New Speculative Execution Vulnerability Gives CISOs a New Reason to Lose Sleep

[TechWeb]( Follow Dark Reading: [RSS]( August 07, 2019 LATEST SECURITY NEWS & COMMENTARY [New Speculative Execution Vulnerability Gives CISOs a New Reason to Lose Sleep]( The vulnerability, dubbed SWAPGS, is an undetectable threat to data security, similar in some respects to Spectre and Meltdown. [US Air Force Bug Bounty Program Nets 54 Flaws for $123,000]( The Air Force brought together 50 vetted hackers to find the vulnerabilities in the latest bug-bounty program hosted by a branch of the US military. [Ongoing Campaign Spoofs Walmart, Dating, Movie Sites]( A new investigation detects more than 540 domain names linked to the Walmart brand and camouflaged as career, dating, and entertainment websites. [When Perceived Cybersecurity Risk Outweighs Reality]( Teams need to manage perceived risks so they can focus on fighting the real fires. [Security & the Infinite Capacity to Rationalize]( To improve the security posture of our organizations, we must open our eyes to rationalization and put an end to it with logic. Here's how. [Russian Attack Group Uses Phones & Printers to Breach Corporate Networks]( Microsoft spotted Strontium, also known as APT28 or Fancy Bear, using IoT devices to breach businesses and seek high-value data. [FBI Issues Relationship Fraud/Confidence Scheme Warning]( Criminals are getting increasingly sophisticated in their efforts to commit fraud and recruit 'money mules,' according to the FBI. [MORE NEWS & COMMENTARY]( HOT TOPICS [8 Free Tools to Be Showcased at Black Hat and DEF CON]( Expect a full slate of enterprise-class open source tools to take the spotlight when security researchers share their bounties with the community at large. [How to Keep Your Web Servers Secure]( The good news is that Web servers have come a long way in terms of security. But to err is human, even for IT and security people. [Cisco Pays $8.6M in First False Claims Suit for Vulnerabilities in Security Product]( A security consultant reported vulnerabilities in Cisco's Video Surveillance Manager in 2009 - but the company ignored the issues and fired the consultant. [MORE]( EDITORS' CHOICE [8 Head-Turning Ransomware Attacks to Hit City Governments]( Hackers know vulnerable systems when they see them, and they also know this: Many government systems are decades old, running Windows 7 and even Windows XP. [Dark Reading News Desk Live at Black Hat USA 2019]( Watch right here for more than 30 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern. NEW FROM THE EDGE [Hollywood-Style Hacker Fight]( Watch movies much? Here's what happens when two hackers try to outhack each other. Tech Resources - [Third-Party Cyber Risk Management: Getting to Know Your Vendor]( - [VPNs' Future: Less User Reliant, More Transparent, & Smarter]( - [Data Science & AI in the Fast Lane]( - [SANS Top New Attacks & Threat Report]( - [The Future of AI-Powered Autonomous Response]( - [Clearing the Path to Cloud]( - [Testing for Compliance Just Became Easier]( [ACCESS TECH LIBRARY NOW]( - [DDoS Resilience, Remediation & Recovery: Updating Your Strategy]( Are you ready for a DDoS attack on your network -- or on your service provider's network - or is it time to update your resilience, remediation and recovery plan? In this webinar, learn strategies that will make your business ... - [Vendor ATT&CK Misdirection and How to Avoid It]( In this webinar, you will learn how a simple shift to an adversary-focused approach will help stop targeted threats and will evolve your security program from lean-back to lean-forward -- no matter the size or maturity of your security team. [MORE WEBINARS]( FEATURED REPORTS - [[Malware Threats Survey] Do you have 10 mins to spare?]( Dark Reading needs your help with this 10-minute survey. Complete the survey and you can enter to win one of five $50 Amazon gift cards! - [State of the Cloud]( This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies ... [MORE REPORTS]( CURRENT ISSUE [Building and Managing an IT Security Operations Program]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [QOMPLX Launches Identity Assurance 2.1 For Active Directory Monitoring And Security]( [Bugcrowd Establishes Standard for Crowdsourced Security Workflow Management]( [SiteLock Announces Solution to Automatically Remove Malware & Spam from Website Databases]( [CrowdStrike Introduces CrowdScore Real-Time Threat-Monitoring Metric]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [InformationWeek]( UBM Tech 2 Penn Plaza, 15th Floor, New York, NY 10121 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2019]( | [UBM Tech]( | [Privacy Statement]( | [Terms Of Service]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)