93% of Tested Networks Vulnerable to Breach, Pen Testers Find

[TechWeb]( Follow Dark Reading: [RSS]( December 22, 2021 LATEST SECURITY NEWS & COMMENTARY [93% of Tested Networks Vulnerable to Breach, Pen Testers Find]( Data from dozens of penetration tests and security assessments suggest nearly every organization can be infiltrated by cyberattackers. [Meta Files Federal Lawsuit Against Phishing Operators]( The Facebook parent company seeks court's help in identifying the individuals behind some 39,000 websites impersonating its brands to collect login credentials. [Preemptive Strategies to Stop Log4j and Its Variants]( Zero trust is key to not falling victim to the next big vulnerability. [The Future of Ransomware]( Focusing on basic security controls and executing them well is the best way to harden your systems against an attack. [UK Security Agency Shares 225M Passwords With 'Have I Been Pwned']( The UK's NCA and NCCU have shared 225 million stolen emails and passwords with HIBP, which tracks stolen credentials. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Lights Out: Cyberattacks Shut Down Building Automation Systems]( Security experts in Germany discover similar attacks that lock building engineering management firms out of the BASes they built and manage — by turning a security feature against them. [Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft]( Organizations should upgrade ASAP to new version of logging framework released Tuesday by the Apache Foundation, security experts say. [Why Log4j Mitigation Is Fraught With Challenges]( The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an organization's own networks and systems. [MORE]( EDITORS' CHOICE [New Log4j Attack Vector Discovered]( Meanwhile, Apache Foundation releases third update to logging tool in 10 days to address yet another flaw. LATEST FROM THE EDGE [What Are the Pros and Cons of a SASE Architecture?]( SASE is a promising and burgeoning networking architecture approach, but it's not without some challenges. LATEST FROM DR TECHNOLOGY [Mobile App Developers Keep Fraudulent Traffic at Bay with Anti-Fraud API]( The new API and SDK from Pixalate helps mobile developers avoid getting their apps delisted from app stores by detecting and blocking fraudulent traffic. Tech Resources - [Zero Trust and the Power of Isolation for Threat Prevention]( - [Zero Trust in Real Life]( - [Protecting Your Mainframe Against Relentless Ransomware]( - [2021 Ransomware Threat Report]( - [Safeguard Your Cloud Journey With A Comprehensive Security Solution]( - [Cloud & Hybrid Security Tooling Report]( - [Reckoning with Ransomware]( [ACCESS TECH LIBRARY NOW]( - [Beyond Spam and Phishing: Emerging Email-based Threats]( Even as enterprises adopt real-time messaging tools and platforms, email remains the hub of enterprise communications. Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks. In this webinar, ... - [Cloud Security Strategies for Today's Enterprises]( The typical enterprise relies on dozens, even hundreds, of cloud applications and services sprawled across different platforms and service providers. Security teams need to shoulder the responsibility of coordinating security and incident response and not leave it up to individual ... [MORE WEBINARS]( FEATURED REPORTS - [Zero Trust and the Power of Isolation for Threat Prevention]( - [Enterprise Cybersecurity Plans in a Post-Pandemic World]( As the COVID-19 pandemic eases, IT security threats and the challenges involved in responding to them are trending upward. Security leaders expect that cyberattacks like ransomware, phishing, and malware will increase even as the pandemic eventually recedes. Download the Dark ... [MORE REPORTS]( CURRENT ISSUE [How Data Breaches Affect the Enterprise]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [SAIC Launches Rugged Apps to Provide Secure Commercial Apps to Government Users]( [BlackBerry Launches New Managed Extended Detection and Response (XDR) Service]( [Trend Micro Crowns Champions of 2021 Capture the Flag Competition]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)