Follow Dark Reading:
 January 14, 2021
LATEST SECURITY NEWS & COMMENTARY
More SolarWinds Attack Details Emerge
A third piece of malware is uncovered, but there are still plenty of unknowns about the epic attacks purportedly out of Russia.
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
How two traditionally disparate security disciplines can be united.
Microsoft Defender Zero-Day Fixed in First Patch Tuesday of 2021
Microsoft patched 83 bugs, including a Microsoft Defender zero-day and one publicly known elevation of privilege flaw.
Security Operations Struggle to Defend Value, Keep Workers
Companies continue to value security operations centers but the economics are increasingly challenging, with high analyst turnover and questions raised over return on investment.
New Tool Sheds Light on AppleScript-Obfuscated Malware
The AEVT decompiler helped researchers analyze a cryptominer campaign that used AppleScript for obfuscation and will help reverse engineers focused on other Mac OS malware.
Bringing Zero Trust to Secure Remote Access
Demand for secure remote access has skyrocketed during the pandemic. Here Omdia profiles more secure alternatives to virtual private network (VPN) technology.
Over-Sharer or Troublemaker? How to Identify Insider-Risk Personas
It's past time to begin charting insider risk indicators that identify risky behavior and stop it in its tracks.
When It Comes To Security Tools, More Isn't More
Organizations that focus on optimizing their tools, cutting down on tool sprawl, and taking a strategic approach to transitioning to the cloud are poised for success.
SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns
Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations.
United Nations Security Flaw Exposed 100K Staff Records
Security researchers have disclosed a vulnerability they exploited to access more than 100,000 private employee records.
IoT Vendor Ubiquiti Suffers Data Breach
Cloud provider hosting "certain" IT systems attacked, company says.
MORE NEWS & COMMENTARY
HOT TOPICS
FireEye's Mandia: 'Severity-Zero Alert' Led to Discovery of SolarWinds Attack
CEO Kevin Mandia shared some details on how his company rooted out the major cyberattack campaign affecting US government and corporate networks.

Malware Developers Refresh Their Attack Tools
Cisco analyzes the latest version of the LokiBot malware for stealing credentials, finding that its developers have added more misdirection and anti-analysis features.

Top 5 'Need to Know' Coding Defects for DevSecOps
Integrating static analysis into the development cycle can prevent coding defects and deliver secure software faster.

MORE
EDITORS' CHOICE

6 Open Source Tools for Your Security Team
Open source tools can be great additions to your cloud security arsenal. Here are a half-dozen to get you started.
The 3 Most Common Types of BEC Attacks (And What You Can Do About Them)
Always be skeptical and double check credentials.
LATEST FROM THE EDGE

Virtual Pen-Testing Competition Tasks College Students With Running a Red Team Operation
Aimed at developing offensive cyber talent, last weekend's sixth annual Collegiate Penetration Testing Competition brought out some of the brightest from RIT and Stanford, among other universities.
Tech Resources
ACCESS TECH LIBRARY NOW

  • ROI and Beyond for the Cloud

    Moving to the cloud isn't just about pulling expensive equipment out of a data center. Going with a cloud provider involves its own set of costs. However, a cloud strategy offers other business benefits, some that can be calculated on ...

  • Architecting Security for the Internet of Things

    In this webcast, experts discuss the most effective approaches to securing the embedded systems used in their enterprise and offer advice on monitoring and protecting next-generation IoT technology.
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

2020: The Year in Security
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Vdoo Reveals an Extension Funding Round with Qumra Capital and Verizon Ventures Joining as Investors
Cybersecurity Firm Nisos Announces New Funding and CEO
Cyber Risk Ratings Leader NormShield Rebrands to 'Black Kite'
Francisco Partners Completes Acquisition of Forcepoint
MORE PRODUCTS & RELEASES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |   Informa Tech  |  Privacy Statement  |   Terms & Conditions  |  Contact Us