Dark Reading Daily -- August 15, 2022

Follow Dark Reading:

August 15, 2022

LATEST SECURITY NEWS & COMMENTARY

Patch Madness: Vendor Bug Advisories Are Broken, So Broken

Dustin Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many orgs.

Novel Ransomware Comes to the Sophisticated SOVA Android Banking Trojan

Unusually, SOVA, which targets US users, now allows lateral movement for deeper data access. Version 5 adds an encryption capability.

Software Supply Chain Chalks Up a Security Win With New Crypto Effort

GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort to shore up supply chain security.

How to Clear Security Obstacles and Achieve Cloud Nirvana

Back-end complexity of cloud computing means there's plenty of potential for security problems. Here's how to get a better handle on SaaS application security.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Microsoft: We Don't Want to Zero-Day Our Customers The head of Microsoft's Security Response Center defends keeping its initial vulnerability disclosures sparse — it is, she says, to protect customers. Looking Back at 25 Years of Black Hat The Black Hat USA conference's silver jubilee is an opportunity to remember its defining moments, the impact it has made on the security community, and its legacy. Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks Machine-learning algorithms alone may miss signs of a successful attack on your organization. MORE

EDITORS' CHOICE

Cisco Confirms Data Breach, Hacked Files Leaked

Ransomware gang gained access to the company's VPN in May by convincing an employee to accept a multifactor authentication (MFA) push notification.

LATEST FROM THE EDGE

Cybercriminals Weaponizing Ransomware Data for BEC Attacks

Attacked once, victimized multiple times: Data marketplaces are making it easier for threat actors to find and use data exfiltrated during ransomware attacks in follow-up attacks.

LATEST FROM DR TECHNOLOGY

Can Zero-Knowledge Cryptography Solve Our Password Problems?

Creating temporary keys that are not stored in central repositories and time out automatically could improve security for even small businesses.

WEBINARS

Malicious Bots: What Enterprises Need to Know
Bots are launching more complex and targeted attacks such as price scraping, credential stuffing, scalping, and credit card fraud, but many security defenders are still focused on only the most obvious attacks. Automated bot attacks are on the rise, but ...
Assessing Cyber Risk
Top executives often ask, "how safe are we from a cyber breach?" But it can be difficult to quantitatively measure cyber risk, and even harder to assess your organization's attack surface. In this webinar, you'll learn how to evaluate your ...

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

Incorporating a Prevention Mindset into Threat Detection and Response
State of the Cloud: A Security Perspective
Cloud computing has evolved over the years from a nice-to-have item on the IT wish list to a core technology driving business initiatives. But despite widespread adoption, cloud-based IT systems continue to be saddled with issues related to data security, ...
Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal
With attacks and breaches on the rise, enterprise security teams need full visibility over what they have in their network. DNS is a key tool for visibility and asset discovery. Proactive DNS-layer security - such as using DNS data to ...

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape

Cybrary Unveils Next-Generation Interactive, Hands-On Training Experience to Upskill Cybersecurity Professionals

US Oil and Gas Sector at Risk of a Cyberbreach, According to BreachBits Study

MORE PRODUCTS & RELEASES

CURRENT ISSUE

Living on the Edge: Building and Maintaining Security at the Network Edge
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Living on the Edge: Building and Maintaining Security at the Network Edge