Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.
Follow Dark Reading:
 February 02, 2023
LATEST SECURITY NEWS & COMMENTARY
Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover
Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.
Phishers Trick Microsoft Into Granting Them 'Verified' Cloud Partner Status
Everyone on Twitter wants a blue check mark. But Microsoft Azure's blue badges are even more valuable to a threat actor stealing your data via malicious OAuth apps.
Lazarus Group Rises Again, to Gather Intelligence on Energy, Healthcare Firms
An OpSec slip from the North Korean threat group helps researchers attribute what was first suspected as a ransomware attack to nation-state espionage.
Discrepancies Discovered in Vulnerability Severity Ratings
Differences in how the National Vulnerability Database (NVD) and vendors score bugs can make patch prioritization harder, study says.
Russia's Sandworm APT Launches Swarm of Wiper Attacks in Ukraine
The incidents are the latest indication of the growing popularity of dangerous disk wipers, created to disrupt and degrade critical infrastructure and other organizations.
Companies Struggle With Zero Trust as Attackers Adapt to Get Around It
Only one in 10 enterprises will create a robust zero-trust foundation in the next three years, while more than half of attacks won't even be prevented by it, according to Gartner.
Hive Ransomware Gang Loses Its Honeycomb, Thanks to DoJ
The US Department of Justice hacked into Hive's infrastructure, made off with hundreds of decryptors, and seized the gang's operations.
Federal Agencies Infested by Cyberattackers via Legit Remote Management Systems
Hackers don't need a key to get past your defenses if they can essentially teleport using RMMs, warns CISA and the NSA.
Inside Killnet: Pro-Russia Hacktivist Group's Support and Influence Grows
Killnet is building its profile, inspiring jewelry sales and rap anthems. But the impact of its DDoS attacks, like the ones that targeted 14 major US hospitals this week, remain largely questionable.
Critical RCE Lexmark Printer Bug Has Public Exploit
A nasty SSRF bug in Web Services plagues a laundry list of enterprise printers.
3 Ways ChatGPT Will Change Infosec in 2023
OpenAI's chatbot has the promise to revolutionize how security practitioners work.
Will Cybersecurity Remain Recession-Proof in 2023?
Demand for skilled professionals will remain high, but cyber budgets will be eaten away.
Organizations Must Brace for Privacy Impacts This Year
Expect more regulatory and enforcement action in the US and around the world.
Application Security Must Be Nonnegotiable
Companies need to keep security priorities top of mind during economic downturns so all-important revenue generation doesn't come with a heaping side order of security problems.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Beating the Odds: 3 Challenges Women Face in the Cybersecurity Industry
Companies need to be aware of the work culture they foster. Diversity and inclusion aren't just buzzwords. Increasing female visibility and improving female mentoring to help women enter and advance within the cybersecurity industry are key steps forward.

Spotlight on 2023 DevSecOps Trends
Solutions that provide more actionable results — remediation that frees up engineers, processes which integrate security into software development from its design, along with automation, IAC, and tool consolidation — are among the DevSecOps strategies that will prevail this year.

MORE
EDITORS' CHOICE
Firmware Flaws Could Spell 'Lights Out' for Servers
Five vulnerabilities in the baseboard management controller (BMC) software used by 15 major vendors could allow remote code execution if attackers gain network access.
LATEST FROM THE EDGE

A Child's Garden of Cybersecurity
Whether you dream of your child becoming a CISO or just want them to improve their security hygiene, consider this roundup of literary geekery.
LATEST FROM DR TECHNOLOGY

Software Supply Chain Security Needs a Bigger Picture
SBOMs aren't enough. OpenSSF's Alpha-Omega brings in new blood to help secure the open source projects most impactful to the software supply chain.
WEBINARS
  • Deciphering the Hype Around XDR

    Security teams are increasingly being asked about the organization's Extended Detection and Response capabilities. There is still a lot of confusion and misunderstanding about XDR and what it can accomplish. XDR goes beyond endpoint monitoring and detection, while extending visibility ...

  • A Roadmap to Zero Trust: Steps for Meaningful Progress Amongst the Hype

    Join this webinar as our Zero Trust experts discuss "quick wins" like: --Enforcing strong multifactor authentication and Zero Trust policies for critical applications. --Closing inbound ports open to the Internet. --Areas not always included in the Zero Trust conversation, like ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Vista Equity Partners Completes Acquisition of KnowBe4
Radiant Logic Signs Definitive Agreement to Acquire Brainwave GRC
Gem Security Emerges From Stealth With $11M, Unveils Cloud TDIR Platform for Faster Response to Cloud Threats
Contrast Security Launches Alliance Program to Change the Way Customers Scale Their Security Solutions
Fortra's Terranova Security 2022 Gone Phishing Tournament Results Reveal Large Organizations at Highest Risk of Compromising Data
KnowBe4 to Offer $10,000 to Black Americans in Cybersecurity Scholarship
ManageEngine Study Finds United States Enterprises Hit by Short-Staffed Security Operations Centers
Aura and Nonprofit Cyversity Partner to Support a More Inclusive Cyber Workforce
New Survey Reveals 40% of Companies Experienced a Data Leak in the Past Year
SentinelOne and KPMG Announce Alliance To Accelerate Cyber Investigations and Response
Sentra Raises $30 Million Series A Financing to Meet Growing Demand for Data Security in the Cloud
Fake Texts From the Boss, Bogus Job Postings and Frankenstein Shoppers — Oh My!
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Promise and Reality of Cloud Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us