FEATURES EDITION | Security Pros Warn That EU's Vulnerability Disclosure Rule Is Risky

The Cyber Resilience Act's requirement to disclose vulnerabilities within 24 hours could expose organizations to attacks — or government surveillance. [TechWeb]( Follow Dark Reading: [RSS]( October 14, 2023 LATEST SECURITY FEATURES & COMMENTARY [Security Pros Warn That EU's Vulnerability Disclosure Rule Is Risky]( The Cyber Resilience Act's requirement to disclose vulnerabilities within 24 hours could expose organizations to attacks — or government surveillance. [Passkeys Are Cool, But They Aren't Enterprise-Ready]( The passwordless technology is becoming popular because Apple, Google, and Microsoft have a solution for accounts recovery, but enterprises are slow-walking their passkey adoption plans. [Insurance Companies Have a Lot to Lose in Cyberattacks]( Not only do insurance companies collate sensitive information from their clients, but they also generate their own corporate data to protect. [New California Delete Act Tightens Rules for Data Brokers]( Companies with customers in California need to prepare for a new process for demanding deletion of personal data. [In Search of Rust Developers, Companies Turn to In-House Training]( Google, Fortanix, and other firms have aimed to train a cadre of Rust developers, betting that the additional cost will be offset by security savings. [Name That Edge Toon: Office Artifacts]( Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. [Making the Case for Cryptographic Agility and Orchestration]( Finding the right post-quantum cryptographic (PQC) algorithms is necessary, but not sufficient, to future-proof cybersecurity. [How to Scan Your Environment for Vulnerable Versions of Curl]( This Tech Tip outlines how enterprise defenders can mitigate the risks of the curl and libcurl vulnerabilities in their environments. [Quash EDR/XDR Exploits With These Countermeasures]( With tools and hacker groups constantly evading defenses, expanding cybersecurity beyond endpoint security becomes crucial. [Protect AI Releases 3 AI/ML Security Tools as Open Source]( NB Defense, ModelScan, and Rebuff, which detect vulnerabilities in machine learning systems, are available on GitHub. [Nexusflow Slots GenAI Into SOC Automation]( The startup claims its private AI software is working on making decisions based on generalizing from examples. [MORE FROM THE EDGE]( / [MORE FROM DR TECHNOLOGY]( HOT TOPICS [Brands Beware: X's New Badge System Is a Ripe Cyber-Target]( Scammers have targeted the vaunted blue check marks on the platform formerly known as Twitter, smearing individuals and brands alike. [Gaza Conflict: How Israeli Cybersecurity Will Respond]( The Israeli-Hamas war will most assuredly impact businesses when it comes to ramped-up cyberattacks. Experts say that Israel's considerable collection of cybersecurity vendors be a major asset on the cyber-front. [Microsoft Patch Tuesday Haunted by Zero-Days, Wormable Bug]( October's CVE update is here. Here's which security vulnerabilities to patch now to exorcise your Microsoft systems demons. [MORE]( EDITORS' CHOICE [Will Government Secure Open Source or Muck It Up?]( The US government aims to support open source projects, while the European Union seeks to make open source projects liable for their software. Which approach will lead to more security? [7 Ways SMBs Can Secure Their WordPress Sites]( This Tech Tip outlines seven easy fixes that small and midsize businesses can use to prevent the seven most common WordPress vulnerabilities. [QR Code 101: What the Threats Look Like]( Because QR codes can be used for phishing as easily as an email or text can, organizations must remain vigilant when dealing with them. WEBINARS - [The Enterprise View to Cloud Security]( Today's enterprises may have dozens and dozens of cloud applications and services running in their environment. Enterprises need to coordinate security, manage privileges and access, and handle incident response - the service provider will do only so much. In this ... - [DevSecOps for Mobile App Development]( Baking security into applications earlier in the software development lifecycle has become the mantra of the enterprise today, with software development and security teams working closely together to ensure more secure coding throughout the development process to ensure safer and ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023]( - [Threat Intelligence: Data, People and Processes]( - [Global Perspectives on Threat Intelligence]( - [Building Cyber Resiliency: Key Strategies for Proactive Security Operations]( - [Mandiant Threat Intelligence at Penn State Health]( - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( [View More White Papers >>]( FEATURED REPORTS - [How to Deploy Zero Trust for Remote Workforce Security]( - [What Ransomware Groups Look for in Enterprise Victims]( Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ... - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Mitiga Secures Strategic Investment From Cisco]( [New Malwarebytes Survey: Consumers Lack Trust in New Tech]( [ForAllSecure Announces Dynamic Software Bill of Materials for Application Security]( [Cybersecurity Funding Rises by 21% in Q3 2023, Pinpoint Search Group's Report Indicates]( [BeyondID Introduces Identity-First Model for Zero-Trust Maturity]( [WatchGuard Threat Lab Report Finds Endpoint Malware Volumes Decreasing Despite Campaigns Growing More Expansive]( [MORE PRODUCTS & RELEASES]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Passwords Are Passe: Next Gen Authentication Addresses Today's Threats]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=118750&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_10.07.23&sp_cid=50141&utm_content=DR_NL_Dark%20Reading%20Daily_10.07.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#9c If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)