China-linked APT actors could have single-hop access to the gamut of Microsoft cloud services and apps, including SharePoint, Teams, and OneDrive, among many others.
Follow Dark Reading:
 July 24, 2023
LATEST SECURITY NEWS & COMMENTARY
Microsoft 365 Breach Risk Widens to Millions of Azure AD Apps
China-linked APT actors could have single-hop access to the gamut of Microsoft cloud services and apps, including SharePoint, Teams, and OneDrive, among many others.
BGP Software Vulnerabilities Under the Microscope in Black Hat Session
In a nod to its centrality in IP networking, a Forescout researcher will parse overlooked vulnerabilities in the Border Gateway Protocol at Black Hat USA.
Banks in Attackers' Crosshairs, via Open Source Software Supply Chain
In separate targeted incidents, threat actors tried to upload malware into the Node Package Manager registry to gain access and steal credentials.
CVSS 4.0 Is Here, but Prioritizing Patches Still a Hard Problem
CVSS Version 4 arguably performs better, but companies also need to tailor any measure of threat to their own environment to quickly evaluate new software bugs for patching order.
The Dark Side of AI
Sophisticated fraudsters are exploiting ChatGPT and CAPTCHAs to evade enterprise security defenses.
Saudi Arabia's Tuwaiq Academy Opens Cybersecurity Bootcamp
Registration has opened for the cybersecurity specialty track at Tuwaiq Academy, where students will learn a variety of related skills.
White House, Big Tech Ink Commitments to Secure AI
With Big Tech companies pledging voluntary safeguards, industry-watchers assume that smaller AI purveyors will follow in their wake to make AI safer for all.
(Sponsored Article) What C-Suite Leaders Need to Know About XDR
Considering adopting extended detection and response (XDR) in your cybersecurity defense program? Here's what you need to know about the technology platform.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Google Categorizes 6 Real-World AI Attacks to Prepare for Now
The models powering generative AI like ChatGPT are open to several common attack vectors that organizations need to understand and get ready for, according to Google's dedicated AI Red Team.

Enterprise Choices in Measuring Risk
Organizations have options when it comes to choosing the right tool to quantify risk

Should You Be Using a Cybersecurity Careers Framework?
Frameworks can help improve hiring practices and retention, and help guide education — which makes them an important asset worth exploiting.

MORE
EDITORS' CHOICE
Attackers Exploit Citrix Zero-Day Bug to Pwn NetScaler ADC, Gateway
Citrix is urging organizations to immediately patch the unauthenticated RCE vulnerability.
LATEST FROM DR TECHNOLOGY

Microsoft Takes Security Copilot AI Assistant to the Next Level
The company's AI for security operations centers continues to add integrations, as the industry looks to large language models for progress.
LATEST FROM THE EDGE

Meet the Finalists for the 2023 Pwnie Awards
Hosts Sophia d'Antoine and Ian Roos presented the list at Summercon in Brooklyn, where they also handed out a surprise Lifetime Achievement Award.
LATEST FROM DR GLOBAL

Rootkit Attack Detections Increase at UAE Businesses
Detections of rootkit attacks against businesses in the United Arab Emirates are up 167% in 2023, with an increased view of their use in the Middle East overall.
WEBINARS
  • Where and When Automation Makes Sense For Enterprise Cybersecurity

    A shortage of skilled IT security professionals has made it tempting to try to automate everything. But security teams have to be able to determine which tasks are safe to automate. How does emerging automation technology work, and how can ...

  • Finding a Backup Strategy That Works For You

    You've been hit with a ransomware, DDoS, natural disaster, or destructive cyberattack. One of the first questions: can we get our data back? Good back-ups are key to business continuity and disaster recovery, but backing up your data in preparation ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
TrustArc Announces TRUSTe EU-US Data Privacy Framework Verification
Deloitte Global Expands MXDR Cybersecurity SaaS Solution With Operational Technology and Identity Modules
Plurilock Announces Generative AI 'Guardrails' Product, PromptGuard
Cloud Range Appoints Cybersecurity Leader Galina Antova to Board of Directors
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How to Use Threat Intelligence to Mitigate Third-Party Risk
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us