Follow Dark Reading:
 August 05, 2021
LATEST SECURITY NEWS & COMMENTARY
Average Cost to Buy Access to a Compromised Company: $1,000
The flourishing market for initial access to companies' networks highlights how cybercriminal groups continue to specialize in particular stages of the attack-chain pipeline.
Multiple Zero-Day Flaws Discovered in Popular Hospital Pneumatic Tube System
'PwnedPiper' flaws could allow attackers to disrupt delivery of lab samples, or steal hospital employee credentials, new research shows.
As Attackers Circle, Federal Agencies Fail to Improve Cybersecurity
Despite being the frequent target of nation-state and criminal actors, nearly every US government agency gets a "C" or "D" for data security, according to a new Senate report.
Why Supply Chain Attacks Are Destined to Escalate
In his keynote address at Black Hat USA on Wednesday, Matt Tait, chief operating officer at Corellium, called for software platform vendors and security researchers to do their part to thwart the fallout of software supply chain compromises.

Dark Reading Virtual News Desk Returns to Black Hat

Coming to you prerecorded from home offices around the world!


A New Approach to Securing Authentication Systems' Core Secrets
Researchers at Black Hat USA explain issues around defending "Golden Secrets" and present an approach to solving the problem.
New Normal Demands New Security Leadership Structure
At the inaugural Omdia Analyst Summit, experts discuss where the past year has created gaps in traditional security strategy and how organizations can fill them.
Inside the Famed Black Hat NOC
Network operations center managers Bart Stump and Neil Wyler (aka Grifter) again head up the show network, but with a new hybrid twist.
US Government Unlikely to Ban Ransomware Payments
The Department of Justice believes that banning ransom payments will cause greater havoc. However, the agency has called for incident reporting to be required.
Reports Point to Uptick in HTML Smuggling Attacks
Menlo Security and Microsoft report recent campaigns implementing the technique, which helps attackers stealthily deliver malware.
5 Questions Your Organization Must Ask to Prepare for a Ransomware Attack
Ransomware's evolving all the time, but here are some issues to address now to mitigate the impact of the next ransomware wave.
Think Having Avoided Kaseya Means You're Safe? Guess Again
The lesson: Don't assume that everything coming from an apparently benign source is safe.
The Power of Comedy for Cybersecurity Awareness Training
Cybersecurity is serious stuff, but the way we talk about it shouldn't be if we want people to pay attention and remember what they're taught.
5 Key Lessons From ICS Attacks Through the Ages
Industrial control systems attacks are happening with more frequency, but they are hardly new.
REvil Most Popular Ransomware Variant in 2021 (So Far)
An increase in global cyberattacks was driven by Web shell activity, targeted ransomware and extortion operations, and supply chain intrusions.
NSA & CISA Publish Kubernetes Security Guidance
Kubernetes is frequently targeted for data theft, computational power theft, or denial of service, the agencies say in a joint advisory.
Human Security Launches Dan Kaminsky Fellowship
The fellowship, created in honor of Human's co-founder and chief scientist Dan Kaminsky, will be awarded to someone "who epitomizes benevolent internet innovation."
MORE NEWS & COMMENTARY
HOT TOPICS
5 Key Questions When Evaluating Software Supply Chain Security
Knowing what to ask a potential supplier can minimize risks associated with third-party software vulnerabilities and breaches.

Name That Edge Toon: Good Heavens!
Feeling creative? Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

5 Questions Your Organization Must Ask to Prepare for a Ransomware Attack
Ransomware's evolving all the time, but here are some issues to address now to mitigate the impact of the next ransomware wave.

MORE
EDITORS' CHOICE

Next for Bug Bounties: More Open Source Funding
Ten years after kicking off its Vulnerability Rewards Program, Google sees another decade of bounties with a focus on shoring up open source projects.
Build a Continuous Education Program for Better Cybersecurity
Addictive learning works because it keeps students interested and challenged at all times.
LATEST FROM THE EDGE

Let the Security Facts Speak for Themselves
Five ways sticking to the facts is good for an organization’s security posture.
Tech Resources
ACCESS TECH LIBRARY NOW

  • External Threat Hunting - Reduce Supply Chain Risk

    In this webinar, we'll look at how one Fortune 100 organization transformed its security program by investing in external threat hunting, establishing a world class threat reconnaissance program that now has proven ROI. With no-touch monitoring of its third parties' networks, ...

  • Making Security Orchestration Automation and Response (SOAR) Work in Your Enterprise

    Over the past few years, many enterprises have been improving cybersecurity by implementing the Security Orchestration, Automation, and Response (SOAR) framework, which provides a path to collect threat data from multiple sources and respond to some security events automatically. How ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

The State of Cybersecurity Incident Response
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Cerberus Sentinel Announces Acquisition of VelocIT
Nuspire Launches New Managed Endpoint Detection and Response (EDR) Service
Imprivata Introduces an Enterprise Password AutoFill Solution
Syxsense Releases 2 New Solutions for Remediating Endpoint Security Vulnerabilities
Mimecast Joins XDR Alliance as a Founding Member to Drive Open Standards & a Stronger Cybersecurity Ecosystem
Positive Technologies IDs Cisco Vulnerability That Allowed Criminals to Remotely Execute Arbitrary Code & Control Firewall
TikTok Partnership to Help First US Cyber Team Compete on the World Stage
SAP Customers May Be Operating Under False Sense of Security, Find Turnkey and Onapsis
MORE PRODUCTS & RELEASES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us