Twitter's CISO Takes Off, Leaving Security an Open Question

Lea Kissner was one of three senior executives to quit this week, leaving many to wonder if the social media giant is ripe for a breach and FTC action. [TechWeb]( Follow Dark Reading: [RSS]( November 11, 2022 LATEST SECURITY NEWS & COMMENTARY [Twitter's CISO Takes Off, Leaving Security an Open Question]( Lea Kissner was one of three senior executives to quit this week, leaving many to wonder if the social media giant is ripe for a breach and FTC action. [Amazon, Microsoft Cloud Leaks Highlight Lingering Misconfiguration Issues]( Cloud storage databases, often deployed as "rogue servers" without the blessing of the IT department, continue to put companies and their sensitive data at risk. [Evasive KmsdBot Cryptominer/DDoS Bot Targets Gaming, Enterprises]( KmsdBot takes advantage of SSH connections with weak login credentials to mine currency and deplete network resources, as it gains a foothold on enterprise systems. [5 Easy Steps to Bypass Google Pixel Lock Screens]( PIN-locked SIM card? No problem. It's easy for an attacker to bypass the Google Pixel lock screen on unpatched devices. [How to Close Kubernetes' Network Security Gap]( StackRox bridges network security and other gaps and makes applying and managing network isolation and access controls easier while extending Kubernetes' automation and scalability benefit. [Understanding the Rise of Risk-Based Vulnerability Management]( Risk-based vulnerability management solutions foster the convergence of risk management and vulnerability management. Andrew Braunberg explains what’s driving the emergence of RBVM. [LockBit Bigwig Arrested for Ransomware Crimes]( A dual Russian-Canadian citizen is being extradited to the US to face charges related to LockBit ransomware activities. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Patch ASAP: Critical Citrix, VMware Bugs Threaten Remote Workspaces With Takeover]( Hole-y software alert, Batman: Cybercriminal faves Citrix Gateway and VMware Workspace ONE have authentication-bypass bugs that could offer up total access to attackers. [Microsoft Quashes Bevy of Actively Exploited Zero-Days for November Patch Tuesday]( Long-awaited security fixes for ProxyNotShell and Mark of the Web bypasses are part of a glut of actively exploited zero-day vulnerabilities and other critical flaws that admins need to prioritize in the coming hours. [What We Really Mean When We Talk About ‘Cybersecurity’]( A lack of precision in our terminology leads to misunderstandings and confusion about the activities we engage in, the information we share, and the expectations we hold. [MORE]( EDITORS' CHOICE [Veterans Day Salute: 6 Reasons Why You Want Vets in Your Cyber Platoon]( We commend vets in cyber, with this look at how the training and experience of former military personnel can be a big, differentiating asset in cybersecurity environments. LATEST FROM THE EDGE [Cyberwar and Cybercrime Go Hand in Hand]( The line between criminal and political aims has become blurred, but motivations matter less than the effects of a breach. LATEST FROM DR TECHNOLOGY [Okta Launches New Workforce Identity Cloud]( Okta Worforce Identity Cloud has all three identity functions – identity access management, identity governance, and privilege access management – under the hood. WEBINARS - [Analyzing and Correlating Security Operations Data]( Most security operations centers aren't failing because they don't have enough data - they are failing because they have too much data. In this webinar, experts recommend tools and best practices for correlating information from multiple security systems so that ... - [Cybersecurity Outlook 2023]( On December 13, Cybersecurity Outlook 2023 will look at some of the new threats posed by cybercriminals and nation-states, as well as evolving products and technologies that may help mitigate those threats. You'll hear from some of the cybersecurity industry's leading experts, ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [State of Email Security]( - [Ransomware Resilience and Response: The Next-Generation]( - [Your Digital Transformation Is Being Sabotaged - The Surprising Impact of Sophisticated Bots]( - [BotGuard for Streaming Service Case Study]( - [BotGuard Supplements CDN and WAF Case Study]( - [Guide for How to Outpace Today's Cyberthreats]( - [Analyzing the Economic Benefits of Microsoft Defender for IoT]( [View More White Papers >>]( FEATURED REPORTS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [Breaches Prompt Changes to Enterprise IR Plans and Processes]( - [Implementing Zero Trust In Your Enterprise: How to Get Started]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Flashpoint Releases Ransomware Prediction Model for Vulnerabilities]( [Rezilion Expands Dynamic SBOM Capability to Support Windows Environments]( [Lacework Extends CNAPP Capabilities With Attack Path Analysis and Agentless Workload Scanning]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How Enterprises Are Attacking the Cybersecurity Problem]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)