Four months after the Log4Shell vulnerability was disclosed, most affected open source components remain unpatched, and companies continue to use vulnerable versions of the logging tool.
Follow Dark Reading:
 April 27, 2022
LATEST SECURITY NEWS & COMMENTARY
Log4j Attack Surface Remains Massive
Four months after the Log4Shell vulnerability was disclosed, most affected open source components remain unpatched, and companies continue to use vulnerable versions of the logging tool.
API Attacks Soar Amid the Growing Application Surface Area
With Web application programming interface (API) traffic growing quickly, the average cloud-focused company sees three times more attacks.
Cyber Conflict Overshadowed a Major Government Ransomware Alert
The FBI warns that ransomware targets are no longer predictably the biggest, richest organizations, and that attackers have leveled up to victimize organizations of all sizes.
CISA Taps Veteran CISO Bob Lord for Technical Adviser Role
Lord previously spearheaded security for the Democratic National Committee and held leadership roles at companies including Yahoo, Rapid7, and Twitter.
Tenable Acquires External Attack Surface Management Vendor for $44.5M
Acquisition will add Internet-facing attack surface mapping and monitoring to Tenable's internal asset management products.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
6 Malware Tools Designed to Disrupt Industrial Control Systems (ICS)
Stuxnet was the first known malware built to attack operational technology environment. Since then, there have been several others.

Overlapping ICS/OT Mandates Distract From Threat Detection and Response
It's time for regulators of critical infrastructure — including industrial control systems and operational technology — to focus more on operational resiliency.

Zero-Day Exploit Use Exploded in 2021
Ransomware and other financially motivated threat actors joined nation-state-backed groups in leveraging unpatched flaws in attack campaigns, new data shows.

MORE
EDITORS' CHOICE

Iranian Hacking Group Among Those Exploiting Recently Disclosed VMware RCE Flaw
Threat actor is using the flaw to deliver Core Impact backdoor on vulnerable systems, security vendor says.
LATEST FROM THE EDGE

How Do I Report My Security Program's ROI?
If security leaders focus on visibility and metrics, they can demonstrate their programs' value to company leadership and boards.
LATEST FROM DR TECHNOLOGY

The Ins and Outs of Secure Infrastructure as Code
The move to IaC has its challenges but done right can fundamentally improve an organization's overall security posture.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Building Security Into the Application Development Lifecycle

    Trying to fix security issues in software just before it goes into production or after it is released is difficult, time-consuming, and expensive. But how do you shift security left - to bring security earlier into the software development lifecycle? ...

  • Incorporating a Prevention Mindset into Threat Detection and Response

    Cybercriminals are becoming more sophisticated and their attacks are increasingly difficult to detect. While threat detection and response is a critical component of enterprise security defense, activities geared towards prevention could save security teams a lot of time and resources ...
MORE WEBINARS
FEATURED REPORTS
  • Rethinking Endpoint Security in a Pandemic and Beyond

    IT security teams are expending the concept of "endpoint security" as companies adjust to a distributed workforce. How much responsibility will enterprise IT take for the security of personal devices such as printers. How will they manage identities across multiple ...

  • How Data Breaches Affect the Enterprise

    Many organizations report that major impacts have declined significantly compared with a year ago, suggesting that many have gotten better at containing breach fallout. Download this report to delve more into this timely topic.
MORE REPORTS
CURRENT ISSUE

Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Introducing Apostro: A Risk Management Platform for Web3 Security
SecurityScorecard Launches Cyber Risk Quantification Portfolio
Mastercard Launches Next-Generation Identity Technology with Microsoft
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us