Dark Reading

Lacework Integrates Kubernetes Features to Enhance Security Across Multi-Cloud Environments

05/18/2022
Polygraph Data Platform adds Kubernetes audit log monitoring, integration with Kubernetes admission controller, and Infrastructure as Code (IaC) security to help seamlessly integrate security into developer workflows.

CISA: Unpatched F5 BIG-IP Devices Under Active Attack

05/18/2022
Publicly released proof-of-concept exploits are supercharging attacks against unpatched systems, CISA warns.

The Industry Must Better Secure Open Source Code From Threat Actors

05/18/2022
Build security in up front to secure open source code at the foundational level. Apply security controls, have engineering teams test, do code review, and use attacker-centric behavioral analytics to mitigate threats.

Microsoft Flags Attack Targeting SQL Servers With Novel Approach

05/18/2022
Attackers appear to have found a way around PowerShell monitoring by using a default utility instead.

2022: The Year Zero Trust Becomes Mainstream

05/18/2022
It has never been more important for organizations of all sizes to prioritize securing their users and their infrastructure secrets with zero-trust network access.

How Threat Actors Are a Click Away From Becoming Quasi-APTs

05/18/2022
As demonstrated in Ukraine and elsewhere, the battlefield for today's warriors extends to the virtual realm with cyber warfare.

TorchLight Expands Cybersecurity Services With MDR Sentinel in Partnership With Microsoft

05/17/2022
MDR Sentinel expands TorchLight’s leading managed detection and response (MDR) services with turnkey SIEM and SOAR capabilities from Microsoft; TorchLight also announces it attains elite Microsoft Gold Partner Status

Critical VMware Bug Exploits Continue, as Botnet Operators Jump In

05/17/2022
A critical VMware bug tracked as CVE-2022-22954 continues to draw cybercriminal moths to its remote code-execution flame, with recent attacks focused on botnets and Log4Shell.

FBI: E-Tailers, Beware Web Injections for Scraping Credit-Card Data, Backdoors

05/17/2022
Law enforcement is warning about a wave of Web injection attacks on US online retailers that are successfully stealing credit-card information from online checkout pages.

New Venture Capital Fund Focuses on Emerging Cybersecurity Tech

05/17/2022
The founders behind more than 90 cybersecurity firms have set up a $300 million investment fund.

(ISC)² Unveils 100K in the UK Scheme to Expand the UK Cybersecurity Workforce with 100,000 Free Entry-Level Certificati

05/17/2022
Multi-million-pound commitment will empower everyone from recent graduates to career changers to IT professionals in the UK to begin a successful career in cybersecurity.

Training to Beat a Bad Cybersecurity Culture

05/17/2022
Creating a company culture for security may need to start by tearing down an anti-security culture.

Local Government's Guide to Minimizing the Risk of a Cyberattack

05/17/2022
Most local leaders lack cybersecurity resources so they don't know where their weaknesses are and which areas threat actors are most likely to target, with little focus or understanding of risk.

Google Cloud Aims to Share Its Vetted Open Source Ecosystem

05/17/2022
The online giant analyzes, patches, and maintains its own versions of open source software, and now the company plans to give others access to its libraries and components as a subscription.

Barracuda Expands Cloud-Native SASE Platform to Protect Hybrid Cloud Deployments

05/17/2022
Expansion includes new capabilities for hybrid deployment models and industrial Internet of things (IIoT) environments.

Qualys Adds Custom Assessment and Remediation to Its Cloud Platform

05/17/2022
Provides security architects with access to custom scripts that can be natively integrated with other Qualys solutions.

YouMail Launches YouMail Protective Services for Carriers and Enterprises

05/17/2022
Protect enterprises from the harm of unwanted voice-based phishing perpetrated by bad actors.

Ericom’s New ZTEdge Web Application Isolation Addresses Security Concerns Associated With Third-Party Contractor Appli

05/17/2022
Enables organizations to provide simple, secure access to the private and public cloud or Web-based corporate apps that workers using unmanaged devices need for their work.

Bitdefender Launches Identity Theft Protection Service for U.S. Consumers

05/17/2022
New offering provides credit and financial monitoring along with identity protection and restoration.