Igor Tsyganskiy inherits the high-profile CISO spot in Redmond, while his predecessor, Bret Arsenault, is named chief security adviser
Follow Dark Reading:
 December 07, 2023
LATEST SECURITY NEWS & COMMENTARY
Microsoft Is Getting a New 'Outsider' CISO
Igor Tsyganskiy inherits the high-profile CISO spot in Redmond, while his predecessor, Bret Arsenault, is named chief security adviser.
Patch Now: Critical Atlassian Bugs Endanger Enterprise Apps
Four RCE vulnerabilities in Confluence, Jira, and other platforms, allow instance takeover and environment infestation.
CISA: Threat Actor Breached Federal Systems via Adobe ColdFusion Flaw
Adobe patched CVE-2023-26360 in March amid active exploit activity targeting the flaw.
Vulns in Android WebView, Password Managers Can Leak User Credentials
Black Hat researchers show top password managers on Android mobiles are prone to leak passwords when using WebView autofill function.
Critical Bluetooth Flaw Exposes Android, Apple & Linux Devices to Takeover
Various devices remain vulnerable to the bug, which has existed without notice for years and allows an attacker to control devices as if from a Bluetooth keyboard.
Cracking Weak Cryptography Before Quantum Computing Does
Worries over crypto's defenselessness against quantum computing has inspired a project that automates the discovery of insecure cryptographic algorithms in open source software.
UK Cyber CTO: Vendors' Security Failings Are Rampant
The NCSC's Ollie Whitehouse criticizes security vendors for actively working against organizations in their fight against breaches and ransomware.
Embrace Generative AI for Security, but Heed Caution
AI could be a net positive for security, with a caveat: It could make security teams dangerously complacent.
US Navy Ship Builder Says No Classified Info Leaked in Cyberattack
Austul USA, a military contractor, alerts law enforcement it quickly mitigated a recent cyberattack on its systems and that an investigation is ongoing.
(Sponsored Article) A Detection and Response Benchmark Designed for the Cloud
Does your security operation center's performance meet the 5/5/5 benchmark for cloud threat detection and incident response?
MORE NEWS / MORE COMMENTARY
HOT TOPICS
WordPress Bug 'Patch' Installs Backdoor for Full Site Takeover
A faux security alert purports to provide a fix for an RCE flaw, but instead creates a user with admin privileges and spreads a backdoor to infected sites.

Embrace Generative AI for Security, but Heed Caution
AI could be a net positive for security, with a caveat: It could make security teams dangerously complacent.

'AeroBlade' Group Hacks US Aerospace Company
Aeroblade flew under the radar, slicing through detection checks on a quest to steal sensitive commercial data.

MORE
PRODUCTS & RELEASES
DTEX Systems Appoints Mandiant Global CTO Marshall Heilman As CEO
Cloudbrink Presents Firewall-As-Service for the Hybrid Workplace
Keeper Security Survey Finds 82% of IT Leaders Want to Move Their On-Premises Privileged Access Management (PAM) Solution to the Cloud
Foresite Cybersecurity Partners With Crowdstrike
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Apple 'Lockdown Mode' Bypass Subverts Key iPhone Security Feature
Even the most severe security protections for mobile phones aren't all-encompassing or foolproof, as a tactic involving a spoof of lockdown mode shows.
LATEST FROM THE EDGE

Name That Edge Toon: On Your Mark...
Come up with a clever cybersecurity-related caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
LATEST FROM DR TECHNOLOGY

Enhancing Incident Response Playbooks With Machine Learning
Cybersecurity analysts use playbooks as a guide to quickly investigate and respond to incidents, but they regularly neglect to keep the process documents up to date.
LATEST FROM DR GLOBAL

Middle East CISOs Fear Disruptive Cloud Breach
Increasingly, businesses are concerned about the speed of their cloud incident response times.
WEBINARS
  • How to Combat the Latest Cloud Security Threats

    More businesses have shifted critical assets and operations to the cloud, as service providers enhance their security capabilities and companies adapt to more remote workforces. In this webinar, experts outline the top ways that attackers are exploiting cloud services, applications ...

  • Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven

    In this session, you'll learn what a holistic approach to SSCS requires, including a comprehensive inventory of your supply chain, connecting risks across the development lifecycle, and leveraging code-to-runtime context to prioritize risks. We'll provide examples of "toxic combinations" between ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us