While CVE-2023-40044 is critical, threat watchers hope it won't be another MOVEit for customers of Progress Software's file transfer technology.
Follow Dark Reading:
 October 04, 2023
LATEST SECURITY NEWS & COMMENTARY
Attacks on Maximum Severity WS_FTP Bug Have Been Limited — So Far
While CVE-2023-40044 is critical, threat watchers hope it won't be another MOVEit for customers of Progress Software's file transfer technology.
Fast-Growing Dropbox Campaign Steals Microsoft SharePoint Credentials
Thousands of messages are being sent weekly in a campaign that uses links hosted on legitimate websites to evade natural language processing and URL-scanning email protections.
Russian Hacktivism Takes a Toll on Organizations in Ukraine, EU, US
Russian hacktivist attacks are mostly for show, but sometimes they cause serious damage and are poised to begin getting worse.
Ransomware Crisis, Recession Fears Leave CISOs in Tough Spot
Combining robust decryption and orchestration of encrypted traffic with threat prevention is crucial to staying ahead of attackers.
USPS Anchors Snowballing Smishing Campaigns
Researchers found 164 domains connected to a single threat actor located in Tehran.
(Sponsored Article) Addressing AI and Security Challenges With Red Teams: A Google Perspective
Red Teams can help organizations better understand vulnerabilities and secure critical AI deployments.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Move Over, MOVEit: Critical Progress Bug Infests WS_FTP Software
In the wake of Cl0p's MOVEit rampage, Progress Software is sending file-transfer customers scrambling again — this time to patch a critical bug that is easily exploitable with a specially crafted HTTPS POST request.

DHS: Physical Security a Concern in Johnson Controls Cyberattack
An internal memo cites DHS floor plans that could have been accessed in the breach.

4 Legal Surprises You May Encounter After a Cybersecurity Incident
Many organizations are not prepared to respond to all the constituencies that come knocking after a breach or ransomware incident.

4 Pillars for Building a Responsible Cybersecurity Disclosure Program
Responsible disclosure must strike a balance between the immediate need to protect users and the broader security implications for the entire community.

MORE
EDITORS' CHOICE
FBI: Crippling 'Dual Ransomware Attacks' on the Rise
Once they compromise an victim with an initial ransomware attack, threat actors are ready to deploy a secondary attack with a different strain, which could leave even more damage.
LATEST FOR THE EDGE

Name That Edge Toon: Office Artifacts
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
LATEST FOR DR TECHNOLOGY

CAPTCHAs Easy for Humans, Hard for Bots
Proton is aiming for the sweet spot between security, privacy, and accessibility with its CAPTCHA.
LATEST FOR DR GLOBAL

Norway Urges Europe-Wide Ban on Meta's Targeted Ad Data Collection
Norway wants to permanently ban the owner of Facebook and Instagram from collecting sensitive user data across Europe, saying its current policies violate GDPR rules.
WEBINARS
  • The Enterprise View to Cloud Security

    Today's enterprises may have dozens and dozens of cloud applications and services running in their environment. Enterprises need to coordinate security, manage privileges and access, and handle incident response - the service provider will do only so much. In this ...

  • Securing Identities in the Cloud

    With enterprises increasingly shifting workloads to the cloud, they face different challenges including managing and securing user identities, as well as a web of machine identities. How do you map all of the identities that now reside in the cloud ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Secure Yeti Appoints Jayson E. Street as Chief Adversarial Officer to Spearhead Cybersecurity Empowerment
Visa Program Combats Friendly Fraud Losses For Small Businesses Globally
Netscout Identified Nearly 7.9M DDOS Attacks in the First Half of 2023
Research From IANS and Artico Search Reveals Cybersecurity Budgets Increased Just 6% for 2022-2023 Cycle
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us