China-based threat actor used poisoned vSphere Installation Bundles to deliver multiple backdoors on systems, security vendor says.
Follow Dark Reading:
 September 30, 2022
LATEST SECURITY NEWS & COMMENTARY
Dangerous New Attack Technique Compromising VMware ESXi Hypervisors
China-based threat actor used poisoned vSphere Installation Bundles to deliver multiple backdoors on systems, security vendor says.
The Country Where You Live Impacts Password Choices
Literacy, levels of personal freedom, and other macro-social factors help determine how strong average passwords are in a given locale, researchers have found.
Espionage Group Wields Steganographic Backdoor Against Govs, Stock Exchange
APT group Witchetty (aka LookingFrog) has exploited the ProxyShell and ProxyLogon vulnerabilities to gain initial access and deploy new custom cyber tools against government agencies and a stock exchange.
Why the US Should Help Secure Mexican Infrastructure — and What It Gets in Return
Call it cross-border enlightened self-interest: As one of the US's premier trade partners and closest neighbors, what's bad for Mexico is bad for the US.
What Lurks in the Shadows of Cloud Security?
Organizations looking to get ahead in cloud security have gone down the path of deploying CSPM tooling with good results. Still, there’s a clear picture that data security and security operations are next key areas of interest.
Capital One Phish Showcases Growing Bank-Brand Targeting Trend
Capital One lures leveraged the bank's new partnership with Authentify, showing that phishers watch the headlines, and take advantage.
XSS Flaw in Prevalent Media Imaging Tool Exposes Trove of Patient Data
Bugs in Canon Medical's Virea View could allow cyberattackers to access several sources of sensitive patient data.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Most Attackers Need Less Than 10 Hours to Find Weaknesses
Vulnerable configurations, software flaws, and exposed Web services allow hackers to find exploitable weaknesses in companies' perimeters in just hours, not days.

Time to Change Our Flawed Approach to Security Awareness
Defend against phishing attacks with more than user training. Measure users' suspicion levels along with cognitive and behavioral factors, then build a risk index and use the information to better protect those who are most vulnerable.

MORE
EDITORS' CHOICE
Sophisticated Covert Cyberattack Campaign Targets Military Contractors
Malware used in the STEEP#MAVERICK campaign features rarely seen obfuscation, anti-analysis, and evasion capabilities.
LATEST FROM THE EDGE

3 Reasons Why BEC Scams Work in Real Estate
Identity verification could be the key to fighting back and building trust in an industry beset with high-stakes fraud.
LATEST FROM DR TECHNOLOGY

Intel Hardens Confidential Computing With Project Amber Updates
The chip giant has developed new features and services to make it more difficult for malicious hackers and insiders to access sensitive data from applications in the cloud.
WEBINARS
  • Next-Gen Security Operations: Building the SOC of the Future

    What does a security operations center (SOCs) require in 2022? The practice of monitoring and responding to threats looks very different today than it did just a few years ago. Which tools and skills do you need know to outfit a ...

  • Understanding Cyber Attackers & Their Methods

    Every day, your enterprise is at risk of being hacked. But just who are the cyber attackers, and what are their motivations? What methods might they use to crack enterprise data, and how do they stage their attacks? Do you ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Latest Delinea Update Streamlines DevOps Security
Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch
KnowBe4 Simplifies Compliance Requirements for Healthcare Privacy
Ransomware Attacks Continue Increasing: 20% of All Reported Attacks Occurred in the Last 12 Months - New Survey
(ISC)² Recruits More Than 55,000 Cybersecurity Candidates in First 30 Days of New Programs to Address Workforce Gap
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How Machine Learning, AI & Deep Learning Improve Cybersecurity
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us