In a SolarWinds-like attack, compromised, digitally signed versions of 3CX DesktopApp are landing on user systems via the vendor's update mechanism.
Follow Dark Reading:
 March 31, 2023
LATEST SECURITY NEWS & COMMENTARY
Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises
In a SolarWinds-like attack, compromised, digitally signed versions of 3CX DesktopApp are landing on user systems via the vendor's update mechanism.
Organizations Consider Self-Insurance to Manage Risk
Risk reassessment is shaking up the cybersecurity insurance market, leading some organizations to consider their options, including self-insurance.
BEC Fraudsters Expand to Snatch Real-World Goods in Commodities Twist
Business email compromise scams are moving beyond just stealing cash, with some threat actors fooling companies into sending goods and materials on credit, and then skipping out on payment.
Stop Blaming the End User for Security Risk
Don't count on securing end users for system security. Instead, focus on better securing the systems — make them closed by default and build with a security-first approach.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest
In two days, ethical researchers from 10 countries have unearthed more than 22 zero-day bugs in a wide range of technologies at the annual hacking contest.

7 Women Leading the Charge in Cybersecurity Research & Analysis
From rising stars to veterans heading up research teams, check out our profiles of women making a big impact in cyber defense as the threat landscape expands.

Using Observability to Power a Smarter Cybersecurity Strategy
With an infrastructure for observability, security teams can make better decisions about access and identity-based threats.

MORE
EDITORS' CHOICE
Top Tech Talent Warns of AI's Threat to Human Existence in Open Letter
Elon Musk, Steve Wozniak, and Andrew Yang are among more than 1,000 tech leaders asking for time to establish human safety parameters around AI.
LATEST FROM THE EDGE

Organizations Consider Self-Insurance to Manage Risk
Risk reassessment is shaking up the cybersecurity insurance market, leading some organizations to consider their options, including self-insurance.
LATEST FROM DR TECHNOLOGY

CISA Releases Hunt Tool for Microsoft's Cloud Services
CISA released the hunt and response tool to help defenders extract cloud artifacts without performing additional analytics.
WEBINARS
  • How to Accelerate XDR Outcomes: Bridging the Gap Between Network and Endpoint

    Adversaries are moving faster than ever, with modern attacks coming from all fronts across network, endpoint, and other domains. In 2022, the average breakout time declined from 98 minutes to 84 minutes, highlighting the imperative for IT and security teams to act quickly ...

  • Ten Emerging Vulnerabilities Every Enterprise Should Know

    Every day, black hat attackers and white hat researchers are discovering new security vulnerabilities in widely-used systems and applications that might be exploited to compromise your data. Are you aware of the newest - and potentially most impactful - vulnerabilities ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

    The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ...

  • Shoring Up the Software Supply Chain Across Enterprise Applications

    Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ...

  • 10 Hot Talks From Black Hat USA 2022

    Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ...
View More Dark Reading Reports >>
PRODUCTS & RELEASES
DataDome Closes $42M in Series C Funding to Advance the Fight Against Bot-Driven Cyberattacks and Fraud
Socura Launches Managed SASE (MSASE) Service
Bitwarden Announces Secrets Management With a Combination of Open Source, End-to-End Encryption, and Ease of Use
CyberSecure Announces Strategic Alliance
Lightspin Launches Remediation Hub to Identify and Fix Cloud Security Threats
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us