Dark Reading Daily -- December 12, 2022

Follow Dark Reading:

December 12, 2022

LATEST SECURITY NEWS & COMMENTARY

Iranian APT Targets US With Drokbk Spyware via GitHub

The custom malware used by the state-backed Iranian threat group Drokbk has so far flown under the radar by using GitHub as a "dead-drop resolver" to more easily evade detection.

TikTok Banned on Govt. Devices; Will Private Sector Follow Suit?

Texas and Maryland this week joined three other states in prohibiting accessing the popular social media app from state-owned devices.

Google: Use SLSA Framework for Better Software Security

Security leaders also need to take a more holistic approach to addressing supply chain risks, company says in new research report.

How Naming Can Change the Game in Software Supply Chain Security

A reliance on CPE names currently makes accurate searching for high-risk security vulnerabilities difficult.

Iran-Backed MuddyWater's Latest Campaign Abuses Syncro Admin Tool

MuddyWater joins threat groups BatLoader and Luna Moth, which have also been using Syncro to take over devices.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
3 Ways Attackers Bypass Cloud Security At Black Hat Europe, a security researcher details the main evasion techniques attackers are currently using in the cloud. Where to Find the Best Open Source Security Technology A free resource, updated monthly, lists the most-popular, highly rated OSS projects. Report: Air-Gapped Networks Vulnerable to DNS Attacks Common mistakes in network configuration can jeopardize the security of highly protected assets and allow attackers to steal critical data from the enterprise. MORE

EDITORS' CHOICE

7 Ways Gaming Companies Can Battle Cybercrime on Their Platforms

Balancing gameplay and security can drive down risks and improve gamers' trust and loyalty.

LATEST FROM THE EDGE

Cybersecurity Should Focus on Managing Risk

Preventing all data breaches is an unrealistic goal. Instead, focus on finding and minimizing the greatest risks.

LATEST FROM DR TECHNOLOGY

ASM Can Fill Gaps While Working to Implement SBOM

If compiling a software bill of materials seems daunting, attack surface management tools can provide many of the benefits.

WEBINARS

Security Considerations for Working with Cloud Services Providers
With so many workloads in the could these days, enterprises are working with one or more of the major cloud services providers. How you can be ensured that these providers are handling data securely? What is the plan if there ...
The World's Best (Digital) Workplaces
In this special presentation, our experts will examine the growing intersection between the Employee Experience and the Digital Employee Experience. We'll also reveal what today's IT professionals must focus on as they look to a future of changing and expanding ...

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

How Machine Learning, AI & Deep Learning Improve Cybersecurity
Implementing Zero Trust In Your Enterprise: How to Get Started
2022 State of Network Management (a $499 Value FREE)
We surveyed networking professionals about their networking budgets, spending priorities, and concerns. Find out how big of a role security is playing and how they plan to address it. Download the report today!

View More Dark Reading Reports >>

PRODUCTS & RELEASES

(ISC)² Recruits 110,000 People Interested in a Cybersecurity Career in Three Months

Cybersecurity Resilience Emerges as Top Priority as 62% of Companies Say Security Incidents Impacted Business Operations

Cambridge Centre for Risk Studies and Kivu Release Benchmark of Cost-Effective Responses to Cybercrime

MORE PRODUCTS & RELEASES

CURRENT ISSUE

Developing and Testing an Effective Breach Response Plan
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Developing and Testing an Effective Breach Response Plan