Dark Reading Daily -- July 18, 2022

Follow Dark Reading:

July 18, 2022

LATEST SECURITY NEWS & COMMENTARY

Sandworm APT Trolls Researchers on Its Trail as It Targets Ukraine

Researchers who helped thwart the Russian nation-state group's recent attack on Ukraine's power supply will disclose at Black Hat USA what they found while reverse-engineering the powerful Industroyer2 malware used by the powerful hacking team.

How Attackers Could Dupe Developers into Downloading Malicious Code From GitHub

Developers need to be cautious about whom they trust on GitHub because it's easy to establish fake credibility on the platform, security vendor warns.

How Hackers Create Fake Personas for Social Engineering

And some ways to up your game for identifying fabricated online profiles of people who don't exist.

Netwrix Auditor Bug Could Lead to Active Directory Domain Compromise

IT asset tracker and auditor software has a critical issue with insecure object deserialization that could allow threat actors to execute code, researchers say.

Ex-CIA Programmer Found Guilty of Stealing Vault 7 Data, Giving It to Wikileaks

Joshua Schulte has been convicted for his role in the Vault 7 Wikileaks data dump that exposed invasive US cyber intelligence tactics.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Researchers Devise New Speculative Execution Attacks Against Some Intel, AMD CPUs "Retbleed" bypasses a commonly used mechanism for protecting against a certain kind of side-channel attack. DHS Review Board Deems Log4j an 'Endemic' Cyber Threat Vulnerability will remain a "significant" threat for years to come and highlighted the need for more public and private sector support for open source software ecosystem, Cyber Safety Review Board says. 3 Golden Rules of Modern Third-Party Risk Management It's time to expand the approach of TPRM solutions so risk management is more effective in the digital world. MORE

EDITORS' CHOICE

Is Cryptocurrency's Crash Causing Headaches for Ransomware Gangs?

Bitcoin is down more than 70% from its highs late last year, causing disruptions for cybercriminals and the underground exchanges that fuel the dark markets.

LATEST FROM THE EDGE

Internet Searches Reveal Surprisingly Prevalent Ransomware

Two mostly defunct threats — WannaCry and NonPetya — top the list of ransomware searches, but does that mean they are still causing problems?

LATEST FROM DR TECHNOLOGY

The Next Generation of Threat Detection Will Require Both Human and Machine Expertise

To be truly effective, threat detection and response need to combine the strengths of people and technology.

WEBINARS

Building and Maintaining an Effective Remote Access Strategy
The COVID-19 pandemic transformed enterprises into remote workplaces overnight, forcing IT organizations to revamp their computing and networking strategies on the fly. Some of the changes were intended to be temporary, and some rules were adopted without thinking through all ...
Building and Maintaining Security at the Network Edge
Advances in networking and new technologies have expanded the possibilities of deploying applications at the network edge. These edge devices bring with them their own security management challenges and risks. How do you scale your security to manage the sheer ...

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

Incorporating a Prevention Mindset into Threat Detection and Response
Practical Network Security Approaches for a Multicloud, Hybrid IT World
The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network
How Enterprises Are Securing the Application Environment
Download this report from Dark Reading to learn more about the measures enterprises have adopted to ensure the security of their internally developed applications and third-party packaged applications.

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Bishop Fox Secures $75 Million in Growth Funding From Carrick Capital Partners

Scribe Security Releases Code Integrity Validator Alongside Github Security Open Source Project

AEI HorizonX Ventures Joins Shift5 Series B Funding Round

Report: Financial Institutions Overly Complacent About Current Authentication Methods

MORE PRODUCTS & RELEASES

CURRENT ISSUE

Implementing Zero Trust In Your Enterprise: How to Get Started
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Implementing Zero Trust In Your Enterprise: How to Get Started