Code-Sabotage incident in protest of Ukraine War exposed open source risks.
Views expressed in this cybersecurity-cyberwar update are those of the reporters and correspondents.
Accessed on 18 March 2022, 2255 UTC.
Content provided by “DarkReading.com” via https://feedly.com.
Please click link or scroll down to read your selections.
Code-Sabotage Incident in Protest of Ukraine War Exposed Open Source Risks
The maintainer of a widely used npm module served up an unwelcome surprise for developers.
Satellite Networks Worldwide at Risk of Possible Cyberattacks, FBI & CISA Warn
Agencies provide mitigation steps to protect satellite communication (SATCOM) networks amid “current geopolitical situation.”
Half of Orgs Use Web Application Firewalls to Paper Over Flaws
WAFs remain a popular backfill for complex and fraught patch management.
CyCognito Launches Exploit Intelligence
Risk intelligence solution provides insight, visibility, and guidance to identify, prioritize, and remediate vulnerabilities like Log4j
A Chance to Raise Shields Right
CISA’s “Shields Up” alert provides urgency — and opportunity — for supply chain conversations.
Menlo Security: Less Than Three in 10 Organizations Are Equipped to Combat Growing Wave of Web-Based Cyber Threats
Report finds that 62 percent of IT decision makers have suffered a browser-based attack in the past 12 months.
Security Teams Struggle to Get Started With Zero Trust
Nearly a third of respondents in a Dark Reading survey on endpoint security strategy say zero trust is too confusing to implement.
The Road Ahead for Cyber and Infrastructure Security
Despite cost, it’s time to focus on securing legacy systems and physical infrastructure along with digital systems.
6 Reasons Not to Pay Ransomware Attackers
Paying a ransom might appear to be the best option, but it comes with its own costs.
ThreatMapper Updated With New Scanning Tools
ThreatMapper 1.3.0 features secret scanning and the ability to enumerate a software bill of materials at runtime to help secure serverless, Kubernetes, container, and multicloud environments.
Multiple Automotive Manufacturers Infected With Emotet
Telemetry from industrial systems security firm Dragos has spotted the malware command-and-control servers communicating with several automotive manufacturer systems.
Nok Nok Labs Unveils S3 Authentication Suite
Enhancements include support for OpenID Connect as an integration mechanism.
Cloudflare Announces API Gateway
Organizations can secure, manage, and monitor all of their APIs in one easy-to-use dashboard.
Titaniam Announces Completion of Product Suite
The Titaniam Suite includes ransomware and extortion defense capabilities in the form of five products.
Glasswall Launches Freemium Version of its Desktop Content Disarm and Reconstruction App
Glasswall technology offers proactive protection from file-based cybersecurity threats.
Stopping Russian Cyberattacks at Their Source
Step up training with cybersecurity drills, teach how to avoid social engineering traps, share open source monitoring tools, and make multifactor authentication the default.
Cut Down on Alert Overload and Leverage Layered Security Measures
Feeling overwhelmed by the number of alerts? It doesn’t have to be that way.
Enhancing DLP With Natural Language Understanding for Better Email Security
Natural language understanding is well-suited for scanning enterprise email to detect and filter out spam and other malicious content. Armorblox introduces a data loss prevention service to its email security platform using NLU.