CISA & FBI: Be 'Vigilant' About Possible Ransomware Attacks This Weekend | DDoS Attacks Hitting in High-Bandwidth Bursts

[TechWeb]( Follow Dark Reading: [RSS]( September 02, 2021 LATEST SECURITY NEWS & COMMENTARY [CISA and FBI: Be 'Vigilant' About Possible Ransomware Attacks Over Labor Day Weekend]( Advisory recommends key defenses for mitigating risk by ransomware and other threats. [DDoS Attacks Hitting Victims in High-Bandwidth 'Bursts']( The volume of traffic harnessed by attackers has grown steadily over the years, with distributed denial-of-service attacks regularly topping hundreds of gigabytes per second. ['ProxyToken' Flaw Heightens Concerns Over Security of Microsoft Exchange Server]( New flaw is one among several that have been disclosed in the software over the past several months. [Microsoft Azure Cosmos DB Incident Underscores the Need to Closely Watch Cloud Data]( Even businesses that do everything right still need to monitor their data and cloud services. [Microsoft Azure Cloud Vulnerability Exposed Thousands of Databases]( Researchers discovered that a data-science feature on Azure allowed anyone to retrieve the credentials of other companies using that feature, potentially exposing billions of records. [Cybersecurity Acquisitions, IPOs Drive Record First Half in 2021]( Signs of a bubble? Cybersecurity firms closed $11.5 billion in financing deals, a record for the industry, and nearly $40 billion in M&A valuations. [Google, Amazon, Microsoft Share New Security Efforts After White House Summit]( The news arrives after tech company leaders met with President Biden to discuss the public-private partnership needed to address security threats. [End-of-Summer Crunch Time for Ed Tech Teams]( Four questions to help ensure schools are ready for the new school year. [Why Is Hacktivism Still Being Ignored?]( The rising trend of hacktivism, while generally well-intentioned, can have serious repercussions for your organization. Rather than allowing hacktivists to expose your company's weak spots, security pros must be vigilant in mitigating threats. [A CISO's Perspective on Ransomware Payments]( How living through the experience of assisting a small business with a ransomware attack changed my perspective on whether to pay. [Why It's Time for Business Leaders to Take Greater Accountability on Data Privacy]( With the rise of hybrid-cloud and multicloud systems, a comprehensive strategy is needed to maintain control over who can and cannot access sensitive data across the organization, and to protect personal information. [Where CISA's Ransomware Tool Falls Short & What To Do About It]( The agency's Ransomware Readiness Assessment tool is a thin start, but here's where security professionals can build on it. [Money Mule Email Scam Targets Students]( Nigerian-based scam operation lures college students with promises of employment in exchange for cashing checks. [FBI Shares Hive Ransomware IoCs in New Alert]( Hive ransomware was first spotted in June 2021 and likely operates as an affiliate-based threat. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [10 Obstacles That Prevent Security Pros From Doing Their Jobs]( As if fighting against cyberattacks weren't hard enough, security teams also have to contend with other issues that prevent them from doing their jobs effectively. [7 Tips for Securing the Software Development Environment]( Recent attacks have highlighted the need for organizations to pay closer attention to the hardware, software, and networks used in software development. [5 Considerations for Flexible Security Planning]( From business processes to buying mechanisms and implementation timelines, a host of issues may stand in the way of flexible planning for cyber defense. [MORE]( EDITORS' CHOICE [One Year Later, a Look Back at Zerologon]( The critical vulnerability did not initially receive much fanfare but was quickly weaponized in APT attacks and became the focus of government alerts. [Superhero Loki Lurks Like a Zero-Day Threat]( The Marvel creation may just be the perfect example of a zero-day attack with no signature. LATEST FROM THE EDGE [Chenxi Wang: From Security Research to Developing the Next Generation of Security Leaders]( Security Pro File: After stints as an industry analyst and security executive for different companies, Chenxi Wang is developing the next-generation of security companies and women executives in security. Tech Resources - [How Securing the Data Lifecycle Can Transform Your Data Protection Program]( - [The Dirty Dozen: The Truth About Privacy Preserving Techniques and Technologies]( - [Passwordless: The Future of Authentication]( - [Zero Trust Evaluation Guide]( - [Policy as Code Guide - Design, Build, & Runtime]( - [The Buyer's Guide to Next Generation Cloud Security Posture Management]( - [Cloud Cyber Resilience Report]( [ACCESS TECH LIBRARY NOW]( - [Security Alert Fatigue: How to Wake Up and Take Back Control of your SOC]( In this webinar, learn expert tips on how to improve your processes and use orchestration to relieve security alert fatigue, get the most out of your security investments and improve your cyber incident response. - ["The New Normal" of Supply Chain Security]( In this webinar, experts discuss potential vulnerabilities in the new supply chain, and potential threats from online attackers. They also discuss the impact of these changes on compliance with industry and regulatory rules that govern the supply chain. You'll learn ... [MORE WEBINARS]( FEATURED REPORTS - [Enterprise Cybersecurity Plans in a Post-Pandemic World]( - [Enterprise Cybersecurity Plans in a Post-Pandemic World]( As the COVID-19 pandemic eases, IT security threats and the challenges involved in responding to them are trending upward. Security leaders expect that cyberattacks like ransomware, phishing, and malware will increase even as the pandemic eventually recedes. Download the Dark ... [MORE REPORTS]( CURRENT ISSUE [Enterprise Cybersecurity Plans in a Post-Pandemic World]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Women in CyberSecurity (WiCyS) Mentorship Program Open to Applicants]( [Former NSA Chief GEN (Ret.) Keith Alexander Joins SolCyber’s Board of Directors]( [Why It's Time for Business Leaders to Take Greater Accountability on Data Privacy]( [Kevala Announces $21 Million Series A Funding Round to Accelerate Decarbonization & Improve Security of US Electric Grid]( [Red Canary Announces New Release of Security Operations Platform]( [Data Theorem’s Award-Winning Analyzer Engine Delivers Unified AppSec Support Across Apple Desktop, Laptop and Mobile Devices]( [Lacework Releases Quarterly Cloud Threat Report]( [New Alliance Seeks to Improve US Electric Grid Cybersecurity]( [DirectTrust Acquires Assets of SAFE Identity]( [Red Sentry Launches Automated, Continuous Cybersecurity Penetration Test]( [OwnBackup Acquires RevCult]( [MORE PRODUCTS & RELEASES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)