Dark Reading Daily -- May 23, 2022

Follow Dark Reading:

May 23, 2022

LATEST SECURITY NEWS & COMMENTARY

Partial Patching Still Provides Strong Protection Against APTs

Organizations that deploy updates only after a vulnerability is disclosed apply far fewer updates and do so at a lower cost than those that stay up to date on all of their software, university researchers say.

Microsoft Rushes a Fix After May Patch Tuesday Breaks Authentication

Two of Microsoft's Patch Tuesday updates need a do-over after causing certificate-based authentication errors.

Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap

To succeed against dynamic cybercriminals, organizations must go multiple steps further and build a learning system that evolves over time to keep up with attacker tactics.

Chatbot Army Deployed in Latest DHL Shipping Phish

In a new phishing tactic, faux chatbots establish a conversation with victims to guide them to malicious links, researchers say.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Phishing Attacks for Initial Access Surged 54% in Q1 For the first time in a year, security incidents involving email compromises surpassed ransomware incidents, a new analysis shows. 6 Scary Tactics Used in Mobile App Attacks Mobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene. Majority of Kubernetes API Servers Exposed to the Public Internet Shadowserver Foundation researchers find 380,000 open Kubernetes API servers. MORE

EDITORS' CHOICE

MITRE Creates Framework for Supply Chain Security

System of Trust includes data-driven metrics for evaluating the integrity of software, services, and suppliers.

LATEST FROM THE EDGE

Quantum Key Distribution for a Post-Quantum World

New versions of QKD use separate wavelengths on the same fiber, improving cost and efficiency, but distance is still a challenge.

LATEST FROM DR TECHNOLOGY

New Open Source Project Brings Consistent Identity Access to Multicloud

Hexa and IDQL allow organizations using cloud platforms such as Microsoft Azure, Amazon Web Services, and Google Cloud Platform to apply consistent access policy across all applications, regardless of environment.

Tech Resources

ACCESS TECH LIBRARY NOW

Using Threat Modeling to Improve Enterprise Cyber Defenses
As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ...
The Value Drivers of Attack Surface Management, Revealed
The value of modern ASM extends beyond the security benefits. It can save money as well through prevention, lower cyber insurance costs, lower human effort, and higher operational efficiency. Join to find out how modern attack surfaces have changed, why ...

FEATURED REPORTS

Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal
With attacks and breaches on the rise, enterprise security teams need full visibility over what they have in their network. DNS is a key tool for visibility and asset discovery. Proactive DNS-layer security - such as using DNS data to ...
Rethinking Endpoint Security in a Pandemic and Beyond
IT security teams are expending the concept of "endpoint security" as companies adjust to a distributed workforce. How much responsibility will enterprise IT take for the security of personal devices such as printers. How will they manage identities across multiple ...

CURRENT ISSUE

Incorporating a Prevention Mindset into Threat Detection and Response
DOWNLOAD THIS ISSUE	SUBSCRIBE NOW
BACK ISSUES \| MUST READS \| TECH DIGEST

PRODUCTS & RELEASES

More Than 1,000 Cybersecurity Career Pursuers Complete the (ISC)² Entry-Level Cybersecurity Certification Pilot Exam

Dig Exits Stealth With $11M for Cloud Data Detection and Response Solution

Lacework Integrates Kubernetes Features to Enhance Security Across Multi-Cloud Environments

MORE PRODUCTS & RELEASES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To update your profile, change your e-mail address, or unsubscribe, click here.

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.