Dark Reading Daily -- January 17, 2024

Anyone who hasn't mitigated two zero-day security bugs in Ivanti VPNs may already be compromised by a Chinese nation-state actor.

LATEST SECURITY NEWS & COMMENTARY

Ivanti Zero-Day Exploits Skyrocket Worldwide; No Patches Yet

Anyone who hasn't mitigated two zero-day security bugs in Ivanti VPNs may already be compromised by a Chinese nation-state actor.

Patch ASAP: Max-Critical Atlassian Bug Allows Unauthenticated RCE

Rated at a CVSS score of 10, the bug is as bad as it gets, allowing remote cyberattackers unfettered access to corporate environments.

Bosch Smart Thermostat Feels the Heat From Firmware Bug

The vulnerability in a popular hospitality industry gadget allows attackers to take over the device, pivot into the user's network, or brick the device entirely, rendering HVAC unusable.

178K+ SonicWall Firewalls Vulnerable to DoS, RCE Attacks

Two flaws discovered a year apart are ostensibly the same with slightly different exploit paths, exposing corporate networks to risk and potential intrusion.

UAE Cyber Security Council, Khalifa University Launch Abu Dhabi Academy

The university will also join the Emirates' National Cybersecurity Center of Excellence.

Anti-Ransomware Coalition Bound to Fail Without Key Adjustments

International pledge to reject ransomware demands misses the most important way to combat cybercrime: prevention.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
CISA Adds 9.8 'Critical' Microsoft SharePoint Bug to its KEV Catalog It's a tale as old as time: an old, long-since patched vulnerability that remains actively exploited. GitLab Releases Updates to Address Critical Vulnerabilities Two vulnerabilities are critical, and three others are determined to be of high, medium, and low severity. Your Cybersecurity Budget Is a Horse's Rear End Are historical budget constraints limiting your cybersecurity program? Don't let old saws hold you back. It's time to revisit your budget with revolutionary future needs front of mind. Name That Toon: Cast Adrift Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. MORE

PRODUCTS & RELEASES

Savvy Launches Identity-First Security Offering to Combat Toxic Combinations Driving SaaS Risk

Accenture and SandboxAQ Collaborate to Help Organizations Protect Data

Former Secretary of State Mike Pompeo Joins Cyabra Board of Directors

The Future of IT: Info-Tech LIVE 2024 Conference Announced for September

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

SEC X Account Hack Draws Senate Outrage

Senators from both parties called the Securities and Exchange Commission's lack of MFA "inexcusable" and demand investigation into the regulator's cybersecurity lapse.

LATEST FROM THE EDGE

Snyk Acquires Helios for Runtime Visibility

Developer-security company Snyk acquired Helois, a startup specializing in capturing security-relevant data from live applications.

LATEST FROM DR TECHNOLOGY

Effective Incident Response Relies on Internal and External Partnerships

Dark Reading Research finds increased collaboration between security incident responders and groups within the HR, legal, and communications functions.

LATEST FROM DR GLOBAL

Africa, Middle East Lead Peers in Cybersecurity, but Lag Globally

Both regions score above average compared to similar sized economies, but investing in updated technologies and patching processes would help cyber resilience globally.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
The State of Supply Chain Threats
How to Use Threat Intelligence to Mitigate Third-Party Risk
The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ...

View More Dark Reading Reports >>