In the race over Citrix's latest vulnerability, the bad guys have a huge head start, with broad implications for businesses and critical infrastructure providers worldwide.
Follow Dark Reading:
 October 26, 2023
LATEST SECURITY NEWS & COMMENTARY
As Citrix Urges Its Clients to Patch, Researchers Release an Exploit
In the race over Citrix's latest vulnerability, the bad guys have a huge head start, with broad implications for businesses and critical infrastructure providers worldwide.
'Log in with...' Feature Allows Full Online Account Takeover for Millions
Hundreds of millions of users of Grammarly, Vidio, and the Indonesian e-commerce giant Bukalapak are at risk for financial fraud and credential theft due to OAuth misfires — and other online services likely have the same problems.
Virtual Alarm: VMware Issues Major Security Advisory
VMware vCenter Servers need immediate patch against critical RCE bug as race against threat actors begins.
1Password Becomes Latest Victim of Okta Customer Service Breach
Okta's IAM platform finds itself in cyberattackers' sights once again, as threat actors mount a supply chain attack targeting Okta customer support engagements.
Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover
SolarWinds' access controls contain five high-severity and three critical-severity security vulnerabilities that need to be patched yesterday.
Cyberattackers Alter Implant on 30K Compromised Cisco IOS XE Devices
A seemingly sharp drop in the number of compromised Cisco IOS XE devices visible on the Internet led to a flurry of speculation over the weekend — but it turns out the malicious implants were just hiding.
Cisco Finds New Zero-Day Bug, Pledges Patches in Days
A patch for the max-severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.
Patch Now: Massive RCE Campaign Wrangles Routers Into Botnet
Thousands of devices, including D-Link and Zyxel gear, remain vulnerable to takeover despite the availability of patches for the several bugs being exploited by IZ1H9 campaign.
Change From Within: 3 Cybersecurity Transformation Traps for CISOs to Avoid
To make cybersecurity an organizationwide priority, CISOs must avoid these common input, empathy, and alignment obstacles.
Cybersecurity Awareness Doesn't Cut It; It's Time to Focus on Behavior
We have too much cybersecurity awareness. It's time to implement repeatable, real-world practice that ingrains positive habits and security behaviors.
The Need for a Cybersecurity-Centric Business Culture
Building a culture of cybersecurity is achievable by acknowledging its importance and consistently reinforcing that message.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
It's Time to Establish the NATO of Cybersecurity
Cybercriminals already operate across borders. Nations must do the same to protect their critical infrastructure, people, and technology from threats foreign and domestic.

A Cybersecurity Framework for Mitigating Risks to Satellite Systems
Cyber threats on satellite technology will persist and evolve. We need a comprehensive cybersecurity framework to protect them from attackers.

Strengthening Oman's Economic Backbone
Creating a new regulatory framework to better secure Oman's banking system against future attacks.

Telling Small Businesses to Buy Cyber Insurance Isn't Enough
To protect themselves from threats, companies also need proactive cybersecurity.

MORE
EDITORS' CHOICE
9 Innovative Ways to Boost Security Hygiene for Cyber Awareness Month
If we really want to move the dial on security habits, it's time to think beyond phishing tests. Our panel of CISOs and other security heavy-hitters offer expert tips that go beyond the obvious.
LATEST FROM THE EDGE

From Snooze to Enthuse: Making Security Awareness Training 'Sticky'
Most companies offer some kind of awareness training these days. But how much of those lessons are employees actually retaining?
LATEST FROM DR TECHNOLOGY

Data Security and Collaboration in the Modern Enterprise
The "CISO Survival Guide" explores the complex and shifting challenges, perceptions, and innovations that will shape how organizations securely expand in the future.
LATEST FROM DR GLOBAL

AI-Powered Israeli 'Cyber Dome' Defense Operation Comes to Life
The Israelis are building a cyber defense system that will use ChatGPT-like generative AI platforms to parse threat intelligence.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Tines Report Finds More than Half of Security Professionals Likely To Switch Jobs Next Year
2023 Ransomware Attacks Up More Than 95% Over 2022, According to Corvus Insurance Q3 Report
Accenture Expands Cybersecurity Services Capabilities in Latin America With Acquisition of MNEMO Mexico
AI 'Will Have a Significant Impact on Energy Industry,' EPRI Tells Congress
SailPoint Unveils Annual 'Horizons of Identity Security' Report
Fingerprint Raises $33M in Series C Funding to Accelerate Enterprise Device Intelligence and Fraud Prevention Adoption
Norton Boosts Security and Privacy With Enhanced Password Manager and AntiTrack
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Tips for a Streamlined Transition to Zero Trust
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us