SecurityWeek: Cybersecurity News, Insights, Analysis

Hundreds infected with "Wasp" stealer in ongoing supply chain attacks.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents. Accessed on 17 November 2022, 1337 UTC.

Content provided by "SecurityWeek.com."

Source: https://www.securityweek.com/

Please click link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybesecurityjournal.net and https://paper.li/RussellRoberts).

PrevNext

IT SECURITY NEWS HEADLINES

Hundreds Infected With 'Wasp' Stealer in Ongoing Supply Chain Attack

Cybersecurity M&A Roundup for November 1-15, 2022

Magento Vulnerability Increasingly Exploited to Hack Online Stores

US Gov Warning: Start Hunting for Iranian APTs That Exploited Log4j

Remote Code Execution Vulnerabilities Found in F5 Products

MORE SECURITY HEADLINES

Firefox 107 Patches High-Impact Vulnerabilities

Mozilla has released Firefox 107 and the latest version of the web browser patches 19 vulnerabilities, including many with a high impact rating. [Read More]

Akeyless Raises $65 Million for Secrets Management Tech

Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]

Threat Hunting Summit Virtual Event NOW LIVE

Join us in the 3D virtual platform to learn about innovative strategies and tools that security teams can use to detect, contain, and eliminate threats in enterprise networks. [Read More]

Holiday Cybersecurity Staffing Levels a Difficult Balancing Act for Companies

The effect of reduced staffing levels over holidays and weekends doesn’t just attract more cybercriminals, it makes the outcome of attacks more severe. [Read More]

AppSec Startup ArmorCode Raises $14 Million

Application security startup ArmorCode raises $14 million in Series A funding round led by Ballistic Ventures. [Read More]

Over 12,000 Cyber Incidents at DoD Since 2015, But Incident Management Still Lacking

New GAO report analyzes DoD’s cyber incident management capabilities and provides recommendations on addressing identified weaknesses. [Read More]

BoostSecurity Exits Stealth With DevSecOps Automation Platform, $12M in Seed Funding

BoostSecurity has emerged from stealth mode with a DevSecOps automation platform and $12 million in seed funding. [Read More]

Web Giants to Submit User Data as EU Law Comes Into Effect

A new EU law imposing stricter online regulation comes into effect Wednesday and the biggest platforms like Facebook and Google will have until February 17 to reveal their user numbers. [Read More]

Google Ready to Roll Out Android Privacy Sandbox in Beta

Google is getting ready for the rollout of Android Privacy Sandbox, a new feature meant to provide more private advertising on mobile devices. [Read More]

Networking Tech Vulnerability Could Be Used to Hack Spacecraft: Researchers

A team of researchers has shown how a networking technology vulnerability could be exploited to hack spacecraft and other critical systems. [Read More]

SECURITYWEEK EXPERTS

Cyber Resilience: The New Strategy to Cope With Increased Threats

Torsten George - Network Security

When implemented properly, cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.

Read full story

Risk Mitigation Strategies to Close the XIoT Security Gap

Galina Antova - ICS/OT

Understanding the vulnerability landscape of the XIoT to properly assess and mitigate risk is critically important to protect livelihoods and lives.

Read full story

Balancing Security Automation and the Human Element

Marc Solomon - Incident Response

When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.

Read full story

Bringing Bots and Fraud to the Boardroom

Joshua Goldfarb - Fraud & Identity Theft

If security can learn to communicate in a way that executives and boar members can understand, internalize, and act upon, it serves to benefit tremendously.

Read full story

Offense Gets the Glory, but Defense Wins the Game

Derek Manky - Incident Response

Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.

Read full story

Tailoring Security Training to Specific Kinds of Threats

Jeff Orloff - Training & Certification

By focusing on attack tactics and techniques that pose clear and present danger to the business, a company can achieve the greatest return on its training initiatives.

Read full story

How to Prepare for New SEC Cybersecurity Disclosure Requirements

Gordon Lawson - Incident Response

The new SEC requirements are putting on paper what many companies—public and private—should have been investing in already.

Read full story

Leveraging Managed Services to Optimize Your Threat Intelligence Program During an Economic Downturn

Landon Winkelvoss - Risk Management

How organizations can use managed services to optimize their threat intelligence program during an economic downturn.

Read full story

Cybersecurity Awareness Month: 5 Actionable Tips

Torsten George - Network Security

Here are five best practices for defeating against most attacks, hopefully making the need for future Cybersecurity Awareness Months obsolete.

Read full story

Anticipation and Action: What's Next in SOC Modernization

Marc Solomon - Network Security

Within the context of security operations, anticipation teams use internal and external threat and event data across their security infrastructure for context and analytics and to become more proactive.

Read full story

Hawaii Cybersecurity Journal