Uber's Ex-CISO Appeals Conviction Over 2016 Data Breach

Categorieën: Diensten | Vakmensen Zakelijke goederen Financieel Kantoor Marketing Retail Detailhandel Industrie Machines Leeftijd: 14 t/m 18 jaar 19 t/m 30 jaar 31 t/m 64 jaar

Laden...

1 jaar geleden

Html
Tekst

Joe Sullivan's lawyers have claimed his conviction on two felony charges is based on tenuous theories and criminalizes the use of bug bounty programs.

Follow Dark Reading:

October 13, 2023

LATEST SECURITY NEWS & COMMENTARY

Uber's Ex-CISO Appeals Conviction Over 2016 Data Breach Joe Sullivan's lawyers have claimed his conviction on two felony charges is based on tenuous theories and criminalizes the use of bug bounty programs. DarkGate Operator Uses Skype, Teams Messages to Distribute Malware A plurality of the targets in the ongoing campaign have been based in the Americas. Brands Beware: X's New Badge System Is a Ripe Cyber-Target Scammers have targeted the vaunted blue check marks on the platform formerly known as Twitter, smearing individuals and brands alike. Backdoor Lurks Behind WordPress Caching Plug-in to Hijack Websites Evasive malware disguised as a caching plug-in allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy. Protect Critical Infrastructure With Same Rigor as Classified Networks Government security processes are often viewed as tedious and burdensome — but applying the lessons learned from them is imperative for private industry to counter a nation-state threat. The Cyberwar Between the East and the West Goes Through Africa By working cooperatively, the West and Africa can mobilize to tackle nation-state-backed cyber threats. Microsoft Set to Retire Grunge-Era VBScript, to Cybercrime's Chagrin Popular malware like QakBot and DarkGate rely on VBScript, which dates back to 1996 — but their days are numbered now that Microsoft is finally deprecating the Windows programming. language. Simpson Manufacturing Launches Investigation After Cyberattack The company has taken down its systems in an effort to determine the scope of the attack. (Sponsored Article) How to Interpret the 2023 MITRE ATT&CK Evaluation Results Unpack MITRE's methodology, understand the results, and learn top takeaways from Cynet's evaluation of MITRE's annual security vendor tests. MORE NEWS / MORE COMMENTARY


HOT TOPICS
Chinese 'Stayin' Alive' Attacks Dance Onto Targets With Dumb Malware A sophisticated APT known as "ToddyCat," sponsored by Beijing, is cleverly using unsophisticated malware to keep defenders off their trail. Microsoft: Chinese APT Behind Atlassian Confluence Attacks; PoCs Appear Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims. Addressing a Breach Starts With Getting Everyone on the Same Page The best incident-response plans cover contingencies and are fine-tuned in stress tests to ensure collaboration, remediation, and recovery efforts align. Reassessing the Impacts of Risk Management With NIST Framework 2.0 The latest NIST Cybersecurity Framework draft highlights four major themes that organizations should pay attention to for managing risk. MORE

EDITORS' CHOICE

Curl Bug Hype Fizzles After Patching Reveal Touted for days as potentially catastrophic, the curl flaws only impact a narrow set of deployments. LATEST FROM THE EDGE
Insurance Companies Have a Lot to Lose in Cyberattacks Not only do insurance companies collate sensitive information from their clients, but they also generate their own corporate data to protect. LATEST FROM DR TECHNOLOGY
Making the Case for Cryptographic Agility and Orchestration Finding the right post-quantum cryptographic (PQC) algorithms is necessary, but not sufficient, to future-proof cybersecurity. LATEST FROM DR GLOBAL
Pan-African Financial Apps Leak Encryption, Authentication Keys Cryptocurrency apps were the most high risk for exposing sensitive information, a reverse-engineering study shows.

WEBINARS

Building an Effective Active Directory Security Strategy

For many organizations, Microsoft's Active Directory is the source of truth for user identity and system access. For criminals, Active Directory is a gold mine of information for moving laterally through the corporate infrastructure. Despite its importance, many security teams ...

Using AI in Application Security Tooling

As AI continues to improve, security vendors are considering how they can use AI to protect applications. In web application and API security tooling used to protect production environments, AI/ML can be used to enhance and complement existing tactics ...

View More Dark Reading Webinars >>

WHITE PAPERS

The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023 Threat Intelligence: Data, People and Processes Global Perspectives on Threat Intelligence Building Cyber Resiliency: Key Strategies for Proactive Security Operations Mandiant Threat Intelligence at Penn State Health 2023 Global Future of Cyber Report Know your customer: Enable a 360-degree view with customer identity & access management

View More White Papers >>

FEATURED REPORTS

The State of Supply Chain Threats Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ...

View More Dark Reading Reports >>

PRODUCTS & RELEASES

BlackBerry Unveils Next-Generation UEM Redefining the Endpoint Management Market New Malwarebytes Survey: Consumers Lack Trust in New Tech ForAllSecure Announces Dynamic Software Bill of Materials for Application Security Okta Launches Cybersecurity Workforce Development Initiative to Help Close the Tech and Cybersecurity Skills Gap MORE PRODUCTS & RELEASES

CURRENT ISSUE

How to Deploy Zero Trust for Remote Workforce Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Deel deze op

Laden...

Andere nieuwsbrieven van Informationweek.com

Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets | Fancy Bear's Nearest Neighbor Uses Nearby Wi-Fi Network Informationweek.com
21 uren geleden
How to Create an Accurate IT Project Timeline Informationweek.com
23 uren geleden
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor Informationweek.com
Gisteren om 14:02

Meer nieuwsbrieven van Informationweek.com

Laden...

Gerelateerde nieuwsbrieven

Bekijk andere categorieën

Diensten | Vakmensen Zakelijke goederen Financieel Kantoor Marketing Retail Detailhandel Industrie Machines

Uber's Ex-CISO Appeals Conviction Over 2016 Data Breach

How to Deploy Zero Trust for Remote Workforce Security

Deel deze op

Andere nieuwsbrieven van Informationweek.com

Gerelateerde nieuwsbrieven

Bekijk andere categorieën