Four months after the Log4Shell vulnerability was disclosed, most affected open source components remain unpatched, and companies continue to use vulnerable versions of the logging tool.
| | | LATEST SECURITY NEWS & COMMENTARY | | Log4j Attack Surface Remains Massive Four months after the Log4Shell vulnerability was disclosed, most affected open source components remain unpatched, and companies continue to use vulnerable versions of the logging tool. Iranian Hacking Group Among Those Exploiting Recently Disclosed VMware RCE Flaw Threat actor is using the flaw to deliver Core Impact backdoor on vulnerable systems, security vendor says. Tenable's Bit Discovery Buy Underscores Demand for Deeper Visibility of IT Assets The four-year-old firm, started by two industry veterans, focuses on gaining visibility into Internet-facing services as more companies seek insight into what attackers see. Chinese APT Bronze President Mounts Spy Campaign on Russian Military The war in Ukraine appears to have triggered a change in mission for the APT known as Bronze President (aka Mustang Panda). Early Discovery of Pipedream Malware a Success Story for Industrial Security Cybersecurity professionals discovered, analyzed, and created defenses against the ICS malware framework before it was deployed, but expect the stakes to keep rising. How Industry Leaders Should Approach Open Source Security Here's how to reduce security risk and gain the benefits of open source software. Cyber Conflict Overshadowed a Major Government Ransomware Alert The FBI warns that ransomware targets are no longer predictably the biggest, richest organizations, and that attackers have leveled up to victimize organizations of all sizes. 3 Ways We Can Improve Cybersecurity To better manage risks, companies can concentrate on resilience, sharing information to protect from cyber threats, and making the cybersecurity tent bigger by looking at workers with nontraditional skill sets. Coca-Cola Investigates Data-Theft Claims After Ransomware Attack The Stormous ransomware group is offering purportedly stolen Coca-Cola data for sale on its leak site, but the soda giant hasn't confirmed that the heist happened. FBI Warns Ransomware Attacks on Agriculture Co-ops Could Upend Food Supply Chain Ransomware groups are looking to strike large agriculture cooperatives during strategic seasons, when they are most vulnerable, according to law enforcement. MORE NEWS / MORE COMMENTARY | | | | |
|
| | | FEATURED REPORTS | | How Enterprises Are Securing the Application Environment Download this report from Dark Reading to learn more about the measures enterprises have adopted to ensure the security of their internally developed applications and third-party packaged applications. How Data Breaches Affect the Enterprise Many organizations report that major impacts have declined significantly compared with a year ago, suggesting that many have gotten better at containing breach fallout. Download this report to delve more into this timely topic. | | MORE REPORTS |
|
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To update your profile, change your e-mail address, or unsubscribe, click here. | | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
