Microsoft, three others release patches to fix a vulnerability in their respective products that enables such manipulation. Other EDR products potentially are affected as well.
| | | LATEST SECURITY NEWS & COMMENTARY | | For Cyberattackers, Popular EDR Tools Can Turn into Destructive Data Wipers Microsoft, three others release patches to fix a vulnerability in their respective products that enables such manipulation. Other EDR products potentially are affected as well. Hacker Fails for the Win Security researchers share their biggest initial screwups in some of their key vulnerability discoveries. Infostealer Malware Market Booms, as MFA Fatigue Sets In The successful combo of stolen credentials and social engineering to breach networks is increasing demand for infostealers on the Dark Web. Machine Learning Models: A Dangerous New Attack Vector Threat actors can weaponize code within AI technology to gain initial network access, move laterally, deploy malware, steal data, or even poison an organization's supply chain. Shift to Memory-Safe Languages Gains Momentum Software firms and the National Security Agency urge developers to move to memory-safe programming languages to eliminate a major source of high-severity flaws. Zerobot Weaponizes Numerous Flaws in Slew of IoT Devices The botnet exploits flaws in various routers, firewalls, network-attached storage, webcams, and other products and allows attackers to take over affected systems. Artifact Poisoning in GitHub Actions Imports Malware via Software Pipelines A vulnerability discovered in GitHub Actions could allow an attacker to poison a developer's pipeline, highlighting the risk that insecure software pipelines pose. Where Advanced Cyberattackers Are Heading Next: Disruptive Hits, New Tech Following a year of increasingly disruptive attacks, advanced persistent threat groups will likely only become emboldened in 2023, security experts say. Android Serves Up a Slew of Security Updates, 4 Critical Out of more than 80 flaws fixed this month, the most critical was a system component bug that could allow RCE over Bluetooth. Hive Social Buzzing With Security Flaws, Analysts Warn Twitter alternative Hive Social took down its servers after researchers discovered several critical vulnerabilities. The Privacy War Is Coming Privacy standards are only going to increase. It's time for organizations to get ahead of the coming reckoning. Data Security Concerns Are Driving Changes in US Consumer Behavior and Demands As consumers catch on to the dangers, protection could become a major topic for legislative bodies. Will New CISA Guidelines Help Bolster Cyber Defenses? Learn how BOD 23-01 asset inventory mandates can help all organizations tighten cybersecurity. A Risky Business: Choosing the Right Methodology Rather than regarding risk assessment as a negative exercise, consider it one that benefits your organization's aims, and then translate the risk level to its impact on operations, reputation, or finances. Applying the OODA Loop to Cybersecurity and Secure Access Service Edge Organizations can best defend themselves on the cyber battlefield by adopting a military-style defense. MORE NEWS / MORE COMMENTARY | | |
| | | | | WEBINARS | | Cloud Security Essentials The pandemic accelerated cloud technology adoption to better support and streamline remote workers, but going to the cloud is not just a set-it-and-forget-it strategy for security. The potential attack surface actually expands with the cloud, and without the proper controls ... Seeing Your Attack Surface Through the Eyes of an Adversary The best way to manage exposure, reduce risk, and improve your security posture is to understand your attack surface through the eyes of an attacker. Cortex Xpanse provides automated Attack Surface Management with an agentless implementation. Xpanse scans the entirety ... | | View More Dark Reading Webinars >> |
|
| | | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
