, modifying APIs, and shutting down Google+.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 10/9/2018
Comment0 comments  |  Read  |  Post a Comment
Git Gets Patched for Newly Found Flaw
Dark Reading Staff, Quick Hits
A vulnerability in Git could allow an attacker to place malicious, auto-executing code in a sub-module.
By Dark Reading Staff , 10/9/2018
Comment0 comments  |  Read  |  Post a Comment
Microsoft Fixes Privilege Escalation 0Day Under Active Attack
Kelly Sheridan, Staff Editor, Dark ReadingNews
This month's Patch Tuesday includes 49 patches, two of which are ranked Critical, and two security advisories.
By Kelly Sheridan Staff Editor, Dark Reading, 10/9/2018
Comment0 comments  |  Read  |  Post a Comment
New Domains: A Wide-Open Playing Field for Cybercrime
Ben April, CTO, Farsight SecurityCommentary
As bad actors increasingly exploit new domains for financial gain and other nefarious purposes, security teams need to employ policies and practices to neutralize the threat in real time. Here's why and how.
By Ben April CTO, Farsight Security, 10/9/2018
Comment1 Comment  |  Read  |  Post a Comment
12 AppSec Activities Enterprises Can't Afford to Skip
Ericka Chickowski, Contributing Writer, Dark Reading
The latest Building Security in Maturity Model (BSIMM9) report offers a statistically backed, bare-minimum benchmark for software security initiatives.
By Ericka Chickowski Contributing Writer, Dark Reading, 10/5/2018
Comment1 Comment  |  Read  |  Post a Comment
Who Do You Trust? Parsing the Issues of Privacy, Transparency & Control
Richard Ford, Chief Scientist, ForcepointCommentary
Technology such as Apple's device trust score that decides "you" is not you is a good thing. But only if it works well.
By Richard Ford Chief Scientist, Forcepoint, 10/5/2018
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by dieumoayahoo
Current Conversations the post is good, right?
In reply to: Re: Thanks!
Post Your Own Reply
More Conversations
PR Newswire
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
6 Reasons Why Employees Violate Security Policies
Ericka Chickowski, Contributing Writer, Dark Reading,  10/16/2018
Getting Up to Speed with "Always-On SSL"
Tim Callan, Senior Fellow, Comodo CA,  10/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: Too funny!
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.