Follow Dark Reading:
 December 14, 2021
LATEST SECURITY NEWS & COMMENTARY
40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j
More than 60 variants of the original exploit were introduced over the last day alone.
Bug-Bounty Programs Shift Focus to Most Critical Flaws
The number of bug bounty programs jumped by a third, the median payout for a critical vulnerability report rose to $3,000, but rewards for easier-to-find lower-severity flaws stagnated in 2021.
Kronos Suffers Ransomware Attack, Expects Full Restoration to Take 'Weeks'
Customers advised to adopt alternative internal processes to support the affected human resources services.
2 Website Threats to Address for the Holiday Shopping Rush
Some tips for effectively combating Web supply chain attacks and customer hijacking via browser extensions.
Name That Toon: Modern-Day Frosty
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
Volvo Confirms R&D Data Stolen in Breach
The company confirmed last week that one of its file repositories was accessed by a third party.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Emotet Is Back and More Dangerous Than Before
Volume of traffic associated with the malware is now back at 50% of the volume before law enforcement took the botnet operation down in January 2021, security vendor says.

Newly Found Authentication Flaws Highlight Dangers of Coding From Scratch
Two vulnerabilities in a call-center software suite could allow an attacker to take over the application server, researchers found.

MORE
MORE ON LOG4J

How Do I Find My Servers With the Log4j Vulnerability?
This Tech Tip outlines how enterprises can use Canarytokens to find servers in their organization vulnerable to CVE-2021-44228.
What to Do While Waiting for the Log4J Updates
This Tech Tip outlines how enterprise defenders can mitigate the risks of the Log4j vulnerabilities for the short-term while waiting for updates.
Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool
A remote code execution vulnerability in Log4j presents a bigger threat to organizations than even the infamous 2017 Apache Struts vulnerability that felled Equifax, they say.
LATEST FROM THE EDGE

Edge Chat With Cisco's Ash Devata on Hybrid Workforce and Zero Trust
Hybrid work is here to stay. The latest installment of Edge Chats focuses on how zero trust will ensure this new business model can keep organizations secure.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Preventing Attackers from Navigating Your Enterprise Systems

    Over the past few years, cyber attackers have favored exploits in which they steal a legitimate user's credentials and then navigate enterprise defenses as a trusted end user. This "lateral movement" enables the attacker to quickly gain access to a ...

  • Protecting Enterprise Data from Malicious Insiders

    It's a sad truth: not all employees are nice. Corporate espionage, sabotage and other security incidents could be committed or aided by any insider with something to gain. How do you know when a once-trustworthy employee is about to do ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

How Data Breaches Affect the Enterprise
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Darktrace Reports Information Technology and Communications Sector Most Targeted by Cyberattackers in 2021
Kaspersky Opens Doors to New Transparency Center in North America
Broadcom Inc. Announces $10 Billion Share Repurchase Authorization
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us