An on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environment.
Follow Dark Reading:
 May 21, 2024
LATEST SECURITY NEWS & COMMENTARY
Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms
An on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environment.
Google Pitches Workspace as Microsoft Email Alternative, Citing CSRB Report
The new Secure Alternative Program from Google aims to entice customers away from Exchange Online and break Microsoft's dominance in the enterprise.
Android Banking Trojan Antidot Disguised as Google Play Update
Antidot uses overlay attacks and keylogging to target users' financial data.
CyberArk Picks Up Machine Identity Manager Venafi for $1.54B
The acquisition gives CyberArk new IoT identity and certificate life-cycle management, cryptographic code-signing, and other services to secure the enterprise cloud.
Students Spot Washing Machine App Flaw That Gives Out Free Cycles
UCSC students say that after reporting the bug months ago, they're still able to rack up unlimited free wash loads at their local laundromat.
What American Enterprises Can Learn From Europe's GDPR Mistakes
As the US braces for a data privacy overhaul, companies need to update data practices, train staff, and ensuring compliance from the outset to avoid Europe's costly missteps.

(Sponsored Article) Integrating Data Security Into the Security Operations Center
Attackers have one motive: gaining access to the most critical data in the organization. It's time to bring data security into the SOC experience.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
CISO Corner: What Cyber Labor Shortage?; Trouble Meeting SEC Disclosure Deadlines
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: DR's podcast on the CISO & the SEC; breaking down CISA's Secure by Design Pledge; Singapore puts cloud providers on notice.

Whose Data Is It Anyway? Equitable Access in Cybersecurity
Cybersecurity cannot be solely about defending against threats; it must also empower organizations with their data.

Intel Discloses Max Severity Bug in Its AI Model Compression Software
The improper input validation issue in Intel Neural Compressor enables remote attackers to execute arbitrary code on affected systems.

There Is No Cyber Labor Shortage
There are plenty of valuable candidates on the market. Hiring managers are simply looking in the wrong places.

MORE
PRODUCTS & RELEASES
HP Catches Cybercriminals 'Cat-Phishing' Users
NRECA Receives $4M in DOE Funding to Boost Electric Co-op Cybersecurity Preparedness
Data Breach Response Provider, CyEx, Acquires Settlement Administrator, Simpluris Inc.
ZeroRisk Cybersecurity Expands Global Presence With US Launch
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Microsoft Has Yet to Patch 7 Pwn2Own Zero-Days
A number of serious Windows bugs still haven't made their way into criminal circles, but that won't remain the case forever — and time is running short before ZDI releases exploit details.
LATEST FROM THE EDGE

Transforming CISOs Into Storytellers
Faced with chilling new SEC rules, chief information security officers are learning soft skills to help them better communicate cybersecurity concerns with the C-suite.
LATEST FROM DR TECHNOLOGY

OpenSSF Siren to Share Threat Intelligence for Open Source Software
The Siren email mailing list will focus on operational impact and response and act as a central location to provide information about threats and necessary post-disclosure activities.
LATEST FROM DR GLOBAL

DoJ Shakes Up North Korea's Widespread IT Freelance Scam Operation
Fraudsters based in the US and Europe indicted for helping North Korea's nation-state groups establish fake freelancer identities and evade sanctions.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us