Follow Dark Reading:
 January 13, 2022
LATEST SECURITY NEWS & COMMENTARY
How to Proactively Limit Damage From BlackMatter Ransomware
Logic flaw exists in malware that can be used to prevent it from encrypting remote shares, security vendor says.
Microsoft Kicks Off 2022 With 96 Security Patches
Nine of the Microsoft patches released today are classified as Critical, 89 are Important, and six are publicly known.
Microsoft RDP Bug Enables Data Theft, Smart-Card Hijacking
The vulnerability was patched this week in Microsoft's set of security updates for January 2022.
New Mac Malware Samples Underscore Growing Threat
A handful of malicious tools that emerged last year showed threat actors may be getting more serious about attacking Apple macOS and iOS environments.
No Significant Intrusions Related to Log4j Flaw Yet, CISA Says
But that could change anytime, officials warn, urging organizations to prioritize patching against the critical remote code execution flaw.
CDN Cache Poisoning Allows DoS Attacks Against Cloud Apps
A Romanian researcher discovers more than 70 vulnerabilities in how applications and their content delivery networks handle cache misses that open the doors to denial-of-service attacks.
Rethinking Cybersecurity Jobs as a Vocation Instead of a Profession
The prevailing mindset is that security practitioners are professionals, and thus, require a college degree. But there are some flaws in that logic.
Critical Infrastructure Security and a Case for Optimism in 2022
The new US infrastructure law will fund new action to improve cybersecurity across rail, public transportation, the electric grid, and manufacturing.
The Evolution of Patch Management: How and When It Got So Complicated
In the wake of WannaCry and its ilk, the National Vulnerability Database arose to help security organizations track and prioritize vulnerabilities to patch. Part 1 of 3.
Patch Management Today: A Risk-Based Strategy to Defeat Cybercriminals
By combining risk-based vulnerability prioritization and automated patch intelligence, organizations can apply patches based on threat level. Part 2 of 3.
7 Predictions for Global Energy Cybersecurity in 2022
Increased digitization makes strong cybersecurity more important than ever.
FBI Warns FIN7 Campaign Delivers Ransomware via BadUSB
An FBI warning says the FIN7 cybercrime group has sent packages containing malicious USB drives to US companies in an effort to spread ransomware.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Google Docs Comments Weaponized in New Phishing Campaign
Attackers use the comment feature in Google Docs to email victims and lure them into clicking malicious links.

Breach Response Shift: More Lawyers, Less Cyber-Insurance Coverage
Companies are more likely to rely on outside attorneys to handle cyber response in order to contain potential lawsuits. Meanwhile, cyber-insurance premiums are rising but covering less.

Name That Edge Toon: In Your Face!
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

MORE
EDITORS' CHOICE

New Cyberattack Campaign Uses Public Cloud Infrastructure to Spread RATs
An attack campaign detected in October delivers variants of Nanocore, Netwire, and AsyncRATs to target user data.
LATEST FROM THE EDGE

What Editing Crosswords Can Teach Us About Security Leadership
When security leaders look for mistakes, they often find them before customers do.
LATEST FROM DR TECHNOLOGY

Enterprise Security at CES 2022 Marked by IoT, Biometrics, and PC Chips
Amid the onslaught of mostly consumer-oriented announcements in Las Vegas, a few key items pertaining to enterprise security emerged.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Monitoring and Securing Remote and Work-From-Home Environments

    In the wake of COVID-19, many IT departments find themselves managing more remote and work-from-home systems than ever before. What does this mean for cybersecurity? In this webinar, top experts discuss methods for rethinking remote access and end user systems ...

  • Beyond Spam and Phishing: Emerging Email-based Threats

    Even as enterprises adopt real-time messaging tools and platforms, email remains the hub of enterprise communications. Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks. In this webinar, ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Oxeye Introduce Open Source Payload Deobfuscation Tool
New Research Reveals Public-Sector IAM Weaknesses and Priorities
Kiteworks Acquires Email Encryption Leader totemo
Kaspersky Research Uncovers Cybersecurity Budgets, Insurance, and Vendor Expectations for 2022
MSP Thrive Acquires InCare Technologies
Cerberus Sentinel Acquires True Digital Security
MORE PRODUCTS & RELEASES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |   Informa Tech  |  Privacy Statement  |   Terms & Conditions  |  Contact Us