Follow Dark Reading:
 January 06, 2022
LATEST SECURITY NEWS & COMMENTARY
Log4j Highlights Need for Better Handle on Software Dependencies
Security pros say the Log4j vulnerability is another warning call for enterprises to get more disciplined when keeping track of software bills of materials.
Google Buys Siemplify to Get Ahead in Cloud Security
Google says the deal will bring security orchestration, automation, and response to its Google Cloud security portfolio and expand its Chronicle platform.
New Attack Campaign Exploits Microsoft Signature Verification
The Malsmoke attack group is behind a campaign that has exploited the Microsoft e-signature verification tool to target 2,100 victims.
Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells
Microsoft says vulnerabilities present a "real and present" danger, citing high volume of scanning and attack activity targeting the widely used Apache logging framework.
In the Fight Against Cybercrime, Takedowns Are Only Temporary
Disrupting access to servers and infrastructure continues to interfere with cybercrime activity, but it's far from a perfect strategy.
Why CIOs Should Report to CISOs
If the CISO is responsible for the security of the organization, then that same person also should be responsible for both security and IT infrastructure.
Creating the Next Generation of Secure Developers
Helping management prioritize developer education is a tall order, but it's one the industry must figure out.
Mobile Application Security: 2021's Breaches
Many of last year's largest app breaches could have been prevented with testing, training, and the will to take app security seriously.
The World Is Increasingly Controlled and Transformed by Algorithms
Our digital interactions are being analyzed, predicted, and protected by algorithms and serve as a strategic, digital arsenal in defending against cyberattacks.
Why We Need To Reframe the False-Positive Problem
Efforts to tune or build behavior- or signature-based threat identification requires time and effort most organizations don't have.
Zero Trust and Access: Protecting the Keys to the Kingdom
Zero trust moves the control pane closer to the defended asset and attempts to tightly direct access and privileges.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
CISOs Plan What to Buy With Funds From the Infrastructure Bill
CISOs welcome the cybersecurity funding allocated under the Infrastructure Investment and Jobs Act, but say it’s not perfect because it doesn't address a key issue: people.

An Adaptive Security Strategy Is Critical for Stopping Advanced Attacks
Ransomware demands a new approach to incident response.

Why Cyber Due Diligence Is Essential to the M&A Process
That announcement may feel good, but if your prospective acquisition's cybersecurity levels are substandard, it might be best to hold off.

MORE
EDITORS' CHOICE

7 Steps for Navigating a Zero-Trust Journey
Don't think of zero trust as a product. Think of it as "how you actually practice security."
LATEST FROM THE EDGE

Vinnie Liu Has a Mission: Keeping People Safe Online and Offline
Security Pro File: The years at the National Security Agency shaped Vinnie Liu's views on security. "We're missionaries, not mercenaries," he says.
LATEST FROM DR TECHNOLOGY

6 Security-Tech Innovations We're Excited to See in 2022
The details on cybersecurity technologies that we expect to advance rapidly in the coming year.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Beyond Spam and Phishing: Emerging Email-based Threats

    Even as enterprises adopt real-time messaging tools and platforms, email remains the hub of enterprise communications. Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks. In this webinar, ...

  • Cloud Security Strategies for Today's Enterprises

    The typical enterprise relies on dozens, even hundreds, of cloud applications and services sprawled across different platforms and service providers. Security teams need to shoulder the responsibility of coordinating security and incident response and not leave it up to individual ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Log4j Remediation Rules Now Available for WhiteSource Renovate and Enterprise
Palo Alto Networks Appoints Helmut Reisinger to Leadership Team
Pathr.ai Reaffirms Position as Privacy-Centric Solution for Retailers with Spatial Intelligence Platform
AV-Comparatives Reveals Results of Long-Term Tests of 19 Leading Endpoint Security Solutions
MORE PRODUCTS & RELEASES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us