Follow Dark Reading:
 December 16, 2021
LATEST SECURITY NEWS & COMMENTARY
Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft
Organizations should upgrade ASAP to new version of logging framework released Tuesday by the Apache Foundation, security experts say.
Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors
Amid the increase in Log4J attack activity, at least one Iranian state-backed threat group is preparing to target the vulnerability, experts say.
40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j
More than 60 variants of the original exploit were introduced over the last day alone.
What to Do While Waiting for the Log4J Updates
This Tech Tip outlines how enterprise defenders can mitigate the risks of the Log4j vulnerabilities for the short-term while waiting for updates.
Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool
A remote code execution vulnerability in Log4j presents a bigger threat to organizations than even the infamous 2017 Apache Struts vulnerability that felled Equifax, they say.
Microsoft Patches Zero-Day Spreading Emotet Malware
The December rollout includes 67 security patches and addresses one zero-day and five more publicly known vulnerabilities.
Emotet Is Back and More Dangerous Than Before
Volume of traffic associated with the malware is now back at 50% of the volume before law enforcement took the botnet operation down in January 2021, security vendor says.
Lack of Patching Leaves 300,000 Routers at Risk for Attack
A significant percentage of the 2 million consumer and small-business routers produced by a Latvian firm are vulnerable and being used by attackers, a security firm says.
Kronos Suffers Ransomware Attack, Expects Full Restoration to Take 'Weeks'
Customers advised to adopt alternative internal processes to support the affected human resources services.
Name That Toon: Modern-Day Frosty
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
Why Cloud Storage Isn't Immune to Ransomware
Cloud security is a shared responsibility. which sometimes leads to security gaps and complexity in risk management.
Why the Private Sector Is Key to Stopping Russian Hacking Group APT29
Left unchecked, these attacks could have devastating effects on government and military secrets and jeopardize the software supply chain and the global economy.
Privacy and Safety Issues With Facebook's New 'Metaventure'
With access to a user's 3D model and full-body digital tracking, attackers can recreate the perfect replica of a C-level executive to trick employees.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Combat Misinformation by Getting Back to Security Basics
One volley of fake news may land, but properly trained AI can shut down similar attempts at their sources.

10 Stocking Stuffers for Security Geeks
Check out our list of gifts with a big impact for hackers and other techie security professionals.

MORE
EDITORS' CHOICE

Dark Reading Reflects on a Legacy and Life Well-Written: Tim Wilson
The Dark Reading editorial team, along with contributing writers and editors, share their favorite stories and memories of co-founder and editor-in-chief Tim Wilson, an influential editor and well-respected thought leader in the cybersecurity industry.
LATEST FROM DR TECHNOLOGY

How Do I Find My Servers With the Log4j Vulnerability?
This Tech Tip outlines how enterprises can use Canarytokens to find servers in their organization vulnerable to CVE-2021-44228.
LATEST FROM THE EDGE

Why Red Teaming While Black Can Be Risky
Penetration audits can be dangerous for people of color. Here is how to keep Black and brown cybersecurity professionals safe during red team engagements.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Beyond Spam and Phishing: Emerging Email-based Threats

    Even as enterprises adopt real-time messaging tools and platforms, email remains the hub of enterprise communications. Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks. In this webinar, ...

  • Cloud Security Strategies for Today's Enterprises

    The typical enterprise relies on dozens, even hundreds, of cloud applications and services sprawled across different platforms and service providers. Security teams need to shoulder the responsibility of coordinating security and incident response and not leave it up to individual ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

How Data Breaches Affect the Enterprise
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Cybereason Announces Availability of AI-Driven Cybereason XDR and EDR on Google Cloud Marketplace
Kroll Acquires Security Compass Advisory
Kryptowire Collaborates With Orange and Finds Vulnerabilities in Mobile Devices
Tufin Introduces Security Policy Builder (SPB) App to Marketplace
Ground Labs Research Reveals 71% of American Consumers are Unaware of Data Protection Laws
Darktrace Reports Information Technology and Communications Sector Most Targeted by Cyberattackers in 2021
Broadcom Inc. Announces $10 Billion Share Repurchase Authorization
Kaspersky Opens Doors to New Transparency Center in North America
LastPass Announces New Integration with Google Workspace
The Executive Women's Forum on Information Security, Risk Management & Privacy Presents the Leadership Scholarship
MORE PRODUCTS & RELEASES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2021  |   Informa Tech  |  Privacy Statement  |   Terms & Conditions  |  Contact Us