Cybercriminals took control of enterprise Exchange Servers to spread large amounts of spam aimed at signing people up for bogus subscriptions.
Follow Dark Reading:
 September 26, 2022
LATEST SECURITY NEWS & COMMENTARY
Cyberattackers Compromise Microsoft Exchange Servers via Malicious OAuth Apps
Cybercriminals took control of enterprise Exchange Servers to spread large amounts of spam aimed at signing people up for bogus subscriptions.
Microsoft Looks to Enable Practical Zero-Trust Security With Windows 11
With the update, Microsoft adds features to allow easier deployment of zero-trust capabilities. Considering the 1.3 billion global Windows users, the support could make a difference.
App Developers Increasingly Targeted via Slack, DevOps Tools
Slack, Docker, Kubernetes, and other applications that allow developers to collaborate have become the latest vector for software supply chain attacks.
Malicious Apps With Millions of Downloads Found in Apple App Store, Google Play
The ongoing ad fraud campaign can be traced back to 2019, but recently expanded into the iOS ecosystem, researchers say.
Neglecting Open Source Developers Puts the Internet at Risk
From creating a software bill of materials for applications your company uses to supporting open source projects and maintainers, businesses need to step up their efforts to help reduce risks.
CISA: Zoho ManageEngine RCE Bug Is Under Active Exploit
The bug allows unauthenticated code execution on the company's firewall products, and CISA says it poses "significant risk" to federal government.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Uber: Lapsus$ Targeted External Contractor With MFA Bombing Attack
The ride-sharing giant says a member of the notorious Lapsus$ hacking group started the attack by compromising an external contractor's credentials, as researchers parse the incident for takeaways.

Twitter's Whistleblower Allegations Are a Cautionary Tale for All Businesses
Businesses need to turn privacy and security into an advantage. Store less data, and live up to customer expectations that their information is protected. Take small steps, be transparent about data management, and chose partners carefully.

Name That Toon: Shiver Me Timbers!
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

MORE
EDITORS' CHOICE
Developer Leaks LockBit 3.0 Ransomware-Builder Code
Code could allow other attackers to develop copycat versions of the malware, but it could help researchers understand the threat better as well.
LATEST FROM THE EDGE

How Europe Is Using Regulations to Harden Medical Devices Against Attack
Manufacturers need to document a medical device's intended use and operational environment, as well as plan for misuse, such as a cyberattack.
LATEST FROM DR TECHNOLOGY

Mitigating Risk and Communicating Value in Multicloud Environments
Protecting against risk is a shared responsibility that only gets more complex as you mix the different approaches of common cloud services.
WEBINARS
  • Strategies for DDoS Resilience and Response

    There are few things more disruptive than a distributed denial-of-service (DDoS) attack. The criminals behind these attacks have one objective: to bring everything to a stop so you can't conduct business as usual. How can you ensure business continuity during ...

  • Using Zero Trust to Protect Remote and Home Workers

    When COVID-19 hit, many organizations attempted to implement Zero Trust environments to protect their data from online threats presented by unsecured home office equipment. But these efforts were often temporary and not particularly effective. In this webinar, experts offer a ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Allurity Acquires Spanish Multinational Aiuken Cybersecurity
StackHawk Launches Deeper API Security Test Coverage to Improve the Security of APIs
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How Machine Learning, AI & Deep Learning Improve Cybersecurity
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022   |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us