Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

News & Commentary
Secure Laptops & the Enterprise of the Future
Arun Subbarao, Vice President of Engineering, Lynx Software TechnologiesCommentary
The enterprise of the future will depend upon organizations' ability to extend the company firewall to everywhere people are working.
By Arun Subbarao Vice President of Engineering, Lynx Software Technologies, 3/4/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Ignite Brings Security & Compliance Updates
Kelly Sheridan, Staff Editor, Dark ReadingNews
Microsoft announces support for data loss prevention in Google Chrome, co-authoring of protected files, and more at Ignite 2021.
By Kelly Sheridan Staff Editor, Dark Reading, 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
Google Partners With Insurers to Create Risk Protection Program
Dark Reading Staff, Quick Hits
Google Cloud, Allianz, and Munich Re teamed up to build a program that aims to reduce risk and potentially cut costs for customers.
By Dark Reading Staff , 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
Why Cloud Security Risks Have Shifted to Identities and Entitlements
Shai Morag, CEO of ErmeticCommentary
Traditional security tools focus on the network perimeter, leaving user and service accounts vulnerable to hackers.
By Shai Morag CEO of Ermetic, 3/2/2021
Comment0 comments  |  Read  |  Post a Comment
Inside Strata's Plans to Solve the Cloud Identity Puzzle
Kelly Sheridan, Staff Editor, Dark ReadingNews
Strata Identity was founded to change businesses' approach to identity management as multicloud environments become the norm.
By Kelly Sheridan Staff Editor, Dark Reading, 2/25/2021
Comment0 comments  |  Read  |  Post a Comment
61% of Malware Delivered via Cloud Apps: Report
Dark Reading Staff, Quick Hits
Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year.
By Dark Reading Staff , 2/24/2021
Comment0 comments  |  Read  |  Post a Comment
Researcher Reports Vulnerability in Apple iCloud Domain
Dark Reading Staff, Quick Hits
A stored cross-site scripting vulnerability in the iCloud website reportedly earned a security researcher $5,000.
By Dark Reading Staff , 2/22/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Azure Front Door Gets a Security Upgrade
Kelly Sheridan, Staff Editor, Dark ReadingNews
New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.
By Kelly Sheridan Staff Editor, Dark Reading, 2/18/2021
Comment0 comments  |  Read  |  Post a Comment
Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy
Pieter Danhieux, CEO, Chairman, & Co-Founder, Secure Code WarriorCommentary
Multilayered infiltration involved custom malicious tooling, backdoors, and cloaked code, far beyond the skills of script kiddies.
By Pieter Danhieux CEO, Chairman, & Co-Founder, Secure Code Warrior, 2/18/2021
Comment0 comments  |  Read  |  Post a Comment
Strata Identity Raises $11M in Series A Round
Dark Reading Staff, Quick Hits
The series A round of funding, led by Menlo Ventures, will help Strata scale its distributed identity technology.
By Dark Reading Staff , 2/16/2021
Comment0 comments  |  Read  |  Post a Comment
Palo Alto Networks Plans to Acquire Cloud Security Firm
Dark Reading Staff, Quick Hits
Most of Fortune 100 firms have used Bridgecrew's service in their application development processes.
By Dark Reading Staff , 2/16/2021
Comment0 comments  |  Read  |  Post a Comment
How to Submit a Column to Dark Reading
Dark Reading Staff, Commentary
Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.
By Dark Reading Staff , 2/15/2021
Comment0 comments  |  Read  |  Post a Comment
You've Got Cloud Security All Wrong: Managing Identity in a Cloud World
David Mahdi, Gartner Senior Research DirectorCommentary
In a hybrid and multicloud world, identity is the new perimeter and a critical attack surface for bad actors.
By David Mahdi Gartner Senior Research Director, 2/12/2021
Comment0 comments  |  Read  |  Post a Comment
Cloud-Native Apps Make Software Supply Chain Security More Important Than Ever
Tsvi Korren, Field CTO, Aqua SecurityCommentary
Cloud-native deployments tend to be small, interchangeable, and easier to protect, but their software supply chains require closer attention.
By Tsvi Korren Field CTO, Aqua Security, 2/11/2021
Comment0 comments  |  Read  |  Post a Comment
SASE Surge: Why the Market Is Poised to Grow
Kelly Sheridan, Staff Editor, Dark ReadingNews
Analysts who anticipate the SASE market will expand by more than a factor of five before 2025 explain reasons behind the surge.
By Kelly Sheridan Staff Editor, Dark Reading, 2/10/2021
Comment0 comments  |  Read  |  Post a Comment
SentinelOne Buys Data Analytics Company Scalyr
Dark Reading Staff, Quick Hits
Cloud-based big data platform boosts extended detection and response (XDR) offering.
By Dark Reading Staff , 2/9/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft & Facebook Were Phishers' Favorite Brands in 2020
Dark Reading Staff, Quick Hits
Cloud services was the most impersonated industry, followed by financial services, e-commerce, and social media, researchers report.
By Dark Reading Staff , 2/9/2021
Comment0 comments  |  Read  |  Post a Comment
Hidden Dangers of Microsoft 365's Power Automate and eDiscovery Tools
Hitesh Sheth, CEO, VectraCommentary
Attackers are using legitimate enterprise tools to execute attacks and carry out malicious actions. Security teams must take action now.
By Hitesh Sheth CEO, Vectra, 2/8/2021
Comment0 comments  |  Read  |  Post a Comment
Cartoon Caption Winner: Insider Threat
John Klossner, CartoonistCommentary
And the winner of Dark Reading's January cartoon caption contest is ...
By John Klossner Cartoonist, 2/8/2021
Comment0 comments  |  Read  |  Post a Comment
Microsoft Says It's Time to Attack Your Machine-Learning Models
Robert Lemos, Contributing WriterNews
With access to some training data, Microsoft's red team recreated a machine-learning system and found sequences of requests that resulted in a denial-of-service.
By Robert Lemos Contributing Writer, 2/4/2021
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
PR Newswire
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Sure you have fire, but he has an i7!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27314
PUBLISHED: 2021-03-05
SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page.
CVE-2019-18630
PUBLISHED: 2021-03-04
On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200, portions of the drive containing executable code were not encrypted thus leaving it open to potential cryptographic information disclosure.
CVE-2021-25344
PUBLISHED: 2021-03-04
Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers to gain access to device's serial number without permission.
CVE-2021-25345
PUBLISHED: 2021-03-04
Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format.
CVE-2021-25346
PUBLISHED: 2021-03-04
A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution.