Joe Sullivan's lawyers have claimed his conviction on two felony charges is based on tenuous theories and criminalizes the use of bug bounty programs.
Follow Dark Reading:
 October 13, 2023
LATEST SECURITY NEWS & COMMENTARY
Uber's Ex-CISO Appeals Conviction Over 2016 Data Breach
Joe Sullivan's lawyers have claimed his conviction on two felony charges is based on tenuous theories and criminalizes the use of bug bounty programs.
DarkGate Operator Uses Skype, Teams Messages to Distribute Malware
A plurality of the targets in the ongoing campaign have been based in the Americas.
Brands Beware: X's New Badge System Is a Ripe Cyber-Target
Scammers have targeted the vaunted blue check marks on the platform formerly known as Twitter, smearing individuals and brands alike.
Backdoor Lurks Behind WordPress Caching Plug-in to Hijack Websites
Evasive malware disguised as a caching plug-in allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy.
Protect Critical Infrastructure With Same Rigor as Classified Networks
Government security processes are often viewed as tedious and burdensome — but applying the lessons learned from them is imperative for private industry to counter a nation-state threat.
The Cyberwar Between the East and the West Goes Through Africa
By working cooperatively, the West and Africa can mobilize to tackle nation-state-backed cyber threats.
Microsoft Set to Retire Grunge-Era VBScript, to Cybercrime's Chagrin
Popular malware like QakBot and DarkGate rely on VBScript, which dates back to 1996 — but their days are numbered now that Microsoft is finally deprecating the Windows programming. language.
Simpson Manufacturing Launches Investigation After Cyberattack
The company has taken down its systems in an effort to determine the scope of the attack.
(Sponsored Article) How to Interpret the 2023 MITRE ATT&CK Evaluation Results
Unpack MITRE's methodology, understand the results, and learn top takeaways from Cynet's evaluation of MITRE's annual security vendor tests.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Chinese 'Stayin' Alive' Attacks Dance Onto Targets With Dumb Malware
A sophisticated APT known as "ToddyCat," sponsored by Beijing, is cleverly using unsophisticated malware to keep defenders off their trail.

Microsoft: Chinese APT Behind Atlassian Confluence Attacks; PoCs Appear
Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims.

Addressing a Breach Starts With Getting Everyone on the Same Page
The best incident-response plans cover contingencies and are fine-tuned in stress tests to ensure collaboration, remediation, and recovery efforts align.

Reassessing the Impacts of Risk Management With NIST Framework 2.0
The latest NIST Cybersecurity Framework draft highlights four major themes that organizations should pay attention to for managing risk.



MORE
EDITORS' CHOICE
Curl Bug Hype Fizzles After Patching Reveal
Touted for days as potentially catastrophic, the curl flaws only impact a narrow set of deployments.
LATEST FROM THE EDGE

Insurance Companies Have a Lot to Lose in Cyberattacks
Not only do insurance companies collate sensitive information from their clients, but they also generate their own corporate data to protect.
LATEST FROM DR TECHNOLOGY

Making the Case for Cryptographic Agility and Orchestration
Finding the right post-quantum cryptographic (PQC) algorithms is necessary, but not sufficient, to future-proof cybersecurity.
LATEST FROM DR GLOBAL

Pan-African Financial Apps Leak Encryption, Authentication Keys
Cryptocurrency apps were the most high risk for exposing sensitive information, a reverse-engineering study shows.
WEBINARS
  • Building an Effective Active Directory Security Strategy

    For many organizations, Microsoft's Active Directory is the source of truth for user identity and system access. For criminals, Active Directory is a gold mine of information for moving laterally through the corporate infrastructure. Despite its importance, many security teams ...

  • Using AI in Application Security Tooling

    As AI continues to improve, security vendors are considering how they can use AI to protect applications. In web application and API security tooling used to protect production environments, AI/ML can be used to enhance and complement existing tactics ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
BlackBerry Unveils Next-Generation UEM Redefining the Endpoint Management Market
New Malwarebytes Survey: Consumers Lack Trust in New Tech
ForAllSecure Announces Dynamic Software Bill of Materials for Application Security
Okta Launches Cybersecurity Workforce Development Initiative to Help Close the Tech and Cybersecurity Skills Gap
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How to Deploy Zero Trust for Remote Workforce Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us