Dark Reading Daily -- May 19, 2022

Follow Dark Reading:

May 19, 2022

LATEST SECURITY NEWS & COMMENTARY

MITRE Creates Framework for Supply Chain Security

System of Trust includes data-driven metrics for evaluating the integrity of software, services, and suppliers.

CISA: Unpatched F5 BIG-IP Devices Under Active Attack

Publicly released proof-of-concept exploits are supercharging attacks against unpatched systems, CISA warns.

How Threat Actors Are a Click Away From Becoming Quasi-APTs

As demonstrated in Ukraine and elsewhere, the battlefield for today's warriors extends to the virtual realm with cyber warfare.

Microsoft Flags Attack Targeting SQL Servers With Novel Approach

Attackers appear to have found a way around PowerShell monitoring by using a default utility instead.

CISA to Federal Agencies: Patch VMware Products Now or Take Them Offline

Last month attackers quickly reverse-engineered VMware patches to launch RCE attacks. CISA warns it's going to happen again.

The Industry Must Better Secure Open Source Code From Threat Actors

Build security in up front to secure open source code at the foundational level. Apply security controls, have engineering teams test, do code review, and use attacker-centric behavioral analytics to mitigate threats.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
How Mobile Networks Have Become a Front in the Battle for Ukraine Since 2014's annexation of Crimea, Ukrainian mobile operators have taken multiple, proactive steps to defend networks in the country and ensure their resilience. Local Government's Guide to Minimizing the Risk of a Cyberattack Most local leaders lack cybersecurity resources so they don't know where their weaknesses are and which areas threat actors are most likely to target, with little focus or understanding of risk. Top 6 Security Threats Targeting Remote Workers Remote work is here to stay, which means security teams must ensure that security extends beyond corporate devices and protects employees wherever they are. MORE

EDITORS' CHOICE

Google Cloud Aims to Share Its Vetted Open Source Ecosystem

The online giant analyzes, patches, and maintains its own versions of open source software, and now the company plans to give others access to its libraries and components as a subscription.

LATEST FROM THE EDGE

How Pwn2Own Made Bug Hunting a Real Sport

From a scrappy contest where hackers tried to win laptops, Pwn2Own has grown into a premier event that has helped normalize bug hunting.

LATEST FROM DR TECHNOLOGY

50% of Orgs Rely on Email to Manage Security

Even with dedicated identity management tools at their disposal, many companies — smaller ones especially — are sticking with email and spreadsheets for handling permissions.

Tech Resources

ACCESS TECH LIBRARY NOW

The Value Drivers of Attack Surface Management, Revealed
The value of modern ASM extends beyond the security benefits. It can save money as well through prevention, lower cyber insurance costs, lower human effort, and higher operational efficiency. Join to find out how modern attack surfaces have changed, why ...
Implementing and Using XDR to Improve Enterprise Cybersecurity
Security operations teams are taking a hard look at extended detection and response tools - XDR - as a means of collecting and analyzing threat data and identifying cyber attacks faster and more efficiently. But exactly how does XDR technology ...

MORE WEBINARS

FEATURED REPORTS

How Enterprises Plan to Address Endpoint Security Threats in a Post-Pandemic World
Dark Reading's 2022 Endpoint Security Report examines how IT and cybersecurity professionals are grappling with the impact of pandemic-related changes on endpoint security strategies. The report explores how they are building their endpoint security defenses, and provides insight on what organizations ...
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.

MORE REPORTS

CURRENT ISSUE

Incorporating a Prevention Mindset into Threat Detection and Response
DOWNLOAD THIS ISSUE	SUBSCRIBE NOW
BACK ISSUES \| MUST READS \| TECH DIGEST

PRODUCTS & RELEASES

Lacework Integrates Kubernetes Features to Enhance Security Across Multi-Cloud Environments

Rubrik Launches Rubrik Security Cloud to Secure Data, Wherever it Lives, Across Enterprise, Cloud, and SaaS

Bitdefender Launches Identity Theft Protection Service for U.S. Consumers

MORE PRODUCTS & RELEASES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To update your profile, change your e-mail address, or unsubscribe, click here.

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Incorporating a Prevention Mindset into Threat Detection and Response