Dark Reading Daily -- March 22, 2024

NVD may be in peril, and while alternatives exist, enterprise security managers will need to plan accordingly to stay on top of new threats.

LATEST SECURITY NEWS & COMMENTARY

NIST's Vuln Database Downshifts, Prompting Questions About Its Future

NVD may be in peril, and while alternatives exist, enterprise security managers will need to plan accordingly to stay on top of new threats.

Ivanti Keeps Security Teams Scrambling With 2 More Vulns

Since the beginning of this year, the company has disclosed some seven critical bugs so far, almost all of which attackers have quickly exploited in mass attacks.

Session Takeover Bug in AWS Apache Airflow Reveals Larger Cloud Risk

A bug exposed users of an AWS workflow management service to cookie tossing, but behind the scenes lies an even deeper issue that runs across all of the top cloud services.

Tesla Hack Team Wins $200K and a New Car

Zero Day Initiative awarded a total of $732,000 to researchers who found 19 unique cybersecurity vulnerabilities during the first day of Pwn2Own.

300K Internet Hosts at Risk for 'Devastating' Loop DoS Attack

Attackers can create a self-perpetuating, infinite scenario in such a way that volumes of traffic overwhelm network resources indefinitely.

Changing Concepts of Identity Underscore 'Perfect Storm' of Cyber-Risk

Forgepoint Capital's Alberto Yépez discusses how the concept of identity is changing: It doesn't just mean "us" anymore.

Cyber Warfare: Understanding New Frontiers in Global Conflicts

An arms race is developing between those using technology to target adversaries and those using it prevent attacks from succeeding.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
After LockBit, ALPHV Takedowns, RaaS Startups Go on a Recruiting Drive Law enforcement action hasn't eradicated ransomware groups, but it has shaken up the cyber underground and sown distrust among thieves. Russian Intelligence Targets Victims Worldwide in Rapid-Fire Cyberattacks Russia's government is pretending to be other governments in emails, with an eye toward stealing strategic intel. AI Won't Solve Cybersecurity's Retention Problem To fix retention and skills gaps, we need to encourage more women and minorities to build careers in cybersecurity. 'Fluffy Wolf' Spreads Meta Stealer in Corporate Phishing Campaign Unsophisticated threat actor is targeting Russian companies with both readily available malware and authentic software. MORE

PRODUCTS & RELEASES

Deloitte Launches CyberSphere Platform to Simplify Cyber Operations for Clients

Pathlock Introduces Continuous Controls Monitoring to Reduce Time and Costs

Akamai Research Finds 29% of Web Attacks Target APIs

Kaspersky Identifies Three New Android Malware Threats

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Federal Warning Highlights Cyber Vulnerability of US Water Systems

The White House urged operators of water and wastewater systems to review and beef up their security controls against attacks by Iran- and China-based groups.

LATEST FROM THE EDGE

How Can We Reduce Threats From the Initial Access Brokers Market?

The ready-made access IABs offer has become an integral part of the ransomware ecosystem. Here's how to stop them before they can profit from your assets.

LATEST FROM DR TECHNOLOGY

Strata Identity Releases New Authentication Recipes

The Microsoft Identity Cookbook is a collection of orchestration recipes to help organizations adopt cloud-based identity providers.

LATEST FROM DR GLOBAL

United Arab Emirates Faces Intensified Cyber-Risk

The UAE leads the Middle East in digital-transformation efforts, but slow patching and legacy technology continue to thwart its security posture.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>