A patch for the max-severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.
Follow Dark Reading:
 October 23, 2023
LATEST SECURITY NEWS & COMMENTARY
Cisco Finds New Zero-Day Bug, Pledges Patches in Days
A patch for the max-severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.
Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover
SolarWinds' access controls contain five high-severity and three critical-severity security vulnerabilities that need to be patched yesterday.
Ducktail Infostealer, DarkGate RAT Linked to Same Threat Actors
Vietnamese cybercrime groups are using multiple different MaaS infostealers and RATs to target the digital marketing sector.
More Okta Customers Hacked
Attackers compromised customer support files containing cookies and session tokens, which could result in malicious impersonation of valid Okta users.
Change From Within: 3 Cybersecurity Transformation Traps for CISOs to Avoid
To make cybersecurity an organizationwide priority, CISOs must avoid these common input, empathy, and alignment obstacles.
DoD Gets Closer to Nominating Cyber Policy Chief
Though there is speculation regarding potential candidates, the Department of Defense will likely not nominate someone in the near term.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Patch Now: APTs Continue to Pummel WinRAR Bug
State-sponsored cyber-espionage actors from Russia and China continue to target WinRAR users with various info-stealing and backdoor malware, as a patching lag plagues the software's footprint.

The Trifecta of Consumer Data Privacy: Education, Advocacy & Accountability
It's time to build a culture of privacy, one that businesses uphold.

Pro-Iranian Hacktivists Set Sights on Israeli Industrial Control Systems
The hacktivists known as SiegedSec identify ICS targets, but there's no evidence of attacks yet.

The Need for a Cybersecurity-Centric Business Culture
Building a culture of cybersecurity is achievable by acknowledging its importance and consistently reinforcing that message.

North Korea's Kimsuky Doubles Down on Remote Desktop Control
The sophisticated APT employs various tactics to abuse Windows and other built-in protocols with both custom and public malware to take over victim systems.

MORE
EDITORS' CHOICE
9 Innovative Ways to Boost Security Hygiene for Cyber Awareness Month
If we really want to move the dial on security habits, it's time to think beyond phishing tests. Our panel of CISOs and other security heavy-hitters offer expert tips that go beyond the obvious.
LATEST FROM THE EDGE

From Snooze to Enthuse: Making Security Awareness Training 'Sticky'
Most companies offer some kind of awareness training these days. But how much of those lessons are employees actually retaining?
LATEST FROM DR TECHNOLOGY

Amazon Quietly Wades Into the Passkey Waters
The move by the e-commerce kahuna to offer advanced authentication to its 300+ million users has the potential to move the needle on the technology's adoption, security experts say.
LATEST FROM DR GLOBAL

SIM Card Ownership Slashed in Burkina Faso
Users could hold up to five SIM cards previously, but now they can only have two; it's a move that the government says is intended to cut down mobile spam levels.
WEBINARS
  • Building an Effective Active Directory Security Strategy

    For many organizations, Microsoft's Active Directory is the source of truth for user identity and system access. For criminals, Active Directory is a gold mine of information for moving laterally through the corporate infrastructure. Despite its importance, many security teams ...

  • Data Analytics That Matter Most to The Modern Enterprise

    Security teams are overwhelmed with incident data, alerts, and log files. Each endpoint and each application generate its own set of data. How do you know which ones are useful? How do you collect, aggregate, and analyze security data so ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
AI 'Will Have a Significant Impact on Energy Industry,' EPRI Tells Congress
Norton Boosts Security and Privacy With Enhanced Password Manager and AntiTrack
Spec Secures $15M Series A Funding, Accelerating Innovation in Fraud Defense
Fingerprint Raises $33M in Series C Funding to Accelerate Enterprise Device Intelligence and Fraud Prevention Adoption
SailPoint Unveils Annual 'Horizons of Identity Security' Report
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us