Follow Dark Reading:
 December 16, 2021
LATEST SECURITY NEWS & COMMENTARY
Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft
Organizations should upgrade ASAP to new version of logging framework released Tuesday by the Apache Foundation, security experts say.
Companies Must Assess Threats to AI & ML Systems in 2022: Microsoft
Most companies lack the proper tools to assess their vulnerability to threats facing their AI systems and ML pipelines, prompting Microsoft to release a risk assessment framework.
Meta Expands Bug-Bounty Program to Include Data Scraping
Scraping bugs and scraped databases are two new areas of research for the company's bug-bounty and data-bounty programs.
Privacy and Safety Issues With Facebook's New 'Metaventure'
With access to a user's 3D model and full-body digital tracking, attackers can recreate the perfect replica of a C-level executive to trick employees.
Why Cloud Storage Isn't Immune to Ransomware
Cloud security is a shared responsibility. which sometimes leads to security gaps and complexity in risk management.
Dept. of Homeland Security Launches 'Hack DHS' Program
A new bug bounty program aims to find potential security flaws within certain DHS systems and strengthen the department's security posture.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Microsoft Patches Zero-Day Spreading Emotet Malware
The December rollout includes 67 security patches and addresses one zero-day and five more publicly known vulnerabilities.

Newly Found Authentication Flaws Highlight Dangers of Coding From Scratch
Two vulnerabilities in a call-center software suite could allow an attacker to take over the application server, researchers found.

Name That Toon: Modern-Day Frosty
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

MORE
MORE ON LOG4J

Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors
Amid the increase in Log4J attack activity, at least one Iranian state-backed threat group is preparing to target the vulnerability, experts say.
40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j
More than 60 variants of the original exploit were introduced over the last day alone.
LATEST FROM DR TECHOLOGY

How Do I Find My Servers With the Log4j Vulnerability?
This Tech Tip outlines how enterprises can use Canarytokens to find servers in their organization vulnerable to CVE-2021-44228.
LATEST FROM THE EDGE

What Are the Pros and Cons of a SASE Architecture?
SASE is a promising and burgeoning networking architecture approach, but it's not without some challenges.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Beyond Spam and Phishing: Emerging Email-based Threats

    Even as enterprises adopt real-time messaging tools and platforms, email remains the hub of enterprise communications. Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks. In this webinar, ...

  • Cloud Security Strategies for Today's Enterprises

    The typical enterprise relies on dozens, even hundreds, of cloud applications and services sprawled across different platforms and service providers. Security teams need to shoulder the responsibility of coordinating security and incident response and not leave it up to individual ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

How Data Breaches Affect the Enterprise
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Cybereason Announces Availability of AI-Driven Cybereason XDR and EDR on Google Cloud Marketplace
Kroll Acquires Security Compass Advisory
Kryptowire Collaborates With Orange and Finds Vulnerabilities in Mobile Devices
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |   Informa Tech  |  Privacy Statement  |   Terms & Conditions  |  Contact Us