Outsourcing Security Without Increasing Risk
Few enterprises have all the cybersecurity skills and resources they need in-house, making outsourcing a necessity. How do they select, and work with, third-party security service providers?
https://www.darkreading.com/cybersecurity-operations/outsourcing-security-without-increasing-risk
SAGE Cyber Launches CISO Planning Tool
As a newly independent company, SAGE Cyber will offer a platform that helps CISOs make data-driven decisions and optimize their security defenses.
https://www.darkreading.com/cybersecurity-operations/sage-cyber-launches-ciso-planning-tool
WitnessAI Launches With Guardrails for AI
AI safety platform startup WitnessAI claims to help enterprises use AI safely and effectively with its platform addressing AI privacy, governance, and security.
https://www.darkreading.com/cloud-security/witnessai-launches-with-guardrails-for-ai
Picking the Right Database Tech for Cybersecurity Defense
Graph and streaming databases are helping defenders deal with complex, real-time threat and cybersecurity data to find weak points before attackers.
Iran APTs Tag Team Espionage, Wiper Attacks Against Israel & Albania
Scarred Manticore is the smart, sophisticated one. But when Iran needs something destroyed, it hands the keys over to Void Manticore.
YouTube Becomes Latest Battlefront for Phishing, Deepfakes
Personalized phishing emails with fake collaboration opportunities and compromised video descriptions linking to malware are just some of the new tricks.
EPA Puts Teeth Into Water Sector Cyber Efforts
The agency plans to get more serious about enforcement as Iran and Russia step up the volume of cyberattacks on water systems nationwide.
https://www.darkreading.com/ics-ot-security/epa-water-sector-cyber-efforts
Name That Toon: Buzz Kill
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
https://www.darkreading.com/cyberattacks-data-breaches/name-that-toon-buzz-kill
Russia's Turla APT Abuses MSBuild to Deliver TinyTurla Backdoor
A threat campaign luring users with malicious documents related to human rights and public notices is aimed at giving the Russia-backed threat group access to victims' systems for cyber-espionage purp...
https://www.darkreading.com/cyberattacks-data-breaches/russia-turla-apt-msbuild-tinyturla-backdoor
Can Cybersecurity Be a Unifying Factor in Digital Trade Negotiations?
As we face continued headwinds on provisions like data flows and e-customs duties, further progress is both needed and achievable in digital trade policy.
Transforming CISOs into Storytellers
Faced with chilling new SEC rules, chief information security officers are learning soft skills to help them better communicate cybersecurity concerns with the C-suite.
https://www.darkreading.com/cyber-risk/transforming-cisos-into-storytellers
OpenSSF Siren to Share Threat Intelligence for Open Source Software
The Siren email mailing list will focus on operational impact and response and act as a central location to provide information about threats and necessary post-disclosure activities.
DoJ Shakes Up North Korea's Widespread IT Freelance Scam Operation
Fraudsters based in the US and Europe indicted for helping North Korea's nation-state groups establish fake freelancer identities and evade sanctions.
Google Pitches Workspace as Microsoft Email Alternative, Citing CSRB Report
The new Secure Alternative Program from Google aims to entice customers away from Exchange Online and break Microsoft's dominance in enterprise.
CyberArk Picks Up Machine Identity Manager Venafi For $1.54B
The acquisition gives CyberArk new IoT identity and certificate lifecycle management, cryptographic code-signing, and other services to secure the enterprise cloud.
https://www.darkreading.com/cloud-security/cyberark-picks-up-machine-id-manager-venafi-for-1-54b
ZeroRisk Cybersecurity Expands Global Presence With US Launch
https://www.darkreading.com/cyber-risk/zerorisk-cybersecurity-expands-global-presence-with-us-launch
Deepfakes Rank As the Second Most Common Cybersecurity Incident for US Businesses
Data Breach Response Provider, CyEx, Acquires Settlement Administrator, Simpluris Inc.
HP Catches Cybercriminals 'Cat-Phishing' Users
https://www.darkreading.com/vulnerabilities-threats/hp-catches-cybercriminals-cat-phishing-users
Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms
An on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environment.