PoC exploit code for flaw is publicly available, heightening breach risks for users of the managed file-transfer technology.
Follow Dark Reading:
 January 25, 2024
LATEST SECURITY NEWS & COMMENTARY
Fortra Discloses Critical Auth Bypass Vuln in GoAnywhere MFT
PoC exploit code for flaw is publicly available, heightening breach risks for users of the managed file-transfer technology.
Atlassian Tightens API After Hacker Scrapes 15M Trello Profiles
The company hasn't acknowledged responsibility for the incident, although allowing scraping paves the way for dangerous follow-on attacks.
Jason's Deli Accounts Compromised by Credential Stuffing
Deli Dollars loyalty accounts hit with stolen credentials from the Dark Web, potentially exposing the personal data of more than 340,000 customers.
Kasseika Ransomware Linked to BlackMatter in BYOVD Attack
An emerging actor is the latest to deploy a tactic that terminates AV processes and services before deploying its payload; the campaign is part of a bigger "bring your own vulnerable driver" trend.
CISA's Water Sector Guide Puts Incident Response Front & Center
As cyberattackers increasingly target water suppliers and wastewater utilities, the US federal government wants to help limit the impact of destructive attacks.
ChatGPT Cybercrime Discussions Spike to Nearly 3K Posts on Dark Web
And there were an additional 3,000 comments posted to the Dark Web about the sale of stolen ChatGPT accounts.
Filling the Cybersecurity Talent Gap
Veterans are ideal candidates to close the skills gap and create the industry needed to meet security threats head-on.
(Sponsored Article) Identity Protection 101: Building a Modern ITDR Practice
Identities are your new corporate security boundary. Put the right identity threat detection and response (ITDR) in place before it's too late.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Millions at Risk As 'Parrot' Web Server Compromises Take Flight
The cyberattackers behind the traffic redirection system (TDS) inject websites with malicious scripts, have control over thousands of servers worldwide, and have ramped up efforts to avoid detection.

Learning From Ukraine's Pioneering Approaches to Cybersecurity
Ukraine's tactical and strategic cybersecurity approach in the intense warfare environment offers a blueprint for organizations aiming to fortify their cyber defenses.

Days After Google, Apple Reveals Exploited Zero-Day in Browser Engine
The new bug is Apple's 12th WebKit zero-day in the last year, highlighting the increasing enterprise exposure to browser-borne threats.

MORE
PRODUCTS & RELEASES
EDITORS' CHOICE
Days After Google, Apple Reveals Exploited Zero-Day in Browser Engine
The new bug is Apple's 12th WebKit zero-day in the last year, highlighting the increasing enterprise exposure to browser-borne threats.
LATEST FROM THE EDGE

Hook Younger Users With Cybersecurity Education Designed for Them
Security should not be treated as one-size-fits all, and that is doubly true when it comes to security awareness education. Training should be customized by age, learning styles, and preferred media if it is to be effective.
LATEST FROM DR TECHNOLOGY

Researchers Map AI Threat Landscape, Risks
With the rush to adopt large language models, companies have not thought through all of the security implications to their businesses. Two groups of researchers tackle the questions.
LATEST FROM DR GLOBAL

AI Learning Initiative Launches for UAE Women
The effort will train 100 women in technology and cybersecurity around artificial intelligence concepts.
WEBINARS
WHITE PAPERS
FEATURED REPORTS
  • The State of Supply Chain Threats
  • What Ransomware Groups Look for in Enterprise Victims

    Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ...

  • How to Use Threat Intelligence to Mitigate Third-Party Risk

    The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ...

View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.