Follow Dark Reading:
 June 24, 2021
LATEST SECURITY NEWS & COMMENTARY
Attackers Find New Way to Exploit Google Docs for Phishing
Tactic continues recent trend by attackers to use trusted cloud services to send and host malicious content.
Software-Container Supply Chain Sees Spike in Attacks
Attackers target companies' container supply chain, driving a sixfold increase in a year, aiming to steal processing time for cryptomining and compromise cloud infrastructure.
New DNS Name Server Hijack Attack Exposes Businesses, Government Agencies
Researchers found a "novel" class of DNS vulnerabilities in AWS Route53 and other DNS-as-a-service offerings that leak sensitive information on corporate and government customers, with one simple registration step.
Majority of Web Apps in 11 Industries Are Vulnerable All the Time
Serious vulnerabilities exist every day in certain industries, including utilities, public administration, and professional services, according to testing data.
This Week in Database Leaks: Cognyte, CVS, Wegmans
Billions of records were found exposed this week due to unprotected databases owned by major corporations and third-party providers.
Data Breaches Surge in Food & Beverage, Other Industries
Six previously "under-attacked" vertical industries saw a surge in data breaches last year due to COVID-19 related disruptions and other factors, new data shows.
VMs Help Ransomware Attackers Evade Detection, but It's Uncommon
Some ransomware attackers use virtual machines to bypass security detection, but adoption is slow for the complicated technique.
One in Five Manufacturing Firms Targeted by Cyberattacks
Information-stealing malware makes up about a third of attacks, a study finds, but companies worry most about ransomware shutting down production.
Are Ransomware Attacks the New Pandemic?
Ransomware has been a problem for decades, so why is government just now beginning to address it?
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Consider four factors and behaviors that impact a particular employee's risk, and how security training should take them into account.
Accidental Insider Leaks Prove Major Source of Risk
Research reports highlight growing concerns around insider negligence that leads to data breaches.
NSA Funds Development & Release of D3FEND Framework
The framework, now available through MITRE, provides countermeasures to attacks.
MORE NEWS & COMMENTARY
HOT TOPICS
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Those looking to join the fight might want to polish up or acquire some (or all) of these hottest skills on the market.

Mission Critical: What Really Matters in a Cybersecurity Incident
The things you do before and during a cybersecurity incident can make or break the success of your response.

Did Companies Fail to Disclose Being Affected by SolarWinds Breach?
The SEC has sent out letters to some investment firms and publicly listed companies seeking information, Reuters says.

MORE
EDITORS' CHOICE

Survey Seeks to Learn How 2020 Changed Security
Respondents to a new Dark Reading/Omdia survey will be entered into a drawing for a Black Hat Black Card.
11 Security Certifications to Seek Out This Summer
The more you know, the more you grow. The Edge takes a fresh look at leading security certifications that can help advance your career.
LATEST FROM THE EDGE

rMTD: A Deception Method That Throws Attackers Off Their Game
Through a variety of techniques, rotational Moving Target Defense makes existing OS and app vulnerabilities difficult to exploit. Here's how.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Building Incident Readiness and Response Playbook

    The cyber attackers hit their mark: now what do you do? Whom do you call first? Do you have a plan to contain the damage, eliminate the threat, avoid destruction of forensic evidence, and keep the business operational at the ...

  • Weaknesses in Software Supply Chains: Cyber's Unspoken Reality

    Until the recent SolarWinds compromise, the conversation around supply chains - and more importantly, their vulnerabilities - was rarely discussed in the cybersecurity industry. However, over the last few years, supply chains have become an increasingly lucrative target for hackers. ...

MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.