The legal actions may have a chilling effect on hiring CISOs, who are already in short supply, but may also expose just how budget-constrained most security executives are.
Follow Dark Reading:
 November 02, 2023
LATEST SECURITY NEWS & COMMENTARY
SEC Charges Against SolarWinds CISO Send Shockwaves Through Security Ranks
The legal actions may have a chilling effect on hiring CISOs, who are already in short supply, but may also expose just how budget-constrained most security executives are.
Biden's Artificial Intelligence Executive Order Covers Broad Concerns
The executive order is ambitious and seeks to protect a variety of different groups that are most at risk from the irresponsible use of AI.
Boeing Confirms Cyberattack, System Compromise
The aerospace giant said it's alerting customers that its parts and distribution systems have been impacted by cyberattack.
Boeing Breached by Ransomware, LockBit Gang Claims
LockBit gives Boeing a Nov. 2 deadline to pay the ransom or have its sensitive documents leaked to the public, but it hasn't given evidence of the compromise.
Safari Side-Channel Attack Enables Browser Theft
The "iLeakage" attack affects all recent iPhone, iPad, and MacBook models, allowing attackers to peruse your Gmail inbox, steal your Instagram password, or scrutinize your YouTube history.
'Prolific Puma' Hacker Gives Cybercriminals Access to .us Domains
Cybercriminals are upping their phishing with shortened links and showing that coveted, regulated top-level domains aren't as exclusive as you'd think.
Microsoft: 0ktapus Cyberattackers Evolve to 'Most Dangerous' Status
The English-speaking cyberattack group behind the MGM and Caesars Entertainment attacks is adding unique capabilities and gaining in sophistication. Prepare now, Microsoft says.
Octo Tempest Group Threatens Physical Violence as Social Engineering Tactic
The financially motivated English-speaking threat actors use advanced social engineering techniques, SIM swapping, and even threats of violence to breach targets.
Google Dynamic Search Ads Abused to Unleash Malware 'Deluge'
An advanced feature of Google targeted ads can allow a rarely precedented flood of malware infections, rendering machines completely useless.
20 Years Later, Is Patch Tuesday Enough?
Microsoft's longstanding practice isn't enough to handle its vulnerability problem.
What Would a Government Shutdown Mean for Cybersecurity?
Companies are advised to act now to protect networks while federal employee paychecks are still forthcoming. Public agencies are updating contingency plans before the November extension ends, while cyber stalkers get an extra month to plan, too.
What the Boardroom Is Missing: CISOs
From communicating why security should be a priority to advocating for accountability and greater focus on protecting data in the cloud, CISOs can make the case for keeping people and sensitive data secure.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Survey: AppSec Maturity Hindered by Staffing, Budgets, Vulnerabilities
Report highlights the challenges impeding the applications industry from achieving AppSec maturity.

What Lurks in the Dark: Taking Aim at Shadow AI
Generative artificial intelligence tools have unleashed a new era of terror to CISOs still battling longstanding shadow IT security risks.

3 Ways to Close the Cybersecurity Skills Gap — Now
The future of the cybersecurity workforce will rely less on long-led legacy education models and more on skills-now training.

It's Cheap to Exploit Software — and That's a Major Security Problem
The solution? Follow in the footsteps of companies that have raised the cost of exploitation.

MORE
EDITORS' CHOICE
Iran APT Targets the Mediterranean With Watering-Hole Attacks
Nation-state hackers are using hybrids to ensnare those in the maritime, shipping, and logistics industries.
LATEST FROM THE EDGE

A Ukrainian Company Shares Lessons in Wartime Resilience
The CTO of MacPaw provides a case study in planning for cybersecurity and uptime in the face of armed conflict.
LATEST FROM DR TECHNOLOGY

New Index Finds AI Models Are Murky, Not Transparent At All
Despite the growing demand for AI transparency, 10 of the better-known models did not score very highly on Stanford's new Foundation Model Transparency Index.
LATEST FROM DR GLOBAL

UAE Cyber Council Warns of Google Chrome Vulnerability
The country has issued a recommendation to update after a high-risk vulnerability was disclosed last week in the browser.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Proofpoint Signs Definitive Agreement to Acquire Tessian
Healey-Driscoll Awards $2.3M to CyberTrust Massachusetts to Strengthen Municipal Cybersecurity Efforts
Cranium Announces $25 Million in Series A Funding to Secure AI
Lumen Q3 DDoS Report: Banking Was the Most Targeted Industry for the First Time
ReasonLabs Unveils RAV VPN for Apple iOS
70% of Crypto Companies Report Deepfake Fraud Rise
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Key DevSecOps Principles for Enterprise Mobile App Development
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us