Follow Dark Reading:
 November 04, 2021
LATEST SECURITY NEWS & COMMENTARY
Free Tool Scans Web Servers for Vulnerability to HTTP Header-Smuggling Attacks
A researcher will release an open source tool at Black Hat Europe next week that roots out server weaknesses to a sneaky type of attack.
APTs, Teleworking, and Advanced VPN Exploits: The Perfect Storm
A Mandiant researcher shares the details of an investigation into the misuse of Pulse Secure VPN devices by suspected state-sponsored threat actors.
Microsoft Expands Security to AWS in Multicloud Push
Microsoft will expand its cloud security tools to AWS within a suite called Defender for Cloud and launch a new Defender for Business in preview later this month.
CISA Issues New Directive for Patching Known Exploited Vulnerabilities
The goal is to reduce civilian federal agency exposure to attacks that threat actors are actively using in campaigns, agency says.
Infosec and Business Alignment Lowers Breach Cost, Boosts Security
As attacks and security budgets continue to rise, data shows the most secure organizations are the ones that strike a security-business balance.
Attackers Flaunt Remote Access Credentials, Threaten Supply Chain
Attackers advertise access to computers within shipping and logistics companies as the global supply chain struggles to meet post-COVID demands.
SEO Poisoning Used to Distribute Ransomware
This tactic — used to distribute REvil ransomware and the SolarMarker backdoor — is part of a broader increase in such attacks in recent months, researchers say.
You've Just Been Ransomed ... Now What?
Six crucial steps executives and IT teams should be prepared to take immediately after a ransomware attack.
Understanding the Human Communications Attack Surface
Companies should recognize that collaboration platforms aren't isolated, secure channels where traditional threats don't exist.
Tech Companies Create Security Baseline for Enterprise Software
The Minimum Viable Secure Product is written as a checklist of minimum-security requirements for business-to-business software.
US Blacklists Israeli Firms NSO Group and Candiru
The US Commerce Department has also added Russia's Positive Technologies and Singapore's Computer Security Initiative Consultancy.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
How Hackers Are Targeting Cryptocurrency
Crypto exchanges that want to maintain credibility must implement some of the same "know your customer" controls used by banks and similar institutions.

QR Codes Help Attackers Sneak Emails Past Security Controls
A recently discovered campaign shows how attackers are constantly developing new techniques to deceive phishing victims.

Stop Zero-Day Ransomware Cold With AI
AI can help recognize ransomware attacks and stop them at computer speed.

MORE
EDITORS' CHOICE

6 Ways to Rewrite the Impossible Job Description
It's hard enough to fill a cybersecurity position given the talent shortage. But you may be making it harder with a poor job description that turns off would-be candidates.
LATEST FROM THE EDGE

What Exactly Is Secure Access Service Edge (SASE)?
Any company that supports a hybrid workforce should at least be familiar with this relatively new security approach.
LATEST FROM DR TECHNOLOGY

How to Avoid Another Let's Encrypt-Like Meltdown
Experts weigh in on steps network and security administrators need to take before the next time a root certificate expires.
Tech Resources
ACCESS TECH LIBRARY NOW

MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

How Enterprises are Attacking the Cybersecurity Problem
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Valtix Delivers Free Cloud Security for Departmental, Development, and Test Applications
The Executive Women's Forum on Information Security, Risk Management & Privacy Elects Three Board Advisers
Dragos Launches ServiceNow’s OT Asset Discovery App
44% of Parents Struggle to Follow Tech Rules They Set for Their Kids
China Hosts More Malware Than Russia: Findings from DNSFilter's 2021 Domain Threat Report
Zscaler’s 2021 Encrypted Attacks Report Reveals 314% Spike in HTTPS Threats
SonicWall: 'The Year of Ransomware' Continues with Unprecedented Late-Summer Surge
MORE PRODUCTS & RELEASES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us