Organizations are largely deluded about their own security postures, according to an analysis, with the average SIEM failing to detect a whopping 76% of attacker TTPs.
Follow Dark Reading:
 June 28, 2023
LATEST SECURITY NEWS & COMMENTARY
Most Enterprise SIEMs Blind to MITRE ATT&CK Tactics
Organizations are largely deluded about their own security postures, according to an analysis, with the average SIEM failing to detect a whopping 76% of attacker TTPs.
Pilot Applicant Information for American, Southwest Hacked
The attack exposed personal information from pilot applicants, prompting both airlines to ditch their third-party provider and move services internally.
Why Cyber Funding Flows for Rural Water Systems
The $7.5 million in new funds from the Cybersecurity for Rural Water Systems Act of 2023 is not just a drop in the bucket for crucially important rural water systems.
UCLA, Siemens Among Latest Victims of Relentless MOVEit Attacks
Cl0p ransomware group uses its Dark Web leak site to identify five new victims of MOVEit cyberattacks.
Mockingjay Slips By EDR Tools With Process Injection Technique
By leveraging misconfigured DLLs instead of EDR-monitored APIs, this new technique injects malicious code into running processes, completely evading endpoint security.
Trans-Rights Hacktivists Steal City of Ft. Worth's Data
In a move to embarrass the city, hacking group known as SiegedSec accessed thousands of files with administrator logins, but it's making no ransom demands.
Why the FDA's SBOM Mandate Changes the Game for OSS Security
The new FDA software bill of materials (SBOM) guidelines for medical devices could have broad impact on the healthcare industry and the broader open source ecosystem.
Preventing Cyberattacks on Schools Starts With K–12 Cybersecurity Education
By investing in a strong future cybersecurity workforce, we can prevent future attacks on US critical infrastructure before they occur.
Jscrambler Launches JavaScript Scanner for PCI DSS 4.0 Compliance
The free tool aims to help organizations meet the requirements of the new version of the payment standard, which takes effect in March 2024.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Microsoft Teams Attack Skips the Phish to Deliver Malware Directly
Exploiting a flaw in how the app handles communication with external tenants gives threat actors an easy way to send malicious files from a trusted source to an organization's employees, but no patch is imminent.

3 Steps to Successfully & Ethically Navigate a Data Breach
In this day of "not if, but when" for breaches, transparency and full disclosure are important to salvage a company's reputation and keep public trust.

Schneider Power Meter Vulnerability Opens Door to Power Outages
A severe security vulnerability allows credentials for the power meters to continuously transmit in cleartext, allowing device takeover.

MORE
EDITORS' CHOICE
China's 'Volt Typhoon' APT Turns to Zoho ManageEngine for Fresh Cyberattacks
A recent campaign shows that the politically motivated threat actor has more tricks up its sleeve than previously known, targeting a critical exploit and wiping logs to cover their tracks.
LATEST FROM DR TECHNOLOGY

Cequence Security Adds Generative AI to API Security
Cequence’s latest updates to the Unified API Protection platform help organizations reduce the time needed to create API security testing plans.
LATEST FROM THE EDGE

Protecting Small Businesses From Ransomware on a Budget
One ransomware attack can be devastating for a small to midsize business. Here are some survival tips to ensure it's not a disaster.
LATEST FROM DR GLOBAL

Black Hat Asia 2023: Cybersecurity Maturity and Concern in Asia
Black Hat Asia 2023 showed that cybersecurity is nascent among organizations in Asia with opportunities for improvement.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

    Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ...

  • The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

    The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ...

  • The Promise and Reality of Cloud Security

    Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Genworth Financial Reports Data Breach Leaking SSNs Belonging to 2.7M Policyholders and Customers
Silobreaker Unveils Geopolitical Threat Intelligence Capabilities With RANE at Infosecurity Europe 2023
Security LeadHER Wraps Groundbreaking Inaugural Conference for Women in Security
Sumsub Launches Advanced Deepfakes Detector
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How to Use Threat Intelligence to Mitigate Third-Party Risk
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us