Follow Dark Reading:
 April 23, 2021
LATEST SECURITY NEWS & COMMENTARY
Supernova Malware Actors Masqueraded as Remote Workers to Access Breached Network
China-based Spiral group is believed to be behind year-long attack, which exploited a flaw in SolarWinds Orion technology to drop a Web shell.
University Suspends Project After Researchers Submitted Vulnerable Linux Patches
A Linux maintainer pledges to stop taking code submissions from the University of Minnesota after a research team purposely submitted vulnerabilities to show software supply chain weaknesses.
Nearly Half of All Malware Is Concealed in TLS-Encrypted Communications
Forty-six percent of all malware uses the cryptographic protocol to evade detection, communicate with attacker-controlled servers, and to exfiltrate data, new study shows.
Looking for Greater Security Culture? Ask an 8-Bit Plumber
After 40 years of navigating catastrophes, video game character Mario can help us with a more intelligent approach to DevOps and improving security culture.
Improving the Vulnerability Reporting Process With 5 Steps
Follow these tips for an effective and positive experience for both the maintainer and external vulnerability reporter.
Name That Toon: Greetings, Earthlings
Caption time! Come up with something out of this world for Dark Reading's latest contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
Prometei Botnet Adds New Twist to Exchange Server Attacks
Attackers are using the well-known Microsoft Exchange Server flaw to add machines to a cryptocurrency botnet, researchers say.
New CISA Advisories Warn of ICS Vulnerabilities
The vulnerabilities exist in Cscape control system application programming software and the Mitsubishi Electric GOT.
MORE NEWS & COMMENTARY
HOT TOPICS
Attackers Heavily Targeting VPN Vulnerabilities
Threat actors like attacking the technology because they provide a convenient entry point to enterprise networks.

Nation-State Attacks Force a New Paradigm: Patching as Incident Response
IT no longer has the luxury of thoroughly testing critical vulnerability patches before rolling them out.

7 Old IT Things Every New InfoSec Pro Should Know
Beneath all those containers and IoT devices, there's a rich patchwork of gear, protocols, and guidelines that have been holding it together since before you were born. Knowledge of those fundamentals is growing more valuable, not less.

MORE
EDITORS' CHOICE

10 Free Security Tools at Black Hat Asia 2021
Researchers are set to demonstrate a plethora of tools for conducting pen tests, vulnerability assessments, data forensics, and a wide range of other use cases.
Pulse Secure VPN Flaws Exploited to Target US Defense Sector
China-linked attackers have used vulnerabilities in the Pulse Secure VPN appliance to attack US Defense Industrial Base networks.
LATEST FROM THE EDGE

The CISO Life Is Half as Good
Lora Vaughn was at a crossroads -- and that was before mandated pandemic lockdowns came into play. Here's her story of how life got sweeter after she stepped away from the CISO job.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Making XDR Work in Your Enterprise - Dark Reading

    In this Dark Reading webinar, experts discuss the real-life implementation issues surrounding emerging detection and response technologies. You'll learn how these emerging technologies can be integrated with your existing cybersecurity tools, and how XDR technology might affect your cybersecurity operations ...

  • Keys to Better Cyber Risk Assessment

    At this Dark Reading webinar, learn about the costs associated with today's threats and data breaches, how to measure current threats, and how to quantify the risks to your organization, so that you can implement the tools and processes to ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

2021 Top Enterprise IT Trends
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Netacea Releases "Buying Bad Bots Wholesale: The Genesis Market" Report
Mimecast Report: 61% of Organizations Were Infected with Ransomware in 2020
Trend Micro Revamps Partner Program
TeamViewer Survey: Businesses Prepare for Post-Pandemic 'Hybrid' Workforce with New Policies, Tech Infrastructure
Deep Instinct Receives $100 Million in Series D Funding
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |   Informa Tech  |  Privacy Statement  |   Terms & Conditions  |  Contact Us