15-Year-Old Python Flaw Slithers into Software Worldwide

Klicken Sie hier, um Informationweek.com zu abonnieren

Kategorien: Dienstleistungen | Professionals Geschäftswaren Finanziell Kantoor Marketing Einzelhandel Einzelhandel Industrie Machines Alter: 14 - 18 Jahr 19 - 30 Jahr 31 - 64 Jahre

Laden...

2 jahre vor

Html
Text

An unpatched flaw in more than 350,000 unique open source repositories leaves software applications vulnerable to exploit. The path traversal-related vulnerability is tracked as CVE-2007-4559.

Follow Dark Reading:

September 22, 2022

LATEST SECURITY NEWS & COMMENTARY

15-Year-Old Python Flaw Slithers into Software Worldwide An unpatched flaw in more than 350,000 unique open source repositories leaves software applications vulnerable to exploit. The path traversal-related vulnerability is tracked as CVE-2007-4559. Threat Actor Abuses LinkedIn's Smart Links Feature to Harvest Credit Cards The tactic is just one in a constantly expanding bag of tricks that attackers are using to get users to click on links and open malicious documents. Sophisticated Hermit Mobile Spyware Heralds Wave of Government Surveillance At the SecTor 2022 conference in Toronto next month, researchers from Lookout will take a deep dive into Hermit and the shadowy world of mobile surveillance tools used by repressive regimes. Data Scientists Dial Back Use of Open Source Code Due to Security Worries Data scientists, who often choose open source packages without considering security, increasingly face concerns over the unvetted use of those components, new study shows. Ransomware: The Latest Chapter As ransomware attacks continue to evolve, beyond using security best practices organizations can build resiliency with extended detection and response solutions and fast response times to shut down attacks. Don't Wait for a Mobile WannaCry Attacks against mobile phones and tablets are increasing, and a WannaCry-level attack could be on the horizon. Hackers Paralyze 911 Operations in Suffolk County, NY Reduced to pen, paper, and phones, 911 operators ask NYPD for backup in handling emergency calls. MORE NEWS / MORE COMMENTARY


HOT TOPICS
Microsoft Brings Zero Trust to Hardware in Windows 11 A stacked combination of hardware and software protects the next version of Windows against the latest generation of firmware threats. ChromeLoader Malware Evolves into Prevalent, More Dangerous Cyber Threat Microsoft and VMware are warning that the malware, which first surfaced as a browser-hijacking credential stealer, is now being used to drop ransomware, steal data, and crash systems at enterprises. How to Dodge New Ransomware Tactics The evolving tactics increase the threat of ransomware operators, but there are steps organizations can take to protect themselves. MORE

EDITORS' CHOICE

Spell-Checking in Google Chrome, Microsoft Edge Browsers Leaks Passwords It's called "spell-jacking": Both browsers have spell-check features that send data to Microsoft and Google when users fill out forms for websites or Web services. LATEST FROM THE EDGE
Cyber Insurers Clamp Down on Clients' Self-Attestation of Security Controls After one company suffered a breach that could have been headed off by the MFA it claimed to have, insurers are looking to confirm claimed cybersecurity measures. LATEST FROM DR TECHOLOGY
Quantify Risk, Calculate ROI SecurityScorecard's ROI Calculator helps organizations quantify cyber-risk to understand the financial impact of a cyberattack.

WEBINARS

Next-Gen Security Operations: Building the SOC of the Future

What does a security operations center (SOCs) require in 2022? The practice of monitoring and responding to threats looks very different today than it did just a few years ago. Which tools and skills do you need know to outfit a ...

Using Zero Trust to Protect Remote and Home Workers

When COVID-19 hit, many organizations attempted to implement Zero Trust environments to protect their data from online threats presented by unsecured home office equipment. But these efforts were often temporary and not particularly effective. In this webinar, experts offer a ...

View More Dark Reading Webinars >>

WHITE PAPERS

How Machine Learning, AI & Deep Learning Improve Cybersecurity Understanding the Zero Trust Approach 5 Takeaways from Major Cybersecurity Headlines State of Attack Surface Management: A Crisis of Overconfidence BotGuard for Denial of Inventory & Stockouts Achieve Balanced Security and Performance with Next-Generation Software-Defined WAN Guide for How to Outpace Today's Cyberthreats

View More White Papers >>

FEATURED REPORTS

How Machine Learning, AI & Deep Learning Improve Cybersecurity 6 Elements of a Solid IoT Security Strategy Incorporating a Prevention Mindset into Threat Detection and Response

View More Dark Reading Reports >>

PRODUCTS & RELEASES

New Kaspersky EDR Optimum Further Simplifies Protection Against Evasive Threats ThreatQuotient Enhances Data-Driven Automation Capabilities With New ThreatQ TDR Orchestrator Features Byos Releases Free Assessment Tool to Provide Companies With Tailored Network Security Recommendations MORE PRODUCTS & RELEASES

CURRENT ISSUE

Ransomware Resilience and Response: The Next-Generation
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Teilen auf

Laden...

Weitere Newsletter von Informationweek.com

'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor Informationweek.com
Vor 17 Minuten
Privacy Regulations Changing - Are You Prepared? Informationweek.com
Vor 11 Stunden
Fancy Bear 'Nearest Neighbor' Attack Uses Nearby Wi-Fi Network Informationweek.com
Gestern um 14:04

Weitere Newsletter von Informationweek.com

Laden...

Andere Kategorien anzeigen

Dienstleistungen | Professionals Geschäftswaren Finanziell Kantoor Marketing Einzelhandel Einzelhandel Industrie Machines

15-Year-Old Python Flaw Slithers into Software Worldwide

Ransomware Resilience and Response: The Next-Generation

Teilen auf

Weitere Newsletter von Informationweek.com

Verwandte Newsletter

Andere Kategorien anzeigen