Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately. Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately.
| | | LATEST SECURITY NEWS & COMMENTARY | | Microsoft Zero-Day Bugs Allow Security Feature Bypass Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately. ChatGPT Browser Extension Hijacks Facebook Business Accounts Between March 3 and March 9, at least 2,000 people a day downloaded the malicious "Quick access to ChatGPT" Chrome extension from the Google Play app store. Access Control Gap in Microsoft Active Directory Widens Enterprise Attack Surface One researcher thinks trust is broken in AD. Microsoft disagrees that there's a security vulnerability. But enterprise IT environments should be aware of an authentication gap either way. Cyberattackers Continue Assault Against Fortinet Devices Patched earlier this month, a code-execution vulnerability is the latest FortiOS weakness to be exploited by attackers, who see the devices as well-placed targets for initial access operations. US Lawmakers Face Cyberattacks, Potential Physical Harm After DC Health Link Breach The threat actor who posted the data for sale has claimed credit for multiple other breaches, including one at grocery platform Weee! that exposed data on more than 1.1 million customers. Analysts Spot a Wave of SVB-Related Cyber Fraud Striking the Business Sector Over the weekend, cybercriminals laid the groundwork for Silicon Valley Bank-related fraud attacks that they're now starting to cash in on. Businesses are the targets and, sometimes, the enablers. AI-Created YouTube Videos Spread Around Malware AI-generated videos pose as tutorials on how to get cracked versions of Photoshop, Premiere Pro, and more. Hackers Lure Cybersecurity Researchers With Fake LinkedIn Recruiter Profiles Campaign demonstrates the DPRK-backed cyberattackers are gaining tools to avoid EDR tools. 5 Lessons Learned From Hundreds of Penetration Tests Developers must balance creativity with security frameworks to keep applications safe. Correlating business logic with security logic will pay in safety dividends. How Businesses Can Get Ready for AI-Powered Security Threats Organizations need to take steps now to strengthen their cyber defenses. How to Jump-Start Your Cybersecurity Career With more than 700,000 cybersecurity jobs available, now is a good time to consider a career change. 5 Critical Components of Effective ICS/OT Security These agile controls and processes can help critical infrastructure organizations build an ICS security program tailored to their own risk profile. MORE NEWS / MORE COMMENTARY | | |
| | | | | WEBINARS | | Managing Identity in the Cloud Shifting identity management and provisioning to the cloud helps streamline these operations. It also brings a new set of challenges, including integrating and managing user identities, privileges, and other attributes used in various on-premise and cloud systems, especially if your ... Ten Emerging Vulnerabilities Every Enterprise Should Know Every day, black hat attackers and white hat researchers are discovering new security vulnerabilities in widely-used systems and applications that might be exploited to compromise your data. Are you aware of the newest - and potentially most impactful - vulnerabilities ... | | View More Dark Reading Webinars >> |
|
| | | | |
|
| | | FEATURED REPORTS | | The Promise and Reality of Cloud Security Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... 10 Hot Talks From Black Hat USA 2022 Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... 2022 State of Network Management (a $499 Value FREE) We surveyed networking professionals about their networking budgets, spending priorities, and concerns. Find out how big of a role security is playing and how they plan to address it. Download the report today! | | View More Dark Reading Reports >> |
|
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
