Touted for days as potentially catastrophic, the curl flaws only impact a narrow set of deployments.
Follow Dark Reading:
 October 12, 2023
LATEST SECURITY NEWS & COMMENTARY
Curl Bug Hype Fizzles After Patching Reveal
Touted for days as potentially catastrophic, the curl flaws only impact a narrow set of deployments.
Microsoft: Chinese APT Behind Atlassian Confluence Attacks; PoCs Appear
Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims.
Chinese 'Stayin' Alive' Attacks Dance Onto Targets With Dumb Malware
A sophisticated APT known as "ToddyCat," sponsored by Beijing, is cleverly using unsophisticated malware to keep defenders off their trail.
Cloud Security Demand Drives Better Cyber-Firm Valuations — and Deals
Cisco's $28 billion purchase of Splunk was the biggest story, but there were other big security acquisitions and investments during a richer-than-expected quarter.
Magecart Campaign Hijacks 404 Pages to Steal Data
The novel technique helps hide the cybercriminal campaign's efforts to steal credit card information from visitors to major websites, and it represents an evolution for Magecart.
Data Thieves Test-Drive Unique Certificate Abuse Tactic
An SEO poisoning campaign is spreading the RecordBreaker/Raccoon Stealer and LummaC2 infostealers by attempting to confound software certificate checks.
One-Click 'Gnome' Exploit Is a Supply Chain Risk for Linux OSes
An overlooked library contains a vulnerability that could enable full remote takeover simply by clicking a link.
Adobe Acrobat Reader Vuln Now Under Attack
CISA flags use-after-free bug now being exploited in the wild.
Addressing a Breach Starts With Getting Everyone on the Same Page
The best incident-response plans cover contingencies and are fine-tuned in stress tests to ensure collaboration, remediation, and recovery efforts align.
Reassessing the Impacts of Risk Management With NIST Framework 2.0
The latest NIST Cybersecurity Framework draft highlights four major themes that organizations should pay attention to for managing risk.
(Sponsored Article) The Need for Speed: When Cloud Attacks Take Only 10 Minutes
Security sensors are common in the home for both prevention and response in the event something goes wrong. But in the cloud, have you taken the same approach?
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Microsoft Patch Tuesday Haunted by Zero-Days, Wormable Bug
October's CVE update is here. Here's which security vulnerabilities to patch now to exorcise your Microsoft systems demons.

Old-School Attacks Are Still a Danger, Despite Newer Techniques
The cold, hard truth? Cybercriminals are still perpetuating plenty of unsophisticated attacks for a simple reason: They work.

How Keyloggers Have Evolved From the Cold War to Today
Keyloggers have been used for espionage since the days of the typewriter, but today's threats are easier to get and use than ever.

MORE
EDITORS' CHOICE
Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event
Ongoing Rapid Reset DDoS flood attacks exposed organizations need to patch CVE-2023-44487 immediately to head off crippling outages and business disruption.
LATEST FROM THE EDGE

New California Delete Act Tightens Rules for Data Brokers
Companies with customers in California need to prepare for a new process for demanding deletion of personal data.
LATEST FROM DR TECHNOLOGY

Protect AI Releases 3 AI/ML Security Tools as Open Source
The company released NB Defense, ModelScan, and Rebuff, which detect vulnerabilities in machine learning systems, on GitHub.
LATEST FROM DR GLOBAL

Gaza Conflict: How Israeli Cybersecurity Will Respond
The Israeli-Hamas war will most assuredly impact businesses when it comes to ramped-up cyberattacks. Experts say that Israel's considerable collection of cybersecurity vendors be a major asset on the cyber-front.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
WatchGuard Threat Lab Report Finds Endpoint Malware Volumes Decreasing Despite Campaigns Growing More Expansive
RIT Is the First University to Receive Support From the Google Cybersecurity Clinics Fund
SecTor 2023: Full Schedule Programming for Toronto Event
37% Intimidated, 39% Frustrated With Online Security Highlighting Digital Anxiety
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us