Makers of vulnerable apps that are exploited in wide-scale supply chain attacks need to improve software security or face steep fines and settlement fees.
Follow Dark Reading:
 August 23, 2023
LATEST SECURITY NEWS & COMMENTARY
Software Makers May Face Greater Liability in Wake of MOVEit Lawsuit
Makers of vulnerable apps that are exploited in wide-scale supply chain attacks need to improve software security or face steep fines and settlement fees.
More Than Half of Browser Extensions Pose Security Risks
Spin.AI's risk assessment of some 300,000 browser extensions found 51% had overly permissive access and could execute potentially malicious behaviors.
Newer, Better XLoader Signals a Dangerous Shift in macOS Malware
Malware aimed at macOS is no longer just a knockoff of a Windows bug, as a new infostealer proliferating on Mac laptops demonstrates.
Adobe Patches Critical Deserialization Vulnerability, but Exploits Persist
The vulnerability was being exploited in the wild, targeting two versions of Adobe ColdFusion.
When Leadership Style Is a Security Risk
Risk-aware leaders can be a cybersecurity advantage. Their flexible leadership style and emphasis on security first help set the tone and demonstrate a commitment to avoiding risk.
Controversial Cybercrime Law Passes in Jordan
The increase in cyberattacks against the Middle East in the last few years has pressured Jordan and other nations to better secure their infrastructures.
The Physical Impact of Cyberattacks on Cities
Understanding potential threats and regularly updating response plans are the best lines of defense in the new world of cyberattacks.
(Sponsored Article) How to Prepare for ChatGPT's Risk Management Challenges
ChatGPT promises to transform all sorts of corporate business functions, but your business needs to be prepared to address the new risks that come with it.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Chinese APT Targets Hong Kong in Supply Chain Attack
Dubbed Carderbee, the group used legitimate software and Microsoft-signed malware to spread the Korplug/PlugX backdoor to various Asian targets.

Fed Warning: US Space Industry Subject to Foreign Spying, Disruptions
The space industry must improve security as foreign intelligence entities seek to steal trade secrets and disrupt space-based infrastructure, US agencies caution.

Unveiling the Hidden Risks of Routing Protocols
Neglecting security of Border Gateway Protocol (BGP) and other routing protocols has created multiple vulnerabilities that must be addressed.

Generative AI Is Scraping Your Data. So, Now What?
AI innovation is moving faster than our laws and regulations, making it hard to decide whether Web or content scraping activity is good or bad, and what (if anything) you should do about it.

MORE
EDITORS' CHOICE
Ivanti Issues Fix for Critical Vuln in Its Sentry Gateway Technology
Security vendor will not say if attackers are already actively exploiting the flaw, as some reports have claimed.
LATEST FROM THE EDGE

'Cuba' Ransomware Group Uses Every Trick in the Book
How a Russian cybercrime group using Cuban Revolution references and iconography has emerged as one of the most profitable ransomware operations.
LATEST FROM DR TECHNOLOGY

PKI Maturity Model Aims to Improve Crypto Infrastructure
Joining a growing group of cybersecurity-related "maturity models," PKIMM allows companies to measure their progress and benchmark themselves against other firms.
LATEST FROM DR GLOBAL

Energy One Investigates Cyberattack
Energy One is trying to determine the initial point of entry and whether personal information has been compromised.
WEBINARS
  • Passwords Are Passe: Next Gen Authentication for Today's Threats

    Cyber experts agree: end-user authentication needs more than the simple password. But what are the right tools and strategies for authentication in your organization? What does the world of passwordless look like for your organization? In this webinar, experts offer ...

  • Managing Security In a Hybrid Cloud Environment

    Many enterprises have embraced hybrid- and multi-clouds. They spread their workloads across private data centers and public cloud, or across multiple cloud providers. How do you manage security when the tools are all different? How do you enforce security controls ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Grip Security Raising $41M Series B Led by Third Point Ventures
Forescout Joins MISA and Announces Integration With Microsoft Sentinel
Absolute Dental Services Notifies Patients of Data Security Incident
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Secrets of Successful SecOps Data Analytics
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us