Experts say CVE-2022-42899 is a serious vulnerability, but widespread exploitation is unlikely because of the specific conditions that need to exist for it to happen.
Follow Dark Reading:
 October 20, 2022
LATEST SECURITY NEWS & COMMENTARY
Apache Commons Vulnerability: Patch but Don't Panic
Experts say CVE-2022-42899 is a serious vulnerability, but widespread exploitation is unlikely because of the specific conditions that need to exist for it to happen.
China-Linked Cyber-Espionage Team Homes In on Hong Kong Government Orgs
The Winnti APT was spotted dropping several variants of Spyder Loader and other malware as part of the so-called Operation Cuckoobees.
Microsoft Customer Data Exposed by Misconfigured Server
The data exposure was the result of an "unintentional misconfiguration on an endpoint" and not a security vulnerability, Microsoft said.
A New Solution to the Cybersecurity Skills Gap: Building Security into Operational Teams
Why — and how — companies should consider shifting day-to-day security responsibilities out to operations teams. The move would elevate the team's level of decision-making and help address the challenge of finding professionals with security-specific credentials.
SBOMs: An Overhyped Concept That Won't Secure Your Software Supply Chain
We need more than the incomplete snapshot SBOMs provide to have real impact.
Emotional Toll From Cyberattacks Can Linger Among Staff for Years
Research shows 1 in 7 employees involved in a cyberattack exhibits clinical trauma symptoms months after the incident.
Scammers Targeting Those Seeking Student Loan Forgiveness
FBI warns that cybercriminals are stealing personal information by posing as administrators of the Student Loan Debt Relief Plan.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
CISA Offers Free RedEye Analytics Tool for Red Teams
The tool helps red teams manage their activities, analyze the data from their campaigns, create reports, and better present results to organizations.

Shared Responsibility or Shared Fate? Decentralized IT Means We Are All Cyber Defenders
With the IT universe expanding, collaboration, thoughtfulness, and discipline can ensure a more secure future.

4 Stakeholders Critical to Addressing the Cybersecurity Workforce Gap
A cross-disciplinary effort of change is needed to attract new professionals in the coming decade.

MORE
EDITORS' CHOICE
Phishing Mitigation Can Cost Businesses More Than $1M Annually
One of the oldest tactics in cybercrime is still one of the most widely feared — and with good reason, as campaigns are expected to increase and become more sophisticated over the next 12 months.
LATEST FROM THE EDGE

What Fast-Talkers Can Teach Us About Vetting Vendors
Here's how to differentiate vendors that can back up their words with solutions and those that cannot.
LATEST FROM DR TECHNOLOGY

Security Awareness Urged to Grow Beyond Compliance
Increasingly vendors are looking for ways to take security awareness beyond checkbox compliance courses to more context-dependent interactions — a "shift left" to the average worker.
WEBINARS
  • Next-Gen Security Operations: Building the SOC of the Future

    What does a security operations center (SOCs) require in 2022? The practice of monitoring and responding to threats looks very different today than it did just a few years ago. Which tools and skills do you need know to outfit a ...

  • Understanding Cyber Attackers & Their Methods

    Every day, your enterprise is at risk of being hacked. But just who are the cyber attackers, and what are their motivations? What methods might they use to crack enterprise data, and how do they stage their attacks? Do you ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Zscaler Advances Enterprise Data Security With Zero-Configuration Data Protection
Kaspersky Launches New VPN to Amplify Speed and Convenience
RCS Secure Catches Its Next Big Wave
GroupSense Delivers New Ransomware Negotiation Training Service
DigiCert Appoints Industry Veteran Amit Sinha as Chief Executive Officer
GitGuardian Extends Code Security Platform, Adding Infrastructure-as-Code Scanning for Security Misconfigurations
Revelstoke Teams Up With BreachRx, Offering Users Automated Incident Response and Compliance Solutions
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Building the SOC of the Future
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us