New Speculative Execution Vulnerability Gives CISOs a New Reason to Lose Sleep

Click here to subscribe to Informationweek.com

Categories: Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines Age: 14 until 18 year 19 until 30 year 31 until 64 years

5 years ago

Html
Text

Follow Dark Reading:

August 07, 2019

LATEST SECURITY NEWS & COMMENTARY

New Speculative Execution Vulnerability Gives CISOs a New Reason to Lose Sleep The vulnerability, dubbed SWAPGS, is an undetectable threat to data security, similar in some respects to Spectre and Meltdown. US Air Force Bug Bounty Program Nets 54 Flaws for $123,000 The Air Force brought together 50 vetted hackers to find the vulnerabilities in the latest bug-bounty program hosted by a branch of the US military. Ongoing Campaign Spoofs Walmart, Dating, Movie Sites A new investigation detects more than 540 domain names linked to the Walmart brand and camouflaged as career, dating, and entertainment websites. When Perceived Cybersecurity Risk Outweighs Reality Teams need to manage perceived risks so they can focus on fighting the real fires. Security & the Infinite Capacity to Rationalize To improve the security posture of our organizations, we must open our eyes to rationalization and put an end to it with logic. Here's how. Russian Attack Group Uses Phones & Printers to Breach Corporate Networks Microsoft spotted Strontium, also known as APT28 or Fancy Bear, using IoT devices to breach businesses and seek high-value data. FBI Issues Relationship Fraud/Confidence Scheme Warning Criminals are getting increasingly sophisticated in their efforts to commit fraud and recruit 'money mules,' according to the FBI. MORE NEWS & COMMENTARY


HOT TOPICS
8 Free Tools to Be Showcased at Black Hat and DEF CON Expect a full slate of enterprise-class open source tools to take the spotlight when security researchers share their bounties with the community at large. How to Keep Your Web Servers Secure The good news is that Web servers have come a long way in terms of security. But to err is human, even for IT and security people. Cisco Pays $8.6M in First False Claims Suit for Vulnerabilities in Security Product A security consultant reported vulnerabilities in Cisco's Video Surveillance Manager in 2009 - but the company ignored the issues and fired the consultant. MORE

EDITORS' CHOICE
8 Head-Turning Ransomware Attacks to Hit City Governments Hackers know vulnerable systems when they see them, and they also know this: Many government systems are decades old, running Windows 7 and even Windows XP. Dark Reading News Desk Live at Black Hat USA 2019 Watch right here for more than 30 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern. NEW FROM THE EDGE
Hollywood-Style Hacker Fight Watch movies much? Here's what happens when two hackers try to outhack each other.

Tech Resources

Third-Party Cyber Risk Management: Getting to Know Your Vendor VPNs' Future: Less User Reliant, More Transparent, & Smarter Data Science & AI in the Fast Lane SANS Top New Attacks & Threat Report The Future of AI-Powered Autonomous Response Clearing the Path to Cloud Testing for Compliance Just Became Easier

ACCESS TECH LIBRARY NOW

DDoS Resilience, Remediation & Recovery: Updating Your Strategy

Are you ready for a DDoS attack on your network -- or on your service provider's network - or is it time to update your resilience, remediation and recovery plan? In this webinar, learn strategies that will make your business ...

Vendor ATT&CK Misdirection and How to Avoid It

In this webinar, you will learn how a simple shift to an adversary-focused approach will help stop targeted threats and will evolve your security program from lean-back to lean-forward -- no matter the size or maturity of your security team.

MORE WEBINARS

FEATURED REPORTS

[Malware Threats Survey] Do you have 10 mins to spare?

Dark Reading needs your help with this 10-minute survey. Complete the survey and you can enter to win one of five $50 Amazon gift cards!

State of the Cloud

This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies ...

MORE REPORTS

CURRENT ISSUE

Building and Managing an IT Security Operations Program
DOWNLOAD THIS ISSUE	SUBSCRIBE NOW
BACK ISSUES \| MUST READS \| TECH DIGEST

PRODUCTS & RELEASES

QOMPLX Launches Identity Assurance 2.1 For Active Directory Monitoring And Security Bugcrowd Establishes Standard for Crowdsourced Security Workflow Management SiteLock Announces Solution to Automatically Remove Malware & Spam from Website Databases CrowdStrike Introduces CrowdScore Real-Time Threat-Monitoring Metric MORE PRODUCTS & RELEASES

Dark Reading Daily
-- Published By InformationWeek
UBM Tech
2 Penn Plaza, 15th Floor, New York, NY 10121

To update your profile, change your e-mail address, or unsubscribe, click here.

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Share on

Other newsletters from Informationweek.com

More newsletters from Informationweek.com

Related newsletters

View other categories

Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines

New Speculative Execution Vulnerability Gives CISOs a New Reason to Lose Sleep

Building and Managing an IT Security Operations Program

Share on

Other newsletters from Informationweek.com

Related newsletters

View other categories