The legal actions may have a chilling effect on hiring CISOs, who are already in short supply, but may also expose just how budget-constrained most security executives are.
| | | LATEST SECURITY NEWS & COMMENTARY | | SEC Charges Against SolarWinds CISO Send Shockwaves Through Security Ranks The legal actions may have a chilling effect on hiring CISOs, who are already in short supply, but may also expose just how budget-constrained most security executives are. Biden's Artificial Intelligence Executive Order Covers Broad Concerns The executive order is ambitious and seeks to protect a variety of different groups that are most at risk from the irresponsible use of AI. Boeing Confirms Cyberattack, System Compromise The aerospace giant said it's alerting customers that its parts and distribution systems have been impacted by cyberattack. Boeing Breached by Ransomware, LockBit Gang Claims LockBit gives Boeing a Nov. 2 deadline to pay the ransom or have its sensitive documents leaked to the public, but it hasn't given evidence of the compromise. Safari Side-Channel Attack Enables Browser Theft The "iLeakage" attack affects all recent iPhone, iPad, and MacBook models, allowing attackers to peruse your Gmail inbox, steal your Instagram password, or scrutinize your YouTube history. 'Prolific Puma' Hacker Gives Cybercriminals Access to .us Domains Cybercriminals are upping their phishing with shortened links and showing that coveted, regulated top-level domains aren't as exclusive as you'd think. Microsoft: 0ktapus Cyberattackers Evolve to 'Most Dangerous' Status The English-speaking cyberattack group behind the MGM and Caesars Entertainment attacks is adding unique capabilities and gaining in sophistication. Prepare now, Microsoft says. Octo Tempest Group Threatens Physical Violence as Social Engineering Tactic The financially motivated English-speaking threat actors use advanced social engineering techniques, SIM swapping, and even threats of violence to breach targets. Google Dynamic Search Ads Abused to Unleash Malware 'Deluge' An advanced feature of Google targeted ads can allow a rarely precedented flood of malware infections, rendering machines completely useless. 20 Years Later, Is Patch Tuesday Enough? Microsoft's longstanding practice isn't enough to handle its vulnerability problem. What Would a Government Shutdown Mean for Cybersecurity? Companies are advised to act now to protect networks while federal employee paychecks are still forthcoming. Public agencies are updating contingency plans before the November extension ends, while cyber stalkers get an extra month to plan, too. What the Boardroom Is Missing: CISOs From communicating why security should be a priority to advocating for accountability and greater focus on protecting data in the cloud, CISOs can make the case for keeping people and sensitive data secure. MORE NEWS / MORE COMMENTARY | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
