Google Cloud Aims to Share Its Vetted Open Source Ecosystem

The online giant analyzes, patches, and maintains its own versions of open source software, and now the company plans to give others access to its libraries and components as a subscription. [TechWeb]( Follow Dark Reading: [RSS]( May 18, 2022 LATEST SECURITY NEWS & COMMENTARY [Google Cloud Aims to Share Its Vetted Open Source Ecosystem]( The online giant analyzes, patches, and maintains its own versions of open source software, and now the company plans to give others access to its libraries and components as a subscription. [Critical VMware Bug Exploits Continue, as Botnet Operators Jump In]( A critical VMware bug tracked as CVE-2022-22954 continues to draw cybercriminal moths to its remote code-execution flame, with recent attacks focused on botnets and Log4Shell. [FBI: E-Tailers, Beware Web Injections for Scraping Credit-Card Data, Backdoors]( Law enforcement is warning about a wave of Web injection attacks on US online retailers that are successfully stealing credit-card information from online checkout pages. [How Mobile Networks Have Become a Front in the Battle for Ukraine]( Since 2014's annexation of Crimea, Ukrainian mobile operators have taken multiple, proactive steps to defend networks in the country and ensure their resilience. [Local Government's Guide to Minimizing the Risk of a Cyberattack]( Most local leaders lack cybersecurity resources so they don't know where their weaknesses are and which areas threat actors are most likely to target, with little focus or understanding of risk. [Training to Beat a Bad Cybersecurity Culture]( Creating a company culture for security may need to start by tearing down an anti-security culture. [New Venture Capital Fund Focuses on Emerging Cybersecurity Tech]( The founders behind more than 90 cybersecurity firms have set up a $300 million investment fund. [Widespread Attack on WordPress Sites Targets Tatsu Builder Plug-in]( A widespread attack is underway to exploit known RCE flaw in Tatsu Builder WordPress plug-in, according to a new report. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [How to Turn a Coke Can Into an Eavesdropping Device]( Cyber-researchers are testing the bounds of optical attacks with a technique that allows attackers to recover voice audio from meetings if there are shiny, lightweight objects nearby. [Me, My Digital Self, and I: Why Identity Is the Foundation of a Decentralized Future]( A decentralized future is a grand ideal, but secure management of private keys is the prerequisite to ensure the integrity of decentralized applications and services. [Name That Toon: Knives Out]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [MORE]( EDITORS' CHOICE [Open Source Security Gets $30M Boost From Industry Heavy Hitters]( Maintainers of open source software (OSS) will gain additional security tools for their own projects, while the developers who use OSS — and about 97% of software does — will gain more data on security. LATEST FROM THE EDGE [Threat Actors Are Stealing Data Now to Decrypt When Quantum Computing Comes]( The technique, called store-now, decrypt later (SNDL), means organizations need to prepare now for post-quantum cryptography. [Enhancing DLP With Natural Language Understanding for Better Email Security]( Natural language understanding is well-suited for scanning enterprise email to detect and filter out spam and other malicious content. Armorblox introduces a data loss prevention service to its email security platform using NLU. Tech Resources - [Sumo Logic for Continuous Intelligence]( - [Gartner, Quick Answer: How Can Organizations Use DNS to Improve Their Security Posture?]( - [5 Critical Cyber Range Exercises from the Experts]( - [What is a data vault? Why do you need it?]( - [Protecting Endpoint to Work from Anywhere]( - [Creating a Regulatory Compliant Medical Device Vulnerability Management Program]( - [Broken Supply Chains Leave Medical Devices Vulnerable to Cyber Attacks]( [ACCESS TECH LIBRARY NOW]( - [Harnessing the Power of Security Automation]( With many organizations pinched for both dollars and manpower, security and IT teams are turning to a new class of technology and practices designed to automate repetitive and time-consuming tasks in security operations. How can companies truly unleash the potential ... - [Building an Effective Active Directory Security Strategy]( For cyber criminals, Microsoft's Active Directory is a treasure trove of user identity and system access. But while Active Directory is a potential attack vector, it can also play a crucial role in enterprise cyber defenses. In this webinar, experts ... [MORE WEBINARS]( FEATURED REPORTS - [How Enterprises Plan to Address Endpoint Security Threats in a Post-Pandemic World]( Dark Reading's 2022 Endpoint Security Report examines how IT and cybersecurity professionals are grappling with the impact of pandemic-related changes on endpoint security strategies. The report explores how they are building their endpoint security defenses, and provides insight on what organizations ... - [How Enterprises Are Assessing Cybersecurity Risk in Today's Environment]( Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns. [MORE REPORTS]( CURRENT ISSUE [Incorporating a Prevention Mindset into Threat Detection and Response]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [(ISC)² Unveils 100K in the UK Scheme to Expand the UK Cybersecurity Workforce with 100,000 Free Entry-Level Certification Exams and Education Opportunities]( [Rubrik Launches Rubrik Security Cloud to Secure Data, Wherever it Lives, Across Enterprise, Cloud, and SaaS]( [Barracuda Expands Cloud-Native SASE Platform to Protect Hybrid Cloud Deployments]( [Qualys Adds Custom Assessment and Remediation to Its Cloud Platform]( [YouMail Launches YouMail Protective Services for Carriers and Enterprises]( [Ericom’s New ZTEdge Web Application Isolation Addresses Security Concerns Associated With Third-Party Contractor Application Access]( [Bitdefender Launches Identity Theft Protection Service for U.S. Consumers]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)