Follow Dark Reading:
 November 11, 2021
LATEST SECURITY NEWS & COMMENTARY
ChaosDB: Researchers Share Technical Details of Azure Flaw
Wiz researchers who discovered a severe flaw in the Azure Cosmos DB database discussed the full extent of the vulnerability at Black Hat Europe.
Hacker-for-Hire Group Spied on More Than 3,500 Targets in 18 Months
Russian-speaking "Void Balaur" group's victims include politicians, dissidents, human rights activists, doctors, and journalists, security vendor discloses at Black Hat Europe 2021.
Securing the Public: Who Should Take Charge?
International policy expert Marietke Schaake explores the intricacies of protecting the public as governments depend on private companies to build and secure digital infrastructure.
Firms Will Struggle to Secure Extended Attack Surface in 2022
Companies are relying more heavily on third parties, remote employees, and partners, expanding their attack surface area beyond traditional boundaries.
Researcher Details Vulnerabilities Found in AWS API Gateway
AWS fixed the security flaws that left the API service at risk of so-called HTTP header-smuggling attacks, says the researcher who discovered them.
Dark Reading Video News Desk Comes to Black Hat Europe
While attendees join Black Hat Europe 2021 virtually and live in London, we bring you prerecorded interviews from remote offices around the world.

(Sponsored Article) The State of the CISO

Dark Reading survey shows security officer influence is on the rise.


4 Tips to Secure the OT Cybersecurity Budget You Require
OT security engineers and personnel should approach senior management with an emphasis on risk reduction benefits and with a concrete plan to secure budget and funding before it's too late.
Defining the Hierarchy of Value in Cyber Intelligence
One size won't fit all as we try to reconcile the need to demonstrate expertise and value with keeping clients and researchers safe.
SolarWinds Vulnerability Exploited in First Stage of Clop Ransomware Attacks
Russian cybercrime group known as T505 is targeting SolarWinds Server-U systems that haven't been patched for a remote code execution vulnerability fixed this summer.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Zoho ManageEngine Flaw Highlights Risks of Race to Patch
Attackers used a pre-auth vulnerability in a component of the enterprise management software suite to compromise businesses, highlighting the dangers of Internet-facing software.

To Secure DevOps, Security Teams Must be Agile
The evolution of agile development and infrastructure-as-code has given security teams the tools they need to gain visibility, find vulnerabilities early, and continuously evaluate infrastructure.

10 Hot Red Team Tools Set to Hit Black Hat Europe
The slate of Arsenal presentations at Black Hat Europe is set to feature lots of low-cost and free goodies for offensive security pros.

MORE
EDITORS' CHOICE

Microsoft Fixes Exchange Server Zero-Day
November security update contains patches for 55 bugs — including six zero-days across various products.
LATEST FROM THE EDGE

SquirrelWaffle Leverages Malspam to Deliver Qakbot, Cobalt Strike
Threat is spreading widely via spam campaigns, infecting systems with a new malware loader.
LATEST FROM DR TECHNOLOGY

New Application Security Toolkit Uncovers Dependency Confusion Attacks
The Dependency Combobulator is an open source Python-based toolkit that helps developers discover malicious software components that may have accidentally been added to their projects.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Protecting Enterprise Data from Malicious Insiders

    It's a sad truth: not all employees are nice. Corporate espionage, sabotage and other security incidents could be committed or aided by any insider with something to gain. How do you know when a once-trustworthy employee is about to do ...

  • Creating an Encryption Strategy for Your Enterprise

    Maybe it's not time yet to start "quantum-proofing" (and maybe it is), but that doesn't mean your encryption strategy doesn't need a refresh. If your organization is like most enterprises, you've likely purchased or adopted a wide variety of encryption ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

How Data Breaches Affect the Enterprise
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
CISA and State and Local Partners Test Emergency Response Plans at Chevron Salt Lake Refinery
83% of Critical Infrastructure Organizations Suffered Breaches, 2021 Cybersecurity Research Reveals
SafeBreach Closes $53.5 Million Series D in New Funding to Fuel Momentum
The State of the CISO
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us