Follow Dark Reading:
 September 15, 2021
LATEST SECURITY NEWS & COMMENTARY
Nearly 50% of On-Premises Databases Have Vulnerabilities
A network compromise shouldn't mean "game over" for corporate data, but survey data shows many companies fail to protect their crown jewels.
Microsoft Patches MSHTML Vuln Among 66 CVEs
This month's Patch Tuesday release addresses a remote code execution bug under active attack and a publicly known flaw in Windows DNS.
API Security Startup Neosec Launches With $20.7M Series A
Neosec, founded by the security experts behind LightCyber, aims to bring principles from extended detection and response to API security.
Ransomware Operators Ramp Up Pressure on Victims via Multiple Extortion Attacks
Though overall ransomware attack volumes dipped in the first half of this year, the number of campaigns involving three and four extortion methods increased.
Security Fears & Remote Work Drive Continued 2FA Adoption
Seventy-nine percent of people used two-factor authentication at least once in 2021, with 72% regularly using the technology, as remote work, social media, and online retail spur demand.
Magecart: How Its Attack Techniques Evolved
Shape-shifting Magecart has shown itself to be highly adaptable in its ability to compromise third-party websites, especially during the pandemic.

(Sponsored Article) Fact: Your Company Will Be Breached; How You Reply Is Key

The automation of cyberattacks means that no company is too small to target. In 2021, four out of five organizations report cybersecurity breaches that originated from third-party vulnerabilities. The public knows breaches will happen. How your company responds is what matters.


Outlining Risks to the World's Vital Cyber-Physical Systems
The key to protecting these systems is not only to ensure the control environment is secure and protected but also to deploy emerging technologies such as confidential computing.
Google Patches Chrome Bugs Exploited in the Wild
CISA advises organizations to patch quickly to protect against zero-day exploits.
Name That Toon: Congrats! It's a ...
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Groove Ransomware Gang Tries New Tactic to Attract Affiliates
The threat group, which leaked some 500,000 credentials for Fortinet SSL VPN devices, views ransomware as just one way to profit from compromised networks, experts say.

Microsoft Warns of Vuln That Allowed Access to Azure Infrastructure
Microsoft ran a five-year-old component that allowed vulnerability researchers to punch through the isolation that normally protects cloud tenants, researchers found.

REvil Ransomware Group's Sudden Re-emergence Sparks Concerns
Some had hoped the notorious Russia-based group had been pressured to quit for good after a couple of especially egregious attacks on US targets earlier this year.

MORE
EDITORS' CHOICE

Brute-Force Attacks, Vulnerability Exploits Top Initial Attack Vectors
A new analysis emphasizes how most security incidents can be avoided with strong patch management and password management policies.
I Moved to Cybersecurity After a Decade in Finance — Here's How You Can Too
The cybersecurity industry needs employees with nontraditional backgrounds who can offer fresh perspectives. Here are tips for making a career switch to this growing and exciting field.
LATEST FROM THE EDGE

Reported Rates of Major Security Incidents by Market
In the "Proven Success Factors for Endpoint Security" report, Cisco Security shares a global perspective on reported cyber events in the past two years.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Learn Why XDR Delivers Better Outcomes to Secure Your Endpoints

    Endpoint security continues to evolve. The increasing complexity of the threat landscape means we can no longer depend on next-gen antivirus (NGAV) or EDR (Endpoint Detection and Response) alone to protect against sophisticated attacks. It's well known that endpoint attacks ...

  • Ten Hot Talks from Black Hat 2021

    The annual Black Hat USA 2021 in Las Vegas featured a full slate of cybersecurity researchers presenting. They offered up discoveries about new critical security vulnerabilities, new threats, and new security tools that enterprise defenders need to know about as they ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

Enterprise Cybersecurity Plans in a Post-Pandemic World
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
DHS Secretary Mayorkas Headlines Billington Cybersecurity Summit
More Than 10,000 Cybersecurity Professionals Have Earned the (ISC)2 CCSP Cloud Security Certification
Executives' Ransomware Concerns Are High, but Few Are Prepared for Such Attacks
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us