Follow Dark Reading:
 August 26, 2021
LATEST SECURITY NEWS & COMMENTARY
FIN8 Threat Group Resurfaces With Dangerous New Backdoor
"Sardonic" malware allows attackers to expand its functionality without having to update components.
Attackers Increasingly Target Linux in the Cloud
Linux is widely used in containerized environments, giving rise to significant attention from attackers.
CISA Warns of Ongoing Attacks Targeting ProxyShell Vulnerabilities
Cybercriminals are actively exploiting ProxyShell vulnerabilities CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. Here's what to do about this.
US Census Bureau Failed Breach Response, Watchdog Says
The January 2020 compromise did not succeed but highlighted significant deficiencies in the security operations of the federal agency tasked with an accurate count of the population.

FBI Issues Advisory on 'OnePercent' Ransomware Group

The threat actor has been targeting US companies in dual extortion attacks since fall of last year.


BreachQuest Emerges from Stealth to Fill Incident Response Gaps
The company received $4.4 million in seed funding from Slow Ventures, the founder of Lookout, and co-founders of Tinder.
10 Questions to Navigate the Security Industry’s Marketing Madness
How to cut through the marketing hype and really understand what to buy and from whom.
4 Places Where Digital ID Models Falter
Good digital identity must be secure and unique, verified with high assurance, and privacy-preserving, along with individual user control and embedded consent.
How to Maintain Accountability in a Hybrid Environment
Even as organizations diversify their IT environments, adding more cloud storage, the mainframe plays a critical role. Here are four key strategies for locking down the mainframe to secure the core of your business.
3 Misconceptions Around Cybersecurity Maturity Model Certification
Don't believe these myths surrounding CMMC compliance. Here's what organizations really need to know in order to work with the US Department of Defense.
New Hampshire Town Loses $2.3 Million in BEC Scam
The town of Peterborough, N.H., does not believe the funds can be recovered and does not know whether insurance will cover the losses.
PC Gaming Threats Jumped 66% Amid COVID-19 Lockdowns
Cyberattacks targeting PC and mobile games increased last year after players were in lockdown, Kaspersky researchers report.
38M Records Exposed via Microsoft Power Apps Misconfiguration
Researchers have notified 47 public and private organizations of data exposure from Power Apps configured to allow public access.
T-Mobile Reports 5.3M More Affected in Data Breach
T-Mobile continues to investigate a breach that has now affected more than 50 million current, former, and prospective customers.
MORE NEWS & COMMENTARY
HOT TOPICS
4 Steps Organizations Can Take to Increase Diversity in Cybersecurity
Cultivating a diverse cybersecurity workforce requires a multipronged approach. Here are key steps organizations can take to increase diversity and grow the cybersecurity talent pipeline.

Business Management Firms Have the Least Secure Web Apps
Almost three-quarters of Web applications for businesses that handle accounting, auditing, finances, and operations have critical vulnerabilities every day of the year.

How 5 Years of DEF CON's Voting Village Has Shaped Election Security
The hands-on and at times controversial live-hacking event now has a broader mission: year-round, open testing of election systems.

MORE
EDITORS' CHOICE

ShadowPad Malware Platform Proves a Threat to Watch
Researchers who investigated the privately sold malware platform find a new controller -- and new implications for the Chinese espionage threat landscape.
Making Sure Spyware Is Used Only for Good
Spyware and other cyber-offensive solutions will only become more prevalent. It's up to every constituency to ensure that the technology isn't abused.
LATEST FROM THE EDGE

DMARC 101: How to Keep Phishing Attacks Out of Your Inbox
Used together, DMARC and security awareness training will help give your employees comprehensive protection against phishing attacks.
6 Client-Side Security Concerns Enterprises Should Care About
Enterprises have to decide whether to take into account the security of end-customers' devices when building out the application experience, or even whether the application allows or denies access depending on the device.
Tech Resources
ACCESS TECH LIBRARY NOW

MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

Enterprise Cybersecurity Plans in a Post-Pandemic World
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
FusionAuth Introduces Advanced Threat Detection to Help Safeguard User Identity
New Data-Driven Study Reveals 40% of SaaS Data Access Is Unmanaged, Creating Significant Insider and External Threats to Global Organizations
Upstream Security Raises $62M in Series C Financing Round
Cameyo Introduces Secure Cloud Tunneling to Further Reduce the Attack Surface for Remote & Hybrid Work
United States and Singapore Expand Cooperation on Cybersecurity
International Consortium of Minority Cyber Professionals Names Maggie Domond as Executive Director
Security Researchers Reveal Staggering Magnitude of ICS Vulnerabilities in 2021
ExtraHop Rolls Out Deep Threat Insights for Hybrid Cloud
Area 1 Security Research Analyzes 31M Phish, Finding $354M in Potential Losses
Zix Releases 2021 Mid-Year Global Threat Report
MORE PRODUCTS & RELEASES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us