Spring4Shell: Spring Flaws Lead to Confusion, Concerns of New Log4Shell-Like Threat

New Modem Wiper Malware May be Connected to Viasat Hack | Hackers Got User Data From Meta With Forged Request

Visit SecurityWeek.Com | Advertise | Contact   Webcasts RSS Feed 03.31.22 Thursday, March 31, 2022 Accelerate Threat Detection Across Your Cloud Lacework will help you find all vulnerabilities across your cloud and container environments — instances that other vulnerability scanning tools miss. Get Started The Importance of Open Source to an XDR Architecture XDR architecture must be broad and deep so that organizations can get the most value out of their existing best-of-breed security solutions, including their free, open-source tools. Read the Full Column by Marc Solomon The Need for Resilient Zero Trust Cyber resilience is the only way to guarantee true Zero Trust. When implemented properly, resilient Zero Trust becomes a preventive measure that counteracts human error, malicious actions, and decayed, insecure software. Read the Full Column by Torsten George Six Ways to Expand Your Fraud Program While attackers and fraudsters are continually adapting and evolving, there are some measures that businesses can take to improve their fraud programs Read the Full Column by Joshua Goldfarb The Elusive Goal of Network Security No matter how far you stray from having a perfect system — or how close you come to attaining one — the pursuit is always an essential and worthwhile investment of your time. Read the Full Column by Marie Hattar Achieving Positive Outcomes With Multi-Domain Cyber and Open Source Intelligence Many think open source intelligence is just another name for better googling. They are wrong. Good open source and threat intelligence are derived from three core capabilities. Read the Full Column by Landon Winkelvoss A Sheep in Wolf's Clothing: Technology Alone is a Security Facade Vendor agnostic technology, married with actionable, globally-sourced, and continually evolving intelligence, augmented by humans, is needed to defend our enterprises. Read the Full Column by Keith Ibarguen Accelerate Threat Detection Across Your Cloud Lacework will help you find all vulnerabilities across your cloud and container environments — instances that other vulnerability scanning tools miss. Get Started See All Recent Articles at SecurityWeek.Com Spring4Shell: Spring Flaws Lead to Confusion, Concerns of New Log4Shell-Like Threat: The disclosure of several vulnerabilities affecting the widely used Spring Java framework has led to confusion and concerns that organizations may need to deal with a flaw similar to the notorious Log4Shell. Read More New Modem Wiper Malware May be Connected to Viasat Hack: A malicious software command that immediately crippled tens of thousands of modems across Europe anchored the cyberattack on the Viasat satellite network used by Ukraine's government and military. Read More Satellite Modems Nexus of Worst Cyberattack of Ukraine Wars: A malicious software command that immediately crippled tens of thousands of modems across Europe anchored the cyberattack on the Viasat satellite network used by Ukraine's government and military. Read More Hackers Got User Data From Meta With Forged Request: Facebook gave user information to hackers who pretended to be law enforcement officials last year, a company source said, highlighting the risks of a measure used in urgent cases. Read More Security Vendors Assessing Impact of OpenSSL Flaw: Cybersecurity, cloud, storage and other vendors are assessing the impact of a recent OpenSSL vulnerability on their products and services. Read More IT Giant Globant Confirms Source Code Repository Breach: Globant confirmed that some of its source code repositories have been breached after Lapsus$ leaked code allegedly belonging to the company. Read More Security Startup Wing Emerges From Stealth With $26M: A provider of end-to-end SaaS security, Wing has raised $26 million from GGV Capital, Harmony Partners, S-Capital, Silicon Valley CISO Investments Group, and various security leaders. Read More FBI Warns of Phishing Attacks Targeting US Election Officials: US election officials in at least nine states have been targeted in credential-harvesting phishing campaigns. Read More VIDEO: Fireside Chat With McDonald's CISO Shaun Marion: McDonald's CISO Shaun Marion joins SecurityWeek's Ryan Naraine to discuss the role of the modern CISO, the challenges of building a mature risk management program and more. Watch Instantly Chrome Browser Gets Major Security Update: Google ships a security-themed Chrome browser makeover with patches 28 documented vulnerabilities, some serious enough to lead to code execution attacks. Read More US Government Warns of Attacks Targeting UPS Devices: CISA says that removing internet access to the management interface of UPS devices prevents attacks. Read More Cyera Emerges From Stealth Mode With $60M to Protect Cloud Data: Cloud data security startup Cyera emerged from stealth mode with $60 million in funding to help companies find and protect data stored in various cloud environments. Read More Investors Bet on Cyberpion in Attack Surface Management Space: Attack surface management specialists Cyberpion has secured $27 million in early-stage funding to build technology that helps organizations manage exposure to risk. Read More Remote 'Brokenwire' Hack Prevents Charging of Electric Vehicles: Researchers have identified a new attack method, dubbed Brokenwire, that can be used to remotely interrupt the charging of electric vehicles. Read More To help make sure the SecurityWeek Briefing reaches you, please add news@securityweek.com to your address book. © 2022 Wired Business Media Visit SecurityWeek.Com | Twitter | Advertise | Contact

SecurityWeek | 40 Warren Street, Charlestown, MA 02129 Unsubscribe cyberdefense974.77330@blogger.com Update Profile | Our Privacy Policy | Constant Contact Data Notice Sent by news@securityweek.com