A critical VMware bug tracked as CVE-2022-22954 continues to draw cybercriminal moths to its remote code-execution flame, with recent attacks focused on botnets and Log4Shell.
| | | LATEST SECURITY NEWS & COMMENTARY | | Critical VMware Bug Exploits Continue, as Botnet Operators Jump In A critical VMware bug tracked as CVE-2022-22954 continues to draw cybercriminal moths to its remote code-execution flame, with recent attacks focused on botnets and Log4Shell. Phishing Attacks for Initial Access Surged 54% in Q1 For the first time in a year, security incidents involving email compromises surpassed ransomware incidents, a new analysis shows. MITRE Creates Framework for Supply Chain Security System of Trust includes data-driven metrics for evaluating the integrity of software, services, and suppliers. Google Cloud Aims to Share Its Vetted Open Source Ecosystem The online giant analyzes, patches, and maintains its own versions of open source software, and now the company plans to give others access to its libraries and components as a subscription. Open Source Security Gets $30M Boost From Industry Heavy Hitters Maintainers of open source software (OSS) will gain additional security tools for their own projects, while the developers who use OSS — and about 97% of software does — will gain more data on security. Log4Shell Exploit Threatens Enterprise Data Lakes, AI Poisoning A brand-new attack vector lays open enterprise data lakes, threatening grave consequences for AI use cases like telesurgery or autonomous cars. US Cyber Director: Forging a Cybersecurity Social Contract Is Not Optional In a Black Hat Asia keynote fireside chat, US national cyber director Chris Inglis outlined his vision of an effective cybersecurity public-private partnership strategy. Name That Toon: Knives Out Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. How Mobile Networks Have Become a Front in the Battle for Ukraine Since 2014's annexation of Crimea, Ukrainian mobile operators have taken multiple, proactive steps to defend networks in the country and ensure their resilience. Needs Improvement: Scoring Biden's Cyber Executive Order One year after it was issued, has President Biden's Cyber Executive Order had an impact? Me, My Digital Self, and I: Why Identity Is the Foundation of a Decentralized Future A decentralized future is a grand ideal, but secure management of private keys is the prerequisite to ensure the integrity of decentralized applications and services. How Threat Actors Are a Click Away From Becoming Quasi-APTs As demonstrated in Ukraine and elsewhere, the battlefield for today's warriors extends to the virtual realm with cyber warfare. US Agrees to International Electronic Cybercrime Evidence Swap The Budapest Convention is a multinational coalition that agrees to share electronic evidence across international jurisdictions to track down cybercriminals. iPhones Open to Attack Even When Off, Researchers Say Wireless chips that run when the iPhone iOS is shut down can be exploited. MORE NEWS / MORE COMMENTARY | | | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To update your profile, change your e-mail address, or unsubscribe, click here. | | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
