Dark Reading Daily -- July 01, 2023

Follow Dark Reading:

July 01, 2023

LATEST SECURITY FEATURES & COMMENTARY

Make Diversity the 'How,' Not the 'What,' of Cybersecurity Success

Cybersecurity leaders should strive to reward high-performing teams that are powered by high levels of inclusion.

Cl0p in Your Network? Here's How to Find Out

Companies targeted by hacking groups with Cl0p ransomware typically have several chances to catch the attack prior to the payload being deployed, experts say.

Protecting Small Businesses From Ransomware on a Budget

One ransomware attack can be devastating for a small or midsize business. Here are four solid survival tips to ensure it doesn't turn into a disaster.

Social Engineering Adds Depth to Red Team Exercises

Because social engineering usually succeeds, companies need to test whether their defenses can block adversaries that gain employees' trust.

Remediation Ballet Is a Pas de Deux of Patch and Performance

AI-generated code promises quicker fixes for vulnerabilities, but ultimately developers and security teams must balance competing interests.

Open Source LLM Projects Likely Insecure, Risky to Use

New LLM-based projects typically become successful in a short period of time, but the security posture of these generative AI projects are very low, making them extremely unsafe to use.

Pepper and Embedded Insurance Partner on Cyber Insurance for Consumers, SMBs

If you have an IoT network powered by Pepper, you can now insure it through Embedded Insurance — even if your business is too small to support a SOC.

Cequence Security Adds Generative AI to API Security

Cequence's latest updates to its Unified API Protection platform help organizations reduce the time needed to create API security testing plans.

Jscrambler Launches JavaScript Scanner for PCI DSS 4.0 Compliance

The free tool aims to help organizations meet the requirements of the new version of the payment standard, which takes effect next March.

MORE FROM THE EDGE / MORE FROM DR TECHNOLOGY


HOT TOPICS
Researchers Detail 4 SAP Bugs, Including Flaw in ABAP Kernel Patches are available for three bugs, but with technical details and PoCs now available, threat actors can craft targeted attacks. China's 'Volt Typhoon' APT Turns to Zoho ManageEngine for Fresh Cyberattacks A recent campaign shows that the politically motivated threat actor has more tricks up its sleeve than previously known, targeting a critical exploit and wiping logs to cover their tracks. Patch Now: Cisco AnyConnect Bug Exploit Released in the Wild A ready-made, low-complexity path to pwning the popular enterprise VPN clients for remote workers is now circulating in the wild. MORE

EDITORS' CHOICE

Job Seekers, Look Out for Job Scams

Scammers are setting out lures for people looking for work. If a position sounds too good to be true, it probably is.

Why Legacy System Users Prioritize Uptime Over Security

For line-of-business execs, the fear of mission-critical systems grinding to a halt overrides their cybersecurity concerns. How can CISOs overcome this?

Growing SaaS Usage Means Larger Attack Surface

Software-as-a-service has its benefits, but abandoned SaaS integrations and idle data sharing introduce risk to the enterprise.

WEBINARS

Finding the Right Role for Identity and Access Management in Your Enterprise
End user credentials are essential to enabling your employees to gain access to the data and applications they need. Those credentials are also one of the most prized targets that attackers hope to gain. To enable user access and prevent ...
How to Use Threat Intelligence to Mitigate Third Party Risk
Threat intelligence provides security teams with insights into the kinds of attacks that may target their organizations and prioritize their security activities. But what if the risk is coming from third-party partners and systems? In this webinar, experts discuss how ...

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment
Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ...
The Promise and Reality of Cloud Security
Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Center for Internet Security, CREST Join Forces to Secure Organizations Globally

OTORIO Rolls Out Advanced Attack Graph Analysis for OT Security

WatchGuard Threat Lab Report Reveals New Browser-Based Social Engineering Trends

Employer Demand for Technology Workers Across Europe Remains on Firm Footing

Mend.io Launches Inaugural Open Source Reliability Leaderboard

Invary Raises $1.85M in Pre-Seed Funding to Close Critical Gap in Zero Trust Security

MORE PRODUCTS & RELEASES

CURRENT ISSUE

How to Use Threat Intelligence to Mitigate Third-Party Risk
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.