Is XDR Overhyped? | The Troubling Rise of Initial Access Brokers

[TechWeb]( Follow Dark Reading: [RSS]( November 18, 2021 LATEST SECURITY NEWS & COMMENTARY [Is XDR Overhyped?]( Security experts weigh in on the value and pitfalls of extended detection and response (XDR), offering consideration and advice on this growing new category. [The Troubling Rise of Initial Access Brokers]( Criminal groups are ramping up use of IABs to get access to networks without having to deal with the initial reconnaissance and intrusion phases. [What Happens If Time Gets Hacked]( Renowned hardware security expert raises alarm on the risk and dangers of cyberattackers targeting the current time-synchronization infrastructure. [Cybercriminals Increasingly Employ Crypto-Mixers to Launder Stolen Profits]( Crypto-mixer services are set to grow as ransomware and other cybercriminal enterprises increasingly lean into cryptocurrency, new research shows. [PerSwaysion Phishing Campaign Continues to Be an Active Threat for Organizations]( Research shows that multiple attack groups have been using the Microsoft file-sharing service - leveraging phishing kit for much longer than previously thought. [In Appreciation: Alan Paller]( Alan Paller, founder of the famed SANS Institute, passed away on Nov. 9. [How to Hire — and Retain — Effective Threat Hunters]( Key characteristics that should be evaluated include curiosity, disposition, and fit with the culture. [4 Considerations for Improving Cloud Security Hygiene]( Mixing cloud security and maintenance practices with legacy enterprise approaches usually ends up shortchanging cloud hygiene. Here are some ways to remedy that. [How to Navigate the Mitigation of Deepfakes]( Deepfakes are already several steps ahead of the technology that can detect and warn us about them. [Name That Toon: Cubicle for Four]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [Emotet Makes a Comeback]( The popular Trojan has re-emerged on the scene several months after the botnet infrastructure behind it was disrupted by law enforcement. [SolarWinds Vulnerability Exploited in First Stage of Clop Ransomware Attacks]( Russian cybercrime group known as T505 is targeting SolarWinds Server-U systems that haven't been patched for a remote code execution vulnerability fixed this summer. [FBI Attributes Abuse of Its Email Account to Software 'Misconfiguration']( A wave of phony emails from an FBI mail server originated from an issue with the agency's Law Enforcement Enterprise Portal. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Cloud Attack Analysis Unearths Lessons for Security Pros]( Researchers detail their investigation of a cryptomining campaign stealing AWS credentials and how attackers have evolved their techniques. [MacOS Zero-Day Used in Watering-Hole Attacks]( Attackers targeted Chinese pro-democracy groups using a vulnerability fixed in September along with a second vulnerability fixed early in the year, Google says. [How Visibility Became the Lifeblood of SecOps and Business Success]( The best way to succeed in long-term cybersecurity is to invest in visibility because you can't protect or defend against what you can't see. [MORE]( EDITORS' CHOICE [How to Negotiate With Ransomware Attackers]( Security researchers investigate the ransom negotiation process to create strategies businesses can use if they face an attack. LATEST FROM THE EDGE [Follow the Leaders: A Blueprint for Software Security Success]( Organizations can study software security leaders and emulate their habits and initiatives in order to build a successful software security program of their own. LATEST FROM DR TECHNOLOGY [3 Must-Know Technologies to Protect Your Hybrid Workforce]( Zero-trust, SASE, and XDR have similar goals, but they differ in their approaches to protecting businesses and users. Tech Resources - [2021 Ransomware Threat Report]( - [2021 Cyberthreat Defense Report]( - [Architects Guide to Zero Trust Network Access]( - [Defend Against Credential-based & Privilege Escalation Attacks]( - [Questions to Ask in Evaluating a Deception-Based Cybersecurity Solution]( - [A Pragmatic Path to SASE]( - [The Buyer's Guide to Next Generation Cloud Security Posture Management]( [ACCESS TECH LIBRARY NOW]( - [Cybersecurity Forecast 2022: Snowpocalypse or cloudy with a chance of rain?]( Does the year ahead hold significant promise for IT and Security teams, or does the upheaval caused by COVID-19 and the spike in cyberattacks continue well into 2022? As threat actors continue to evolve, what should security teams look out for ... - [Beyond Patch Management: Next-Generation Approaches to Finding and Fixing Vulnerable Code]( A good patch management process can help make your enterprise data more secure. But what does it do for vulnerabilities that haven't been patched? Attackers are increasingly manipulating open-source, third-party components in software -- do you have a process to ... [MORE WEBINARS]( FEATURED REPORTS - [10 Hot Talks From Black Hat USA 2021]( - [Enterprise Cybersecurity Plans in a Post-Pandemic World]( As the COVID-19 pandemic eases, IT security threats and the challenges involved in responding to them are trending upward. Security leaders expect that cyberattacks like ransomware, phishing, and malware will increase even as the pandemic eventually recedes. Download the Dark ... [MORE REPORTS]( CURRENT ISSUE [How Data Breaches Affect the Enterprise]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [CISA Releases Incident and Vulnerability Response Playbooks to Strengthen Cybersecurity for Federal Civilian Agencies]( [Sift Acquires Passwordless Authentication Pioneer Keyless to Provide Secure, Frictionless Authentication]( [Palo Alto Networks Delivers What's Next in Security at Ignite '21]( [New Global Rackspace Technology Survey Underscores Rapid Pace of Cloud Adoption]( [Trend Micro: 90% of IT Decision Makers Believe Organizations Compromise on Cybersecurity in Favor of Other Goals]( [Immersive Labs Acquires Snap Labs to Power Cyber Simulations With New Depth and Realism]( [Norton Special Report Reveals Nearly 1 in 2 Gamers Have Experienced a Cyberattack]( [JupiterOne and Cisco Announce Launch of Secure Cloud Insights]( [MSPAlliance Leadership Council Forms Vendor Council to Address Managed Services Supply Chain Risk]( [MORE PRODUCTS & RELEASES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)