Patch now: The Atlassian security vulnerability appears to be a remotely exploitable privilege-escalation bug that cyberattackers could use to crack collaboration environments wide open.
| | | LATEST SECURITY NEWS & COMMENTARY | | Critical Zero-Day Bug in Atlassian Confluence Under Active Exploit Patch now: The Atlassian security vulnerability appears to be a remotely exploitable privilege-escalation bug that cyberattackers could use to crack collaboration environments wide open. Legions of Critical Infrastructure Devices Subject to Cyber Targeting Nearly 100,000 ICS devices have been found open to the public Internet, potentially threatening physical safety globally. Here's how to quantify the risk. Unkillable? Qakbot Infections Fly On Even After Its High-Profile Raid A literal seven-nation (cyber) army wasn't enough to hold back the famous initial access broker (IAB) for long — it's been chugging along, spreading ransomware, despite a massive takedown in August. Stealthy, Thieving Python Packages Slither Onto Windows Systems A campaign that's been active since April has already racked up nearly 75,000 downloads, stealing data and cryptocurrency in the process. 'Operation Jacana' Reveals DinodasRAT Custom Backdoor The previously undocumented data exfiltration malware was part of a successful cyber-espionage campaign against the Guyanese government, likely by the Chinese. Critical 'ShellTorch' Flaws Light Up Open Source AI Users, Like Google The vulnerabilities exist in the widely used TorchServe framework, used by Amazon, Google, Walmart, and many other heavy hitters. Group-IB: 'GoldDigger' Banking Trojan Targets Vietnamese Organizations The malware uses software to evade detection while also making it difficult to analyze. Could Cybersecurity Breaches Become Harmless in the Future? With these five steps, organizations can develop stronger security practices and make the inevitable breaches inconsequential. (Sponsored Article) The Silent Threat of APIs: What the New Data Reveals About Unknown Risk The rapid growth of APIs creates a widening attack surface and increasing unknown cybersecurity risks. MORE NEWS / MORE COMMENTARY | | |
| | | | | WEBINARS | | The Enterprise View to Cloud Security Today's enterprises may have dozens and dozens of cloud applications and services running in their environment. Enterprises need to coordinate security, manage privileges and access, and handle incident response - the service provider will do only so much. In this ... Using AI in Application Security Tooling As AI continues to improve, security vendors are considering how they can use AI to protect applications. In web application and API security tooling used to protect production environments, AI/ML can be used to enhance and complement existing tactics ... | | View More Dark Reading Webinars >> |
|
| | |
|
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
