Follow Dark Reading:
 December 03, 2022
LATEST SECURITY NEWS & COMMENTARY
API Secrets: Where the Bearer Model Breaks Down
Current authentication methods are based on the bearer model, but lack of visibility into the entities leveraging API secrets has made this untenable.
How the Cloud Changed Digital Forensics Investigations
The enterprise's shift to the cloud means digital forensics investigators have had to adopt new remote techniques and develop custom tools to uncover and process evidence off compromised devices.
AWS Unveils Amazon Security Lake at re:Invent 2022
Amazon Security Lake will allow organizations to create a purpose-built, standards-based data lake to aggregate and store security data.
How Development Teams Should Respond to Text4Shell
Yet another *4Shell exploit highlights the horror of strange visitors into enterprise environments. This Tech Tip focuses on what to do next.
Cyber Due Diligence in M&As Uncovers Threats, Improves Valuations
To get the full picture, companies need to look into the cybersecurity history and practices of the business they're acquiring.
CI Fuzz CLI Brings Fuzz Testing to Java Applications
CI Fuzz CLI, the open source fuzzing tool with just three commands, integrates fuzz testing directly into the software development workflow.
How to Use Cyber Deception to Counter an Evolving and Advanced Threat Landscape
Organizations must be prepared to root out bad actors by any means possible, even if it means setting traps and stringing lures.
Why Africa's Telecoms Must Actively Collaborate to Combat Fraud
Unique conditions contribute to outsized telecom fraud across the continent, but working together can bring solutions.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Amid Legal Fallout, Cyber Insurers Redefine State-Sponsored Attacks as Act of War
As carriers rewrite their act-of-war exclusions following the NotPetya settlement between Mondelez and Zurich, organizations should read their cyber insurance policies carefully to see what is still covered.

Google Releases YARA Rules to Disrupt Cobalt Strike Abuse
The popular pen-testing tool is often cracked and repurposed by threat actors. Google now has a plan to address that.

Microsoft Defender Gets New Security Protections
The new Microsoft Defender for Endpoint capabilities include built-in protection and scanning network traffic for malicious activity.

MORE
EDITORS' CHOICE
Major Security Breach From Business Users' Low-Code Apps Could Come in 2023, Analysts Warn
Here's what that means about our current state as an industry, and why we should be happy about it.
Cybersecurity Pros Put Mastodon Flaws Under the Microscope
As the open source social media network grabs the spotlight as a Twitter replacement, researchers caution about vulnerabilities.
FROM THE NEWS DESK

IBM Cloud Supply Chain Vulnerability Showcases New Threat Class
The Hell's Keychain attack vector highlights common cloud misconfigurations and secrets exposure that can pose grave risk to enterprise customers.
WEBINARS
  • Seeing Your Attack Surface Through the Eyes of an Adversary

    The best way to manage exposure, reduce risk, and improve your security posture is to understand your attack surface through the eyes of an attacker. Cortex Xpanse provides automated Attack Surface Management with an agentless implementation. Xpanse scans the entirety ...

  • Developing and Testing an Effective Breach Response Plan

    When cyber attackers hit your network and your databases have been breached, do you know what you have to do and who to call? What do you tell your customers, employees, and other stakeholders, and when do you tell them? ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Guidehouse Insights Anticipates Market for Automotive Cybersecurity Solutions Will Grow to More Than $445 Billion by 2031
Phylum Expands Its Software Supply Chain Security Capabilities, Introduces Automated Vulnerability Reachability
SPHERE Receives $31M for Series B Funding From Edison Partners, Forgepoint Capital
CyberRatings.org Announces Results from First-of-its-Kind Comparative Test on Cloud Network Firewall
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Developing and Testing an Effective Breach Response Plan
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us