Follow Dark Reading:
 September 30, 2021
LATEST SECURITY NEWS & COMMENTARY
50% of Servers Have Weak Security Long After Patches Are Released
Many servers remain vulnerable to high-severity flaws in Microsoft Exchange Server, VMware vCenter, Oracle WebLogic, and other popular products and services.
Shades of SolarWinds Attack Malware Found in New 'Tomiris' Backdoor
Malware contains similarities that suggest a possible link to malware that Russia's DarkHalo group used in its massive supply chain attack, researchers say.
Sneaky Android Trojan Siphons Millions Using Premium SMS
More than 200 applications on the Google Play store have, until recently, allowed cybercriminals to deliver malicious Web content to victims' phones, likely garnering tens of millions of dollars.
3 Security Initiatives AWS's New CEO Should Prioritize
As Adam Selipsky takes the helm at Amazon Web Services, security must be one of the first things he addresses. Here are three initiatives that should take priority.
Cyberspace, Cybergames, and Cyberspies
How cyberspace has become a global cybergames stage, where all of us are actors.
Startup Beyond Identity Now Offers Passwordless Multifactor Authentication for Consumers
The announcement comes two weeks after Microsoft gave users the option to fully remove passwords from their accounts.
Russian Officials Arrest Group-IB CEO, Accuse Him of Treason
Ilya Sachkov, founder and CEO of the massive cybersecurity firm, was arrested on treason charges and will be in custody for two months.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
7 Ways to Thwart Malicious Insiders
Malicious insider incidents may be less frequent than inadvertent user missteps, but they can cost organizations big time.

Primer: Microsoft Active Directory Security for AD Admins
Nearly all AD environments are vulnerable to identity attack paths -- a powerful, widespread, and difficult-to-detect attack technique. But we didn't say impossible. Here's how admins can stop them.

CISA: Wide Exploitation of New VMware vCenter Server Flaw Likely
Attackers can use the vulnerability to remotely execute arbitrary code.

MORE
EDITORS' CHOICE

Notorious Spyware Tool Found Hiding Beneath Four Layers of Obfuscation
FinFisher (aka FinSpy) surveillance software now goes to extreme lengths to duck analysis and discovery, researchers found in a months-long investigation.
Modern Security Breaches Demand Diligent Planning and Executive Support
Teams that remain reactive will always be on the back foot — take an active stance.
LATEST FROM THE EDGE

Why Should I Care About HTTP Request Smuggling?
HTTP request smuggling is a growing vulnerability, but you can manage the risk with proper server configuration.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Defense Strategies to Combat Sophisticated Ransomware and Multi-Vector Attacks

    To defend themselves effectively, companies need to detect ransomware attacks early, gather the intelligence to understand the attack and prevent attacks from occurring in the future. In this webinar, Shailesh Athalye, EVP Product Management will discuss ransomware trends, defensive maneuvers ...

  • Learn Why XDR Delivers Better Outcomes to Secure Your Endpoints

    Endpoint security continues to evolve. The increasing complexity of the threat landscape means we can no longer depend on next-gen antivirus (NGAV) or EDR (Endpoint Detection and Response) alone to protect against sophisticated attacks. It's well known that endpoint attacks ...

MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.