Dark Reading Daily -- April 26, 2022

Follow Dark Reading:

April 26, 2022

LATEST SECURITY NEWS & COMMENTARY

Iranian Hacking Group Among Those Exploiting Recently Disclosed VMware RCE Flaw

Threat actor is using the flaw to deliver Core Impact backdoor on vulnerable systems, security vendor says.

Ukraine Invasion Driving DDoS Attacks to All-Time Highs

Unprecedented numbers of DDoS attacks since February are the result of hacktivists' cyberwar against Russian state interests, researchers say.

North Korean State Actors Deploying Novel Malware to Spy on Journalists

Spear-phishing campaign loaded with new "Goldbackdoor" malware targeted journalists with NK News, analysts found.

Overlapping ICS/OT Mandates Distract From Threat Detection and Response

It's time for regulators of critical infrastructure — including industrial control systems and operational technology — to focus more on operational resiliency.

(Sponsored Article) The Modern Software Supply Chain: How It's Evolved and What to Prepare For

Supply chain security attacks have been becoming increasingly common and more sophisticated. Find out how to remain secure throughout the software supply chain.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
6 Malware Tools Designed to Disrupt Industrial Control Systems (ICS) Stuxnet was the first known malware built to attack operational technology environment. Since then, there have been several others. Millions of Lenovo Laptops Contain Firmware-Level Vulnerabilities Three flaws present in consumer laptops can give attackers a way to drop highly persistent malware capable of evading methods to remove it, security vendor says. 3 Ways We Can Improve Cybersecurity To better manage risks, companies can concentrate on resilience, sharing information to protect from cyber threats, and making the cybersecurity tent bigger by looking at workers with nontraditional skill sets. MORE

EDITORS' CHOICE

Early Discovery of Pipedream Malware a Success Story for Industrial Security

Cybersecurity professionals discovered, analyzed, and created defenses against the ICS malware framework before it was deployed, but expect the stakes to keep rising.

LATEST FROM THE EDGE

When Security Meets Development: The DevSecOps Conundrum

The DevSecOps journey is well worth undertaking because it can improve communication, speed up development, and ensure quality products.

LATEST FROM DR TECHNOLOGY

What the ECDSA Flaw in Java Means for Enterprises

This Tech Tip reminds developers and security teams to check what version of Java they are running. Whether they are vulnerable to the ECDSA flaw boils down to the version number.

Tech Resources

ACCESS TECH LIBRARY NOW

Building Security Into the Application Development Lifecycle
Trying to fix security issues in software just before it goes into production or after it is released is difficult, time-consuming, and expensive. But how do you shift security left - to bring security earlier into the software development lifecycle? ...
Incorporating a Prevention Mindset into Threat Detection and Response
Cybercriminals are becoming more sophisticated and their attacks are increasingly difficult to detect. While threat detection and response is a critical component of enterprise security defense, activities geared towards prevention could save security teams a lot of time and resources ...

MORE WEBINARS

FEATURED REPORTS

Rethinking Endpoint Security in a Pandemic and Beyond
IT security teams are expending the concept of "endpoint security" as companies adjust to a distributed workforce. How much responsibility will enterprise IT take for the security of personal devices such as printers. How will they manage identities across multiple ...
Zero Trust in Real Life

MORE REPORTS

CURRENT ISSUE

Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal
DOWNLOAD THIS ISSUE	SUBSCRIBE NOW
BACK ISSUES \| MUST READS \| TECH DIGEST

PRODUCTS & RELEASES

Trend Micro Launches New Security Platform

Mastercard Launches Next-Generation Identity Technology with Microsoft

Neustar Security Services’ UltraDNS Integrates Terraform for Streamlined, Automated DNS Management

MORE PRODUCTS & RELEASES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To update your profile, change your e-mail address, or unsubscribe, click here.

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal