The company's final patch release for 2023 contained fixes for a total of just 36 vulnerabilities — none of which, for a change, were zero-days.
Follow Dark Reading:
 December 13, 2023
LATEST SECURITY NEWS & COMMENTARY
Microsoft Gives Admins a Reprieve With Lighter-Than-Usual Patch Update
The company's final patch release for 2023 contained fixes for a total of just 36 vulnerabilities — none of which, for a change, were zero-days.
Ransomware Gangs Use PR Charm Offensive to Pressure Victims
Threat actors are fully embracing the spin machine: rebranding, speaking with the media, writing detailed FAQs, and more, all in an effort to make headlines.
Dozens of Bugs Patched in Apple TVs and Watches, Macs, iPads, iPhones
A laundry list of tweaks to Safari, Bluetooth, Accessibility, and much more.
Kyivstar Mobile Attack Plunges Millions in Ukraine Into Comms Blackout
The destructive attack, likely carried out by Russian actors, is the biggest hit on the country's basic infrastructure since the beginning of the war.
Debate Roils Over Extent of Nation-State Cyber Involvement in Gaza
Are hacktivists under the control of nation-states, or are they just independent contractors acting on their behalf?
Google Cloud's 'Dataproc' Abuse Risk Endangers Corporate Data Stores
There's a new way for hackers to abuse the cloud, this time with data analysts and scientists in the crosshairs.
Critical WordPress Plug-in RCE Bug Exposes Reams of Websites to Takeover
Attackers can inject and execute arbitrary PHP code using a flaw in Backup Migration, which has been downloaded more than 90K times.
Data's Perilous Journey & Lessons Not Learned From the Target Breach
A decade after Target suffered a major security breach, are we still disregarding the gaping holes in our cyber fortifications?
Biden's AI Exec Order Is a Start, but We Must Safeguard Innovation
It's important for Congress to strengthen protections for AI and set guardrails to make sure it isn't used maliciously.
(Sponsored Article) The Imperative of Context in an Era of Expanding API Risks
Only 38% of organizations understand API context, a huge security gap underscoring the need for deeper, context-aware security strategies.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Microsoft: Mystery Group Targeting Telcos Linked to Chinese APTs
Analysis shows evidence the previously unknown Sandman group shares backdoor malware with various Chinese APT groups.

Responsibly Implementing AI, the Unstoppable Force
Balancing the good and bad of AI/ML means being able to control what data you're feeding into AI systems and solving the privacy issues to securely enable generative AI.

Lazarus Group Is Still Juicing Log4Shell, Using RATs Written in 'D'
The infamous vulnerability may be on the older side at this point, but North Korea's primo APT Lazarus is creating new, unique malware around it at a remarkable clip.

MORE
PRODUCTS & RELEASES
Survey: 90% of IT Pros Felt Prepared for a Password-Based Cyberattack, Yet More Than Half Fell Victim to One
Fortress Information Security & CodeSecure Team Up to Analyze SBOMs & Remediate Critical Vulnerabilities
CISOs See Software Supply Chain Security as Bigger Blind Spot Than GenAI: Cycode
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Ex-Uber CISO Advocates 'Personal Incident Response Plan' for Security Execs
Why Joe Sullivan feels paying off attackers was a way of solving the problem.
LATEST FROM THE EDGE

10 Holiday Gifts for Stressed-Out Security Pros
These office giving-friendly fidgets, stress balls, brain teasers, and more are perfect to calm the most harried cybersecurity professionals.
LATEST FROM DR TECHNOLOGY

The European Space Agency Explores Cybersecurity for Space Industry
An ESA cybersecurity expert explains how space-based data and services benefit from public investment in space programs.
LATEST FROM DR GLOBAL

Libyan Government Trains Personnel in Electoral Cyber Threats
The UN is helping Ministry of Interior staff implement cybersecurity best practices, as talks continue about scheduling a parliamentary election in the coming months.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us