Joe Sullivan, spared prison time, weighs in on the lessons learned from the 2016 Uber breach and the import of the SolarWinds CISO case.
| | | LATEST SECURITY NEWS & COMMENTARY | Former Uber CISO Speaks Out, After 6 Years, on Data Breach, SolarWinds Joe Sullivan, spared prison time, weighs in on the lessons learned from the 2016 Uber breach and the import of the SolarWinds CISO case. CISA to Congress: US Under Threat of Chemical Attacks Dropping the ball on chemical security has precipitated "a national security gap too great to ignore," CISA warns. Critical Vulns Found in Ray Open Source Framework for AI/ML Workloads Anyscale has dismissed the vulnerabilities as non-issues, according to researchers who reported the bugs to the company. Cyber Monday Kicks Off Holiday Shopping Season With E-Commerce Security Risks Online shopping websites often lack basic security protections when it comes to PII, allowing malicious actors to capitalize on consumer data or perpetuate retail and hospitality scams. macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks Lazarus and its cohorts are switching loaders and other code between RustBucket and KandyKorn macOS malware to fool victims and researchers. Slovenian Electrical Utility HSE Suffers Ransomware Attack The company's power production remains in operation, and authorities have been notified of the attack. Attacks Against South African ICS and IoT Systems Steadily Decrease All African nations saw a reduced number of cyberattacks on industrial and IoT systems in the third quarter of 2023 compared with earlier this year. Researchers Claim Design Flaw in Google Workspace Puts Organizations at Risk Google says the issue has to do with organizations ensuring they implement least-privilege principles. Fight or Flight: How to Keep Cyberattacks From Taking Off As industries around the world act to mitigate the increase in cyber threats, the aviation sector should be leading the cybersecurity uprising, explains William "Hutch" Hutchison, CEO of SimSpace. Name That Toon: Slam Dunk Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. (Sponsored Article) 3 Essential Steps to Strengthen SaaS SecuritySaaS security is broad, possibly confusing, but undeniably crucial. Make sure you have the basics in place: discovery, risk assessment, and user access management.
MORE NEWS / MORE COMMENTARY | | | | | HOT TOPICS | General Electric, DARPA Hack Claims Raise National Security Concerns
Weapons systems data, AI research, and other classified information may be up for sale, not to mention access to other government agencies.
Data De-Identification: Balancing Privacy, Efficacy & Cybersecurity
Companies must do a delicate dance between consumer privacy protection, upholding their product's efficacy, and de-risking cyber breaches to run the business.
CISA, NCSC Offer a Road Map, Not Rules, in New Secure AI Guidelines
US and UK authorities issued new recommendations for companies that build and rely on AI, but they stop short of laying down the law.
MORE |
|
| | | | | WEBINARS | | Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven In this session, you'll learn what a holistic approach to SSCS requires, including a comprehensive inventory of your supply chain, connecting risks across the development lifecycle, and leveraging code-to-runtime context to prioritize risks. We'll provide examples of "toxic combinations" between ... Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods Inadequate authentication measures leave your digital identity vulnerable to cybercriminals. Tools like multi-factor authentication, biometrics, passwords, PINs, and tokens are all more vulnerable to attacks and social engineering than you realize. And one wrong move leaves you and your organization ... | | View More Dark Reading Webinars >> |
|
| | |
|
| | | FEATURED REPORTS | | What Ransomware Groups Look for in Enterprise Victims Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ... How to Use Threat Intelligence to Mitigate Third-Party Risk The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ... Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... | | View More Dark Reading Reports >> |
|
|
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
