Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

News & Commentary
Researchers Discover New Obfuscation-As-a-Service Platform
Ericka Chickowski, Contributing WriterNews
Researchers detail how a Android APK obfuscation service automates detection evasion for highly malicious apps.
By Ericka Chickowski Contributing Writer, 12/3/2020
Comment0 comments  |  Read  |  Post a Comment
Common Container Manager Is Vulnerable to Dangerous Exploit
Dark Reading Staff, Quick Hits
Container manager vulnerability is one of several weaknesses and vulnerabilities recently disclosed for Docker.
By Dark Reading Staff , 12/3/2020
Comment0 comments  |  Read  |  Post a Comment
Cloud Security Threats for 2021
Or Azarzar, CTO & Co-Founder of LightspinCommentary
Most of these issues can be remediated, but many users and administrators don't find out about them until it's too late.
By Or Azarzar CTO & Co-Founder of Lightspin, 12/3/2020
Comment0 comments  |  Read  |  Post a Comment
Open Source Flaws Take Years to Find But Just a Month to Fix
Robert Lemos, Contributing WriterNews
Companies need to embrace automation and dependency tracking to keep software secure, GitHub says in its annual security report.
By Robert Lemos Contributing Writer, 12/2/2020
Comment0 comments  |  Read  |  Post a Comment
Security Slipup Exposes Health Records & Lab Results
Dark Reading Staff, Quick Hits
NTreatment failed to add password protection to a cloud server, exposing thousands of sensitive medical records online.
By Dark Reading Staff , 12/2/2020
Comment1 Comment  |  Read  |  Post a Comment
Call Fraud Operator Ordered to Pay $9M to Victims
Dark Reading Staff, Quick Hits
Indian national will serve 20 years in prison for running a large call center fraud operation.
By Dark Reading Staff , 12/1/2020
Comment0 comments  |  Read  |  Post a Comment
Do You Know Who's Lurking in Your Cloud Environment?
Kelly Sheridan, Staff Editor, Dark ReadingNews
A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform.
By Kelly Sheridan Staff Editor, Dark Reading, 11/25/2020
Comment0 comments  |  Read  |  Post a Comment
Prevention Is Better Than the Cure When Securing Cloud-Native Deployments
Liz Rice, VP Open Source Engineering, Aqua SecurityCommentary
The "OODA loop" shows us how to secure cloud-native deployments and prevent breaches before they occur.
By Liz Rice VP Open Source Engineering, Aqua Security, 11/25/2020
Comment0 comments  |  Read  |  Post a Comment
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark ReadingNews
The startup, founded by former white-hat hackers, has secured a $4 million seed round to close security gaps in cloud environments.
By Kelly Sheridan Staff Editor, Dark Reading, 11/24/2020
Comment0 comments  |  Read  |  Post a Comment
How Retailers Can Fight Fraud and Abuse This Holiday Season
Sunil Potti, General Manager and Vice President, Google Cloud SecurityCommentary
Online shopping will be more popular than ever with consumers... and with malicious actors too.
By Sunil Potti General Manager and Vice President, Google Cloud Security, 11/23/2020
Comment0 comments  |  Read  |  Post a Comment
10 Undergraduate Security Degree Programs to Explore
Kelly Sheridan, Staff Editor, Dark Reading
Colleges and universities are ramping up cybersecurity education with a wider range of degree programs and more resources for students to build their infosec careers.
By Kelly Sheridan Staff Editor, Dark Reading, 11/23/2020
Comment0 comments  |  Read  |  Post a Comment
Telos Goes Public
Jai Vijayan, Contributing WriterNews
Nearly a month after McAfee made its second appearance on the public market, the Virginia-based provider of security services to government and commercial organizations makes its own debut.
By Jai Vijayan Contributing Writer, 11/19/2020
Comment0 comments  |  Read  |  Post a Comment
As Businesses Move to Multicloud Approach, Ransomware Follows
Robert Lemos, Contributing WriterNews
The average US company uses 16 cloud services, but only a third of IT professional believe their security measures have kept up with the change.
By Robert Lemos Contributing Writer, 11/18/2020
Comment0 comments  |  Read  |  Post a Comment
Nearly Two Dozen AWS APIs Are Vulnerable to Abuse
Jai Vijayan, Contributing WriterNews
Attackers can conduct identity reconnaissance against an organization at leisure without being detected, Palo Alto Networks says.
By Jai Vijayan Contributing Writer, 11/17/2020
Comment1 Comment  |  Read  |  Post a Comment
Twitter Taps Mudge
Dark Reading Staff, Quick Hits
Noted security researcher Peiter Zatko joins the social network as head of security.
By Dark Reading Staff , 11/16/2020
Comment0 comments  |  Read  |  Post a Comment
Security Hiring Plans Remain Constant Despite Pandemic
Kelly Sheridan, Staff Editor, Dark ReadingNews
Although we saw workforce gains this year, 56% of businesses surveyed report staff shortages are putting their organization at risk.
By Kelly Sheridan Staff Editor, Dark Reading, 11/11/2020
Comment0 comments  |  Read  |  Post a Comment
Cloud Usage, Biometrics Surge As Remote Work Grows Permanent
Kelly Sheridan, Staff Editor, Dark ReadingNews
A new report reveals organizations are increasing their adoption of biometric authentication and disallowing SMS as a login method.
By Kelly Sheridan Staff Editor, Dark Reading, 11/10/2020
Comment0 comments  |  Read  |  Post a Comment
Overlooked Security Risks of the M&A Rebound
Bill Ruckelshaus, CFO, ExtraHopCommentary
Successful technology integration, post-merger, is tricky in any market, and never more so than with today's remote work environments and distributed IT infrastructure.
By Bill Ruckelshaus CFO, ExtraHop, 11/10/2020
Comment0 comments  |  Read  |  Post a Comment
Hotels.com & Expedia Provider Exposes Millions of Guests' Data
Dark Reading Staff, Quick Hits
Hotel reservation platform Prestige Software compromised personal data belonging to millions of travelers through a misconfigured AWS S3 bucket.
By Dark Reading Staff , 11/9/2020
Comment0 comments  |  Read  |  Post a Comment
How COVID-19 Changed the VC Investment Landscape for Cybersecurity Companies
Salvatore Minetti, CEO, Fountech.VenturesCommentary
What trends can startups and investors expect to see going forward?
By Salvatore Minetti CEO, Fountech.Ventures, 11/6/2020
Comment1 Comment  |  Read  |  Post a Comment
More Stories
Current Conversations
Posted by JohnHammond
Current Conversations Nice article!
In reply to: Great!
Post Your Own Reply
More Conversations
PR Newswire
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-29565
PUBLISHED: 2020-12-04
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the...
CVE-2020-5675
PUBLISHED: 2020-12-04
Out-of-bounds read issue in GT21 model of GOT2000 series (GT2107-WTBD all versions, GT2107-WTSD all versions, GT2104-RTBD all versions, GT2104-PMBD all versions, and GT2103-PMBD all versions), GS21 model of GOT series (GS2110-WTBD all versions and GS2107-WTBD all versions), and Tension Controller LE...
CVE-2020-29562
PUBLISHED: 2020-12-04
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
CVE-2020-28916
PUBLISHED: 2020-12-04
hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.
CVE-2020-29561
PUBLISHED: 2020-12-04
An issue was discovered in SonicBOOM riscv-boom 3.0.0. For LR, it does not avoid acquiring a reservation in the case where a load translates successfully but still generates an exception.