Dark Reading

What to Do While Waiting for the Log4J Updates

12/10/2021
This Tech Tip outlines how enterprise defenders can mitigate the risks of the Log4j vulnerabilities for the short-term while waiting for updates.

Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool

12/10/2021
A remote code execution vulnerability in Log4j presents a bigger threat to organizations than even the infamous 2017 Apache Struts vulnerability that felled Equifax, they say.

NIST Cyber-Resiliency Framework Extended to Include Critical Infrastructure Controls

12/10/2021
The latest NIST publication outlines how organizations can build systems that can anticipate, withstand, recover from, and adapt to cyberattacks.

Russian National Sentenced for Role in Kelihos Botnet

12/10/2021
Oleg Koshkin was sentenced for running a crypting service used to hide the Kelihos malware from antivirus software.

Identity Authentication Access Market Set to Hit $28.9B in 2021

12/10/2021
With more staff working remotely, identity, authentication, and access (IAA) has never been more important. Market forecasts, drivers, and trends are explored.

Dark Reading Reflects on a Legacy and Life Well-Written: Tim Wilson

12/10/2021
The Dark Reading editorial team, along with contributing writers and editors, share their favorite stories and memories of co-founder and editor-in-chief Tim Wilson, an influential editor and well-respected thought leader in the cybersecurity industry.

The Vulnerability Lag: Cut Ransomware Risks Resulting From Digital Transformation

12/10/2021
Exploring ransomware and other data integrity risks from accelerated digital transformation in the wake of COVID-19.

New Firefox Sandbox Isolates Third-Party Libraries

12/10/2021
RLBox can be used to protect web browsers and other software applications from vulnerabilities in subcomponents and libraries.

Broadcom Inc. Announces $10 Billion Share Repurchase Authorization

12/09/2021
The authorization is effective until December 31, 2022.

Emotet Is Back and More Dangerous Than Before

12/09/2021
Volume of traffic associated with the malware is now back at 50% of the volume before law enforcement took the botnet operation down in January 2021, security vendor says.

Why Red Teaming While Black Can Be Risky

12/09/2021
Penetration audits can be dangerous for people of color. Here is how to keep Black and brown cybersecurity professionals safe during red team engagements.

Researchers Explore Microsoft Outlook Phishing Techniques

12/09/2021
Outlook features intended to improve collaboration and productivity may make social engineering attacks more effective, researchers find.

Lack of Patching Leaves 300,000 Routers at Risk for Attack

12/09/2021
A significant percentage of the 2 million consumer and small-business routers produced by a Latvian firm are vulnerable and being used by attackers, a security firm says.

One-Third of Phishing Pages Active Less Than a Day

12/09/2021
Security experts say the first hours in a phishing page's life are the most dangerous for users.

Why the Private Sector Is Key to Stopping Russian Hacking Group APT29

12/09/2021
Left unchecked, these attacks could have devastating effects on government and military secrets and jeopardize the software supply chain and the global economy.

LastPass Announces New Integration with Google Workspace

12/09/2021
The latest integration furthers the company’s mission to provide an unmatched security model for businesses, without adding complexity for users.

How to Build a Better Internal Fraud Protection Program

12/09/2021
Fraud awareness training is just the beginning.

The Executive Women's Forum on Information Security, Risk Management & Privacy Presents the Leadership Scholarship

12/09/2021
Scholarship's goal is to advance women in cybersecurity, risk, and privacy.

IRONSCALES Raises $64 Million in Series C Funding Round Led by PSG

12/09/2021
Investment aims to accelerate growth through continued product innovation and global expansion.

Intel 471 Forms Tech Alliance With CyCognito

12/09/2021
Enterprises will see improved access to data and more relevant insights that will enable them to further strengthen their cybersecurity postures.