Dark Reading Daily -- May 11, 2023

Follow Dark Reading:

May 11, 2023

LATEST SECURITY NEWS & COMMENTARY

Leak of Intel Boot Guard Keys Could Have Security Repercussions for Years

While Intel is still investigating the incident, the security industry is bracing itself for years of potential firmware insecurity if the keys indeed were exposed.

Microsoft Fixes Failed Patch for Exploited Outlook Vulnerability

Adding a single character to a function in the previous Outlook patch rendered that fix useless, researchers say.

RapperBot Crew Drops DDoS/CryptoJacking Botnet Collab

Cryptomining is a logical partner for an existing IoT-focused DDoS botnet, so the RapperBot authors customized XMRig to make it happen.

Infamous Twitter Hacker Cops to Cybercrimes, Extradited to US for Trial

Confessed cybercriminal hijacked Twitter, TikTok, and Snapchat accounts; defrauded victims; and more.

Free Tool Unlocks Some Encrypted Data in Ransomware Attacks

"White Phoenix" automated tool for recovering data on partially encrypted files hit with ransomware is available on GitHub.

Dark Reading Goes Global

While the goal of the site's new DR Global section is to expand international coverage, the initial focus will be cybersecurity professionals in the Middle East and Africa.

The Industrywide Consequences of Making Security Products Inaccessible

Accessibility won't solve all of the industry's problems, but it can help tackle a few.

Sysco Data Breach Exposes Customer, Employee Data

Food distribution company first learned of the cyberattack in March 2023.

(Sponsored Article) Unifying XDR and SIEM Capabilities in 1 Platform

Discover how unifying XDR and SIEM in a single platform provides comprehensive protection against modern threats.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Microsoft Patches 2 Zero-Day Vulnerabilities The 49 CVEs in Microsoft's May security update is the lowest volume in nearly two years. The Problem of Old Vulnerabilities — and What to Do About It The vulnerabilities most often exploited by ransomware attackers are already known to us. MORE

EDITORS' CHOICE

Microsoft Patches 2 Zero-Day Vulnerabilities

The 49 CVEs in Microsoft's May security update is the lowest volume in nearly two years.

LATEST FROM THE EDGE

Identifying Compromised Data Can Be a Logistical Nightmare

Being able to trace an incident backward from breach to data source is vital in restoring and improving cybersecurity.

LATEST FROM DR TECHNOLOGY

New Bazel Ruleset Helps Developers Build Secure Container Images

A new ruleset from Bazel, an open source build and test tool from Google, allows developers to create Docker images and generate software bills of materials about what is inside the containers.

WEBINARS

Next-Generation Supply Chain Security
Supply chain attacks are on the rise. Attackers are injecting malicious code into software and hardware components to create backdoors into the organization. As the Kaseya attack demonstrated, compromising a widely used product gives attackers privileged access into corporate networks. ...
Unleashing AI to Assess Cybersecurity Risk
Advancements in artificial intelligence technology and machine learning and deep learning algorithms can also transform enterprise risk management by giving security teams greater visibility and insights to assess the organization's cyber risk and overall security posture. In this webinar, experts ...

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment
Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ...
Successfully Managing Identity in Modern Cloud and Hybrid Environments
Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ...
Shoring Up the Software Supply Chain Across Enterprise Applications
Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ...

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Experian Announces US Fintech Data Network to Combat Fraud

Global Research From Delinea Reveals That 61% of IT Security Decision Makers Think Leadership Overlooks the Role of Cybersecurity in Business Success

Keeper Security Announces Minority Growth Equity Investment From Summit Partners

Privoro and Samsung Partner to Provide Trusted Control Over Smartphone Radios and Sensors

MORE PRODUCTS & RELEASES

CURRENT ISSUE

How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.