TSA Official: Feds Improved Cybersecurity Response Post-Colonial Pipeline

US Transportation Security Agency (TSA) administrator reflects on how the Colonial Pipeline incident has moved the needle in public-private cooperation. [TechWeb]( Follow Dark Reading: [RSS]( May 16, 2023 LATEST SECURITY NEWS & COMMENTARY [TSA Official: Feds Improved Cybersecurity Response Post-Colonial Pipeline]( US Transportation Security Agency (TSA) administrator reflects on how the Colonial Pipeline incident has moved the needle in public-private cooperation. [Microsoft Follina Bug Is Back in Meme-Themed Cyberattacks Against Travel Orgs]( A two-bit comedian is using a patched Microsoft vulnerability to attack the hospitality industry, and really laying it on thick along the way. [RA Ransomware Group Emerges With Custom Spin on Babuk]( The freshly minted ransomware gang is customizing leaked Babuk source code to go after cyber targets in the US and South Korea — and it's expanding its operations quickly. [Microsoft Advisories Are Getting Worse]( A predictable patch cadence is nice, but the software giant can do more. [PharMerica Leaks 5.8M Deceased Users' PII, Health Information]( Relatives are being alerted that a PharMerica compromise exposed the sensitive data of their deceased loved ones, which could be used for identity theft. [(Sponsored Article) Continuous Scanning Is Imperative for Effective Web Application Security]( New research from Invicti shows that an increase in security scanning cadence contributes to improved security posture over time. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [WordPress Plug-in Used in 1M+ Websites Patched to Close Critical Bug]( The privilege escalation flaw is one in thousands that researchers have disclosed in recent years. [AI Is About to Be Everywhere: Where Will Regulators Be?]( Regulators should apply a healthy skepticism to generative AI developments to guarantee a competitive marketplace. [How Public-Private Information Sharing Can Level the Cybersecurity Playing Field]( Sharing information is critical to help organizations protect data and systems. To be even more effective, collaboration should be inclusive — vendors, researchers, and private companies large and small. [MORE]( EDITORS' CHOICE [How Cybercriminals Adapted to Microsoft Blocking Macros by Default]( One long-awaited security move caused a ripple effect in the cybercrime ecosystem. LATEST FROM DR GLOBAL [Malicious Chatbots Target Casinos in Southeast Asia]( Dubbed "ChattyGoblin," the China-backed actors use chatbots to scam Southeast Asian gambling companies. LATEST FROM THE EDGE [Generative AI Empowers Users but Challenges Security]( With the introduction of generative AI, even more business users are going to create low-code/no-code applications. Prepare to protect them. LATEST FROM DR TECHNOLOGY [Break the DDoS Attack Loop With Rate Limiting]( This Tech Tip demonstrates how security engineers can best use rate limits to mitigate distributed denial-of-service attacks. WEBINARS - [Next-Generation Supply Chain Security]( Supply chain attacks are on the rise. Attackers are injecting malicious code into software and hardware components to create backdoors into the organization. As the Kaseya attack demonstrated, compromising a widely used product gives attackers privileged access into corporate networks. ... - [Puzzled by Patching: Solve Endpoint Pains]( In this webinar, you'll learn critical steps to improve your security posture and reduce patching complexity so that your IT team can do more with less while keeping security at the forefront. Now is the time to slay the time-consuming ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Proof-Based Scanning: No noise, just facts]( - [A Buyer's Guide to Securing Privileged Access]( - [Cybersecurity Maturity Model Certification (CMMC) Version 1.02]( - [A Security Leader's Guide to Leveraging MDR for Security Maturity and Development]( - [The State of Cybersecurity: 2023 Trends Report]( - [The 3 Approaches to Breach & Attack Simulation Technologies]( - [Top Ten Tips: Securing Multi-Cloud with Modern CSPM]( [View More White Papers >>]( FEATURED REPORTS - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Lacework Appoints Lea Kissner As Chief Information Security Officer]( [Juniper Research Study Reveals Staggering Cost of Vulnerable Software Supply Chains]( [Coalfire Compliance Report Unveils the Next Horizon in Compliance]( [Trend Micro Reports Consistent Earnings Results for Q1 2023]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)