| | | LATEST SECURITY NEWS & COMMENTARY | | Attackers Find New Way to Exploit Google Docs for Phishing Tactic continues recent trend by attackers to use trusted cloud services to send and host malicious content. Software-Container Supply Chain Sees Spike in Attacks Attackers target companies' container supply chain, driving a sixfold increase in a year, aiming to steal processing time for cryptomining and compromise cloud infrastructure. New DNS Name Server Hijack Attack Exposes Businesses, Government Agencies Researchers found a "novel" class of DNS vulnerabilities in AWS Route53 and other DNS-as-a-service offerings that leak sensitive information on corporate and government customers, with one simple registration step. Majority of Web Apps in 11 Industries Are Vulnerable All the Time Serious vulnerabilities exist every day in certain industries, including utilities, public administration, and professional services, according to testing data. This Week in Database Leaks: Cognyte, CVS, Wegmans Billions of records were found exposed this week due to unprotected databases owned by major corporations and third-party providers. Data Breaches Surge in Food & Beverage, Other Industries Six previously "under-attacked" vertical industries saw a surge in data breaches last year due to COVID-19 related disruptions and other factors, new data shows. VMs Help Ransomware Attackers Evade Detection, but It's Uncommon Some ransomware attackers use virtual machines to bypass security detection, but adoption is slow for the complicated technique. One in Five Manufacturing Firms Targeted by Cyberattacks Information-stealing malware makes up about a third of attacks, a study finds, but companies worry most about ransomware shutting down production. Are Ransomware Attacks the New Pandemic? Ransomware has been a problem for decades, so why is government just now beginning to address it? Cyberattacks Are Tailored to Employees ... Why Isn't Security Training? Consider four factors and behaviors that impact a particular employee's risk, and how security training should take them into account. Accidental Insider Leaks Prove Major Source of Risk Research reports highlight growing concerns around insider negligence that leads to data breaches. NSA Funds Development & Release of D3FEND Framework The framework, now available through MITRE, provides countermeasures to attacks. MORE NEWS & COMMENTARY | | | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107 | | To update your profile, change your e-mail address, or unsubscribe, click here. | | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
