An RCE vulnerability in all versions of the popular Confluence collaboration platform can be abused in credential harvesting, cyber espionage, and network backdoor attacks.
Follow Dark Reading:
 June 06, 2022
LATEST SECURITY NEWS & COMMENTARY
Actively Exploited Atlassian Zero-Day Bug Allows Full System Takeover
A remote code execution (RCE) vulnerability in all versions of the popular Confluence collaboration platform can be abused in credential harvesting, cyber espionage, and network backdoor attacks.
Microsoft Disables Iran-Linked Lebanese Hacking Group Polonium
The attack on Israeli organizations is the latest in a long line of attempts to compromise supply chains, as the APT looks to leverage that access to target a multitude of potential victims.
Why Network Object Management Is Critical for Managing Multicloud Network Security
If you want your IT and security administrators to get buried in trivial workloads and productivity bottlenecks, having poor network object management is a great way to accomplish that.
FDA: Patch Illumina DNA Sequencing Instruments, Stat
A critical security bug could lead to remote device control, altered lab results, and more, putting patients in danger, agency warns.
YourCyanide Ransomware Propagates With PasteBin, Discord, Microsoft Links
The latest iteration of CMD-based ransomware is sophisticated and tricky to detect – and integrates token theft and worming capabilities into its feature set.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
US Sanctions Force Evil Corp to Change Tactics
The threat actor behind the notorious Dridex campaign has switched from using its exclusive credential-harvesting malware to a ransomware-as-a-service model, to make attribution harder.

10 No-BS Tips for Building a Diverse and Dynamic Security Team
Advice from women and nonbinary security leaders on creating well-rounded security teams, stronger CISO leadership, and a more resilient industry.

FluBot Android Malware Operation Disrupted, Infrastructure Seized
Security researchers have described the malware as among the fastest-spreading mobile threats in recent years.

MORE
EDITORS' CHOICE

Meet the 10 Finalists in the RSA Conference Innovation Sandbox
This year's finalists tackle such vital security concerns as permissions management, software supply chain vulnerability, and data governance. Winners will be announced June 6.
LATEST FROM THE EDGE

For Ransomware, Speed Matters
Someone interested in putting together a ransomware campaign has to consider several factors. The LockBit group touts its speed over competing families to attract potential buyers for its ransowmare-as-a-service.
LATEST FROM DR TECHNOLOGY

Hunting for Threats Using Network Traffic Flows
SeclarityIO's NetworkSage platform analyzes network traffic data to identify attacks before they become real problems.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Using Threat Modeling to Improve Enterprise Cyber Defenses

    As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ...

  • Vendors as Your Largest BEC Threat

    The tactics that worked for your business five years ago likely aren't still working today, and cybercrime is no different. The CEO fraud that dominated the last few years is not nearly as successful as it used to be, partially ...
MORE WEBINARS
FEATURED REPORTS
  • State of the Cloud: A Security Perspective

    Cloud computing has evolved over the years from a nice-to-have item on the IT wish list to a core technology driving business initiatives. But despite widespread adoption, cloud-based IT systems continue to be saddled with issues related to data security, ...

  • Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal

    With attacks and breaches on the rise, enterprise security teams need full visibility over what they have in their network. DNS is a key tool for visibility and asset discovery. Proactive DNS-layer security - such as using DNS data to ...
MORE REPORTS
CURRENT ISSUE

What Every Enterprise Should Know About Security Product Testing
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
New Cloud Pricing and Products Proof of RSA’s Transformation
Microsoft Philanthropies Collaborates With WiCyS to Help Close the Cybersecurity Skills Gap
CyberQ Technologies Inc. Launches Managed AI for Splunk UBA Customers
Neosec Introduces Expert Managed Threat Hunting Service for Detecting and Investigating API Abuse and Vulnerabilities
Netenrich Debuts Resolution Intelligence Secure Digital Operations Platform at RSA 2022
NetSPI's New Breach and Attack Simulation Enhancements Help Organizations Achieve Behavior-Based Threat Detection
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us