Foreign state-sponsored actors likely had access to privileged state emails for weeks, thanks to a token validation vulnerability.
Follow Dark Reading:
 July 13, 2023
LATEST SECURITY NEWS & COMMENTARY
Chinese APT Cracks Microsoft Outlook Emails at 25 Government Agencies
Foreign state-sponsored actors likely had access to privileged state emails for weeks, thanks to a token validation vulnerability.
Hackers Target Chinese Gamers With Microsoft-Signed Rootkit
Kernel mode driver can download second-stage payload directly to memory, allowing threat actors to evade endpoint detection and response tools.
White House Urged to Quickly Nominate National Cyber Director
A group of cybersecurity organizations is urging the White House to move with haste in nominating a new National Cyber Director, amid a complex and shifting threat landscape.
Hackers Exploit Policy Loophole in Windows Kernel Drivers
Using open source tools, attackers target Chinese speakers with malicious drivers with expired certificates, potentially allowing for full system takeover.
Ransomware, From a Different Perspective
A good backup strategy can be effective at mitigating a ransomware attack, but how many organizations consider that their backup data can also be targeted?
How to Put Generative AI to Work in Your Security Operations Center
Generative AI is the cybersecurity resource that never sleeps. Here are some of the ways security-focused generative AI can benefit different members of the SOC team.
QuickBlox API Vulnerabilities Open Video, Chat Users to Data Theft
QuickBlox users should update to the latest version of the platform in order to protect against several avenues of exploitation.
(Sponsored Article) Why Hybrid Work Has Made Secure Access So Complicated
Employees now have the freedom to work wherever they want, which brings new challenges for security teams trying to protect data.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Apple's Rapid Zero-Day Patch Causes Safari Issues, Users Say
Apple's emergency fix for a code-execution bug being actively exploited in the wild is reportedly buggy itself, and some indications point to the Cupertino giant halting patch rollouts.

Top Takeaways From Table Talks With Fortune 100 CISOs
As organizations struggle to keep up with new regulations and hiring challenges, chief information security officers share common challenges and experiences.

Mastodon Patches 4 Bugs, but Is the Twitter Killer Safe to Use?
Platform's independent server "instances" may have different security levels, creating potential for supply chain-like vulnerabilities.

MORE
EDITORS' CHOICE
Microsoft Discloses 5 Zero-Days in Voluminous July Security Update
Fixes for more than 100 vulnerabilities affect numerous products, including Windows, Office, .Net, and Azure Active Directory, among others.
LATEST FROM DR TECHNOLOGY

Startup Spotlight: Mobb Aims to Be the Fixer
The company, one of four finalists in this year's Black Hat USA Startup Spotlight competition, automates vulnerability remediation using AI.
LATEST FROM THE EDGE

10 Features an API Security Service Needs to Offer
Securing APIs is specialized work. Here's what organizations should look for when selecting an outside partner.
LATEST FROM DR GLOBAL

APT35 Develops Mac Bespoke Malware
Iran-linked APT35 group crafted specific Mac malware when targeting a member of the media with new tools to add backdoors.
WEBINARS
  • Finding a Backup Strategy That Works For You

    You've been hit with a ransomware, DDoS, natural disaster, or destructive cyberattack. One of the first questions: can we get our data back? Good back-ups are key to business continuity and disaster recovery, but backing up your data in preparation ...

  • Finding the Right Role for Identity and Access Management in Your Enterprise

    End user credentials are essential to enabling your employees to gain access to the data and applications they need. Those credentials are also one of the most prized targets that attackers hope to gain. To enable user access and prevent ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Firedome Integrates With Microsoft Defender for IoT to Enhance IoT Device Security, Using Microsoft Sentinel
Console & Associates, P.C. Investigates HCA Healthcare After Report of Data Breach Affecting an Estimated 11M Patients
(ISC)² Strengthens DEI Initiatives through Global Partnerships
Hackers Say Generative AI Unlikely to Replace Human Cybersecurity Skills According to Bugcrowd Survey
Less Than Half of SMBs Deploy Privileged Access Management
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How to Use Threat Intelligence to Mitigate Third-Party Risk
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us