Dark Reading Daily -- March 28, 2023

Follow Dark Reading:

March 28, 2023

LATEST SECURITY NEWS & COMMENTARY

7 Women Leading the Charge in Cybersecurity Research & Analysis

From rising stars to veterans heading up research teams, check out our profiles of women making a big impact in cyber defense as the threat landscape expands.

Twitter's Source Code Leak on GitHub a Potential Cyber Nightmare

Indicators point to Twitter's source code being publicly available for around three months, offering a developer security object lesson for businesses.

Clop Keeps Racking Up Ransomware Victims With GoAnywhere Flaw

After several weeks and more than 130 ransomware victims, GoAnywhere parent company Forta issues a statement.

CISA Releases Hunt Tool for Microsoft's Cloud Services

CISA released the hunt and response tool to help defenders extract cloud artifacts without performing additional analytics.

Cybersecurity vs. Everyone: From Conflict to Collaboration

Don't assume stakeholders outside security understand your goals and priorities, but consider how you'll communicate with them to gain their support.

(Sponsored Article) Human Detection and Response: A New Approach to Building a Strong Security Culture

Jelle Wieringa analyzes the differences between HDR and security awareness training and how HDR addresses the security layer of human risk management.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest In two days, ethical researchers from 10 countries have unearthed more than 22 zero-day bugs in a wide range of technologies at the annual hacking contest. Application Security Requires More Investment in Developer Education If you haven't done so already, it's time to take the first step toward solving this application security dilemma. Malicious ChatGPT Extensions Add to Google Chrome Woes The second malicious ChatGPT extension for Chrome has been discovered, giving malicious actors access to users' Facebook accounts through stolen cookies. MORE

EDITORS' CHOICE

Zoom Zoom: 'Dark Power' Ransomware Extorts 10 Targets in Less Than a Month

A new threat actor is racking up victims and showing unusual agility. Part of its success could spring from the use of the Nim programming language.

LATEST FROM THE EDGE

How CISOs Can Reduce the Danger of Using Data Brokers

Without proof that it was collected legally, purchased data can threaten an enterprise's security compliance and even expose the company to litigation.

LATEST FROM DR TECHNOLOGY

Drive to Pervasive Encryption Boosts Key Management

Key vaults, aka key-management-as-a-service (KMaaS), promise to allow companies to encrypt sensitive data across cloud and third parties with granular control.

WEBINARS

Expert Advice for Getting the Most from Security Orchestration, Automaton & Response Enterprise Tools
Over the past few years, many enterprises have been improving cybersecurity by implementing the Security Orchestration, Automation, and Response (SOAR) framework, which provides a path to collect threat data from multiple sources and respond to some security events automatically. How ...
Building Out the Best Response Playbook for Ransomware Attacks
When ransomware locks up your business's critical data and essential gear, there is no time to panic. The organization needs answers fast: Is the infection going to spread to other endpoints? Will the attackers publicly dump the stolen information? How ...

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ...
Shoring Up the Software Supply Chain Across Enterprise Applications
Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ...
10 Hot Talks From Black Hat USA 2022
Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ...

View More Dark Reading Reports >>

PRODUCTS & RELEASES

CyberSecure Announces Strategic Alliance

Lightspin Launches Remediation Hub to Identify and Fix Cloud Security Threats

Vectra Unifies AI-Driven Behavior-Based Detection and Signature-Based Detection

XM Cyber Announces Acquisition of Confluera, Adding Run-Time Protection on Cloud Workloads

Kaspersky Survey Finds One in Three Users Have Experienced CryptoTheft

MORE PRODUCTS & RELEASES

CURRENT ISSUE

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today