Open Source Software Projects Up Their Security Game but Face More Attacks

[TechWeb]( Follow Dark Reading: [RSS]( September 21, 2021 LATEST SECURITY NEWS & COMMENTARY [Open Source Software Projects Up Their Security Game but Face More Attacks]( Patches for dependencies are trickling up through the open source ecosystem faster than ever — a good thing because attackers are focusing more on open source software. [White House Cybersecurity Summit: A Missed Opportunity]( Last month's summit with the president was missing something crucial: representation from those who deal with critical infrastructure. [(Sponsored Article) Don't Try to Outsmart Cybercriminals. Outnumber Them!]( Why hasn't a problem that's lasted for more than 40 years been solved after hundreds of billions of dollars have been spent? Let's take a new approach. [Google: New Privacy Feature Will Affect 'Billions' of Android Devices]( Starting in December, Google will expand its "permissions auto-reset feature" to devices using Android 6.0 and higher. [F5 Networks to Buy Threat Stack]( F5 Networks plans to combine its application and API security tools with Threat Stack's cloud protection capabilities. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [How Should the CSO Work With the Chief Privacy Officer?]( The chief security officer needs to be in constant communication with the chief privacy officer about what's working or not working. [International Insider Threat: DoJ Fines US Intel Officials Who Aided UAE]( Three former US intelligence operatives have been fined $1,685,000 for aiding the United Arab Emirates in widespread hacking campaigns. [How Your Printer Is Like Swiss Cheese]( Follow these best practices to avoid the security holes created by these often-overlooked, but ubiquitous, devices. [MORE]( EDITORS' CHOICE [IoT 'Nutrition' Labels Aim to Put Security on Display]( NIST has laid the groundwork for an easy-to-understand way to communicate to consumers the security of software and connected devices. [Infrastructure, Security, and the Need for Visibility]( Government authorities are increasingly trying to bolster critical infrastructure security. But investments in next-generation solutions won't go far enough without also addressing security and operational fundamentals. LATEST FROM THE EDGE [10 Ways to Avoid Zero-Trust Failure]( Here are the prerequisites to have in order before getting past the zero-trust gate. Tech Resources - [Zero Trust and the Power of Isolation for Threat Prevention]( - [Digital Transformation and Data Security]( - [The Transition to Empowered Enterprise Authentication]( - [Defend Against Credential-based & Privilege Escalation Attacks]( - [Understanding the Most Common Lateral Movement Attack Tactics]( - [SUNBURST: Mapping Malicious Activity Using Farsight Historical Passive DNS]( - [A Pragmatic Path to SASE]( [ACCESS TECH LIBRARY NOW]( - [Defense Strategies to Combat Sophisticated Ransomware and Multi-Vector Attacks]( To defend themselves effectively, companies need to detect ransomware attacks early, gather the intelligence to understand the attack and prevent attacks from occurring in the future. In this webinar, Shailesh Athalye, EVP Product Management will discuss ransomware trends, defensive maneuvers ... - [Learn Why XDR Delivers Better Outcomes to Secure Your Endpoints]( Endpoint security continues to evolve. The increasing complexity of the threat landscape means we can no longer depend on next-gen antivirus (NGAV) or EDR (Endpoint Detection and Response) alone to protect against sophisticated attacks. It's well known that endpoint attacks ... [MORE WEBINARS]( FEATURED REPORTS - [Enterprise Cybersecurity Plans in a Post-Pandemic World]( As the COVID-19 pandemic eases, IT security threats and the challenges involved in responding to them are trending upward. Security leaders expect that cyberattacks like ransomware, phishing, and malware will increase even as the pandemic eventually recedes. Download the Dark ... - [The State of Malware Threats]( [MORE REPORTS]( CURRENT ISSUE [Enterprise Cybersecurity Plans in a Post-Pandemic World]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [archTIS Acquires Cipherpoint Technology Assets and Customers]( [Arista, Cisco, Huawei, Juniper Networks, and Nokia Launch New MANRS Equipment Vendor Program to Improve Routing Security Worldwide]( [CISA to Host Fourth Annual National Cybersecurity Summit]( [HPE Survey Finds 76% of Doctors and Nurses Believe Telehealth Will Dominate Patient Care in Near Future]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)