Dark Reading - Compliance

Compliance

• Can Zero-Knowledge Crypto Solve Our Password Problems?
• A WAF Is Not a Free Lunch: Teaching the Shift-Left Security Mindset
• Ransomware Volume Nearly Doubles 2021 Totals in a Single Quarter
• How to Find New Attack Primitives in Microsoft Azure
• New Vulnerability Database Catalogs Cloud Security Issues
• NIST Finalizes macOS Security Guidance
• Federal, State Agencies' Aid Programs Face Synthetic Identity Fraud
• LockBit 3.0 Debuts With Ransomware Bug Bounty Program
• Shadow IT Spurs 1 in 3 Cyberattacks
• Thrive Acquires DSM
• It's a Race to Secure the Software Supply Chain — Have You Already Stumbled?
• Threat Intelligence Services Are Universally Valued by IT Staff
• Why We're Getting Vulnerability Management Wrong
• APT Groups Swarming on VMware Servers with Log4Shell
• Only 3% of Open Source Software Bugs Are Actually Attackable, Researchers Say
• 7 Steps to Stronger SaaS Security
• The Cybersecurity Talent Shortage Is a Myth
• Without Conti on the Scene, LockBit 2.0 Leads Ransomware Attacks
• Chinese APT Group Likely Using Ransomware Attacks as Cover for IP Theft
• Johnson Controls Acquires Tempered Networks to Bring Zero Trust Cybersecurity to Connected Buildings
• ShiftLeft: Focus On 'Attackability' To Better Prioritize Vulnerabilities
• Pair of Brand-New Cybersecurity Bills Become Law
• The Rise, Fall, and Rebirth of the Presumption of Compromise
• Reinventing How Farming Equipment Is Remotely Controlled and Tracked
• Cyberattackers Abuse QuickBooks Cloud Service in 'Double-Spear' Campaign
• Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS
• How APTs Are Achieving Persistence Through IoT, OT, and Network Devices
• 80% of Legacy MSSP Users Planning MDR Upgrade
• MetaMask Crypto-Wallet Theft Skates Past Microsoft 365 Security
• Organizations Battling Phishing Malware, Viruses the Most
• Microsoft 365 Users in US Face Raging Spate of Attacks
• Synopsys Completes Acquisition of WhiteHat Security
• Aqua Security Collaborates With Center for Internet Security to Create Guide for Software Supply Chain Security
• Neustar Security Services Launches Public UltraDNS Health Check Site
• Russia's APT28 Launches Nuke-Themed Follina Exploit Campaign
• Fresh Magecart Skimmer Attack Infrastructure Flagged by Analysts
• Getting a Better Handle on Identity Management in the Cloud
• Tanium Partners With ScreenMeet to Enable Employees to Securely Connect to Their Remote Desktops
• Zscaler and AWS Expand Relationship
• Zscaler Launches Posture Control Solution
• Zscaler Adds New AI/ML Capabilities for the Zscaler Zero Trust Exchange
• Evolving Beyond the Password: Vanquishing the Password
• The Risk of Multichannel Phishing Is on the Horizon
• GitHub's MFA Plans Should Spur Rest of Industry to Raise the Bar
• 80% of Firms Suffered Identity-Related Breaches in Last 12 Months
• Risk Disconnect in the Cloud
• Linux Foundation Announces Open Programmable Infrastructure Project to Drive Open Standards for New Class of Cloud Native Infrastructure
• 7 Ways to Avoid Worst-Case Cyber Scenarios
• VPNs Persist Despite Zero-Trust Fervor
• China-Linked ToddyCat APT Pioneers Novel Spyware
• RIG Exploit Kit Replaces Raccoon Stealer Trojan With Dridex
• Gartner: Regulation, Human Costs Will Create Stormy Cybersecurity Weather Ahead
• Why Financial Institutions Must Double Down on Open Source Investments
• Evolving Beyond the Password: It's Time to Up the Ante
• BRATA Android Malware Evolves Into an APT
• Reducing Risk With Zero Trust
• 56 Vulnerabilities Discovered in OT Products From 10 Different Vendors
• AI Is Not a Security Silver Bullet
• Open Source Software Security Begins to Mature
• Capital One Attacker Exploited Misconfigured AWS Databases
• Feds Take Down Russian 'RSOCKS' Botnet
• Name That Toon: Cuter Than a June Bug
• DDoS Attacks Delay Putin Speech at Russian Economic Forum
• Credential Sharing as a Service: The Hidden Risk of Low-Code/No-Code
• Security Lessons From Protecting Live Events
• The Cybersecurity Diversity Gap: Advice for Organizations Looking to Thrive
• Ransomware and Phishing Remain IT's Biggest Concerns
• WordPress Plug-in Ninja Forms Issues Update for Critical Bug
• DeadBolt Ransomware Actively Targets QNAP NAS Devices — Again
• Atlassian Confluence Server Bug Under Active Attack to Distribute Ransomware
• Can We Make a Global Agreement to Halt Attacks on Our Energy Infrastructure?
• Tackling 5 Challenges Facing Critical National Infrastructure Today
• Internet Explorer Now Retired but Still an Attacker Target
• BlastWave Announces Enhancements to Its Zero-Trust Security Software Solution, BlastShield
• Microsoft 365 Function Leaves SharePoint, OneDrive Files Open to Ransomware Attacks
• What We Mean When We Talk About Cyber Insurance
• Android Spyware 'Hermit' Discovered in Targeted Attacks
• Unlocking the Cybersecurity Benefits of Digital Twins
• EU & US Unite to Fight Ransomware
• RSAC Startup Competition Focuses on Post-Cloud IT Infrastructure
• CISOs Gain False Confidence in the Calm After the Storm of the Pandemic
• Are You Hiring Enough Entry-Level Security Pros?
• How Should I Think About Security When Considering Digital Transformation Projects?
• Cisco’s Ash Devata on the Future of Secure Access
• 7 Ways to Bring AI to Cybersecurity
• 'Hertzbleed' Side-Channel Attack Threatens Cryptographic Keys for Servers
• Veterans Explain How Military Service Prepared Them for Cybersecurity Careers
• Critical Citrix Bugs Impact All ADM Servers, Agents
• Two Platforms to Rule Them All: CNAPP and SASE
• Thousands Arrested in Global Raids on Social-Engineering Scammers
• How Information Security Teams Can Help Reduce Stress and Burnout
• Cybercriminals Capitalizing on Resurgence in Travel
• Wormable Panchan Peer-to-Peer Botnet Harvests Linux Server Keys
• Why We Need Security Knowledge and Not Just Threat Intel
• 24+ Billion Credentials Circulating on the Dark Web in 2022 — So Far
• In Case You Missed RSA Conference 2022: A News Digest
• Microsoft Patches 'Follina' Zero-Day Flaw in Monthly Security Update
• DDoS Subscription Service Operator Gets 2 Years in Prison
• Quantifying the SaaS Supply Chain and Its Risks
• Incognia Introduces Location-Based Liveness Spoofing Detection Solution