Dark Reading Daily -- March 16, 2023

Follow Dark Reading:

March 16, 2023

LATEST SECURITY NEWS & COMMENTARY

Cyberattackers Continue Assault Against Fortinet Devices

Patched earlier this month, a code-execution vulnerability is the latest FortiOS weakness to be exploited by attackers, who see the devices as well-placed targets for initial access operations.

Analysts Spot a Wave of SVB-Related Cyber Fraud Striking the Business Sector

Over the weekend, cybercriminals laid the groundwork for Silicon Valley Bank-related fraud attacks that they're now starting to cash in on. Businesses are the targets and, sometimes, the enablers.

GoatRAT Android Banking Trojan Targets Mobile Automated Payment System

The new malware was discovered targeting three banks in Brazil.

SMBs Orgs Want Help, but Cybersecurity Expertise Is Scarce

Smaller firms are boosting cybersecurity budgets, but there's a long way to go to address a deep lack of cyber preparedness among SMBs.

Meet Data Privacy Mandates With Cybersecurity Frameworks

Protection laws are always evolving. Here's how you can streamline your compliance efforts .

Why Security Practitioners Should Understand Their Business

The sooner CISOs become proactive in understanding the flip side of the organizations they protect, the better they'll be at their jobs.

'Vile' Gang Duo Breaches Police Database, Impersonates Officers in Extortion Gambit

Two gang members are being charged for allegedly threatening to release personal information and impersonating law enforcement in an effort to dox victims.

Telerik Bug Exploited to Steal Federal Agency Data, CISA Warns

An unpatched Microsoft Web server allowed multiple cybersecurity threat groups to steal data from a federal civilian executive branch.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Access Control Gap in Microsoft Active Directory Widens Enterprise Attack Surface One researcher thinks trust is broken in AD. Microsoft disagrees that there's a security vulnerability. But enterprise IT environments should be aware of an authentication gap either way. How Businesses Can Get Ready for AI-Powered Security Threats Organizations need to take steps now to strengthen their cyber defenses. MORE

EDITORS' CHOICE

Microsoft Zero-Day Bugs Allow Security Feature Bypass

Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately.

LATEST FROM THE EDGE

How Do Attackers Hijack Old Domains and Subdomains?

Here is a cautionary tale of what happens if side-projects or sections of the website becomes obsolete. If you don't remove them, someone might hijack your subdomain.

LATEST FROM DR TECHNOLOGY

Google Proposes Reducing TLS Cert Life Span to 90 Days

Organizations will likely have until the end of 2024 to gain visibility and control over their keys and certificates.

WEBINARS

ChatGPT: Defending Your Business Against AI-Supercharged Ransomware
This webinar will dig into the ways criminals are projected to take advantage of ChatGPT and other AI tools to improve the reach and effectiveness of their ransomware attacks. The session will conclude with a review of a 12-step plan ...
Building Out the Best Response Playbook for Ransomware Attacks
When ransomware locks up your business's critical data and essential gear, there is no time to panic. The organization needs answers fast: Is the infection going to spread to other endpoints? Will the attackers publicly dump the stolen information? How ...

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

The Promise and Reality of Cloud Security
Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...
10 Hot Talks From Black Hat USA 2022
Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ...
2022 State of Network Management (a $499 Value FREE)
We surveyed networking professionals about their networking budgets, spending priorities, and concerns. Find out how big of a role security is playing and how they plan to address it. Download the report today!

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Hornetsecurity Launches VM Backup V9

DirectDefense Reports the Top Threats From 2022 and What's Trending for 2023

Camozzi Group and Radiflow Announce Collaboration on Industrial Systems Cybersecurity

Optiv More Than Doubles Federal Presence With ClearShark Acquisition

SecurityScorecard Appoints Former US Congressman John Katko As Senior Advisor

MORE PRODUCTS & RELEASES

CURRENT ISSUE

The Promise and Reality of Cloud Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.