Follow Dark Reading:
 October 14, 2021
LATEST SECURITY NEWS & COMMENTARY
6 Lessons From the Expiration of the Let's Encrypt Root Certificate
Fallout from the transition highlights the need for organizations to monitor and have processes for updating CA roots, experts say.
Microsoft Fixes Zero-Day Flaw in Win32 Driver
A previously known threat actor is using the flaw in a broad cyber-espionage campaign, security vendor warns.
Applying Behavioral Psychology to Strengthen Your Incident Response Team
A deep-dive study on the inner workings of incident response teams leads to a framework to apply behavioral psychology principles to CSIRTs.
North American Orgs Hit With an Average of 497 Cyberattacks per Week
A new analysis confirms a surge in global cyberattacks since the COVID-19 pandemic began.
Microsoft: 58% of Nation-State Cyberattacks Come From Russia
A wealth of Microsoft data highlights trends in nation-state activity, hybrid workforce security, disinformation, and supply chain, IoT, and OT security.
Overly Complex IT Infrastructures Pose Security Risk
Cybersecurity budgets are set to increase in 2022, but companies worry that complex IT networks and data infrastructure are wasting money, new PwC survey finds.
VirusTotal Shares Data on Ransomware Activity
Google's online malware scanning service analyzed 80 million ransomware samples that were uploaded in the past year-and-a-half.
Why Choke-Point Analysis Is Essential in Active Directory Security
Defense should focus on high-value choke points first to ensure that their most critical assets are protected, before moving on to deal with other attack paths.
A Close Look at Russia's Ghostwriter Campaign
The group, which conducts espionage and sows disinformation, is larger than previously thought and has shifted tactics.
New Regulations Are Coming — Get a Handle on Your App Portfolio
With the realization that any app could be a gateway for a larger attack, there will be more pressure than ever on companies to fully protect their entire application landscape.
CyberArk Leads the PAM Omdia Universe
With more staff working remotely, privileged access management (or PAM) has never been more important. Market forecasts, drivers, and trends are explored.
'FontOnLake' Malware Family Targets Linux Systems
Researchers report that the location of its C2 server and the countries where samples were uploaded may indicate targets include Southeast Asia.
Patch 'Immediately': Apache Issues Software Fix Amid Zero-Day Attacks
CISA reports it's seeing ongoing scanning for the flaws and expects the activity to accelerate.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
10 Ways to Avoid Zero-Trust Failure
Here are the prerequisites to have in order before getting past the zero-trust gate.

Rapid RYUK Ransomware Attack Group Christened as FIN12
Prolific ransomware cybercrime group's approach underscores a complicated, layered model of cybercrime.

Not Hitting Your Security KPIs? Get the Whole Business Involved
CISOs can deliver better outcomes and get the support they need by linking security processes to business results.

MORE
EDITORS' CHOICE

The 5 Phases of Zero-Trust Adoption
Zero trust aims to replace implicit trust with explicit, continuously adaptive trust across users, devices, networks, applications, and data.
LATEST FROM THE EDGE

7 Smart Ways a Security Team Can Win Stakeholder Trust
By demonstrating the following behaviors, security teams can more effectively move their initiatives forward.
LATEST FROM DR TECHNOLOGY

Handling Threat Intelligence Across Billions of Data Points
Graph databases can play a role in threat intelligence and unraveling sprawling data.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Zero-Trust in Real Life

    Credential theft, lateral movement and other cyber attack tricks have foiled perimeter security again and again. We know that the old philosophy of trusting everything and everyone inside a network is no longer sound. The zero-trust model - trust nothing, ...

  • Using Threat Hunting and Threat Intelligence to Strengthen Enterprise Cybersecurity

    IT security teams are rapidly learning that an effective cyber defense means gaining a better understanding of attackers and the methods they use. In this Dark Reading webinar, top experts offer insights on how your organization can use emerging tools ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

How Enterprises are Attacking the Cybersecurity Problem
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
SonicWall Secures Mix of Cloud, Hybrid and Traditional Networks
Corelight Unveils Corelight Labs, a Hub for Research and Innovation
Former Director of IT and Cybersecurity for Warren Presidential Campaign Launches Personified
Palo Alto Networks to Transfer Stock Exchange Listing to Nasdaq
Oracle Cloud Joins ONUG Collaborative
Kaspersky Updates Industrial Cybersecurity Service
RealDefense Completes Fourth Cyber Security Acquisition; Adds STOPzilla to Its Portfolio
IDrive Remote Desktop Offers Protection from RDP Cyberattacks and Vulnerabilities
71% of Security Pros Find Patching to be Complex and Time Consuming, Ivanti Study Confirms
MORE PRODUCTS & RELEASES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us