Dark Reading Weekly -- December 21, 2023

LATEST SECURITY NEWS & COMMENTARY

Microsoft Outlook Zero-Click Security Flaws Triggered by Sound File

Attackers can chain the vulnerabilities to gain full remote code execution.

Novel SMTP Smuggling Technique Slips Past DMARC, Email Protections

Attackers can spoof millions of email addresses to create targeted phishing attacks using flaws in Microsoft, GTX, and Cisco Secure Email Gateway servers.

Defiant BlackCat Gang Stands Up New Site, Calls for Revenge Attacks

Ransomware group tries to claw back operations following FBI disruption, and lifts a previous ban on attacks against critical infrastructure in retaliation.

Patch Now: Exploit Activity Mounts for Dangerous Apache Struts 2 Bug

CVE-2023-50164 is harder to exploit than the 2017 Struts bug behind the massive breach at Equifax, but don't underestimate the potential for attackers to use it in targeted attacks.

Pro-Israeli Hacktivists Attack Iranian Gas Stations

Iranian officials blame a software issue for the "disruption" to gasoline pumps.

Volt Typhoon-Linked SOHO Botnet Infects Multiple US Gov't Entities

Chinese threat actors are taking advantage of the poor state of edge security to breach both small and big fish.

Attackers Exploit 6-Year-Old Microsoft Office Bug to Spread Spyware

Malicious attachments that exploit an RCE flaw from 2017 are propagating Agent Tesla via socially engineered emails and an evasive infection method.

Comcast Xfinity Breached via CitrixBleed; 35M Customers Affected

A trove of personal data belonging to millions of Americans is just the latest bullet point in a bad year for Citrix customers.

Fresh Qakbot Sightings Confirm Recent Takedown Was a Temporary Setback

Microsoft and several others have reported seeing the noxious malware surfacing again in a campaign targeting the hospitality industry.

Feds Snarl ALPHV/BlackCat Ransomware Operation

Dark Web chatter indicates that Scattered Spider worked with the FBI to take down the BlackCat/ALPHV operation.

Microsoft: Multiple Perforce Server Flaws Allow for Network Takeover

The most critical of the bugs gives attackers privileged access to the local Windows system, paving the way for unauthenticated RCE and installing backdoors.

Millions of Microsoft Accounts Power Lattice of Automated Cyberattacks

Crimeware-as-a-service (CaaS) gang flies past CAPTCHAs, creating fraudulent accounts to sell to the likes of Scattered Spider; Microsoft mounts a counterattack.

Why I Chose Google Bard to Help Write Security Policies

Large language models (LLMs) like Bard and ChatGPT can help produce simpler, more readable security documentation in a fraction of the time it takes to do it manually.

Name That Toon: Just for Kicks

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Adapting to the Post-SolarWinds Era: Supply Chain Security in 2024

Three years after the SolarWinds attack, new revelations show more must be done to help prevent such a drastic security breach from happening again.

Omdia: Standalone Security Products Outsell Cybersecurity Platforms

Cybersecurity platform vendors say enterprises want to buy fewer solutions from fewer vendors. Omdia research, however, tells a different, more nuanced story.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
3 Ways to Use Real-Time Intelligence to Defeat Bots Threat intelligence feedback loops are an increasingly vital tool in the escalating battle against bots. Soft Skills Every CISO Needs to Inspire Better Boardroom Relationships Now more than ever, CISOs have an opportunity to impact business strategy and change the culture of their organization. Safeguarding Our Children's Digital Future: A Call to Action Frequent cyberattacks on America's schools are putting our children at risk. Urgent action is needed to protect students and families. Changing How We Think About Technology To make real change, organizations need to augment logical thinking with critical thinking. MORE

PRODUCTS & RELEASES

Black Hat Europe 2023 Closes on Record-Breaking Event in London

Console & Associates, P.C.: ESO Solutions Notifies 2.7M People of Data Breach That Leaked Their SSNs

SANS Institute Research Shows What Frameworks, Benchmarks, and Techniques Organizations Use on their Path to Security Maturity

Zero Networks Raises $20M in Series B to Prevent Attackers from Spreading in Corporate Networks

ONCD Welcomes Mr. Harry Coker, Jr. as Next National Cyber Director

Salvador Technologies Raises $6M to Empower Cyber Resilience in Operational Technologies and Critical Infrastructures

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Pro-Hamas Cyberattackers Aim 'Pierogi' Malware at Multiple Mideast Targets

Gaza Cybergang has created a new backdoor version stuffed with tools to spy on and attack targets.

LATEST FROM THE EDGE

How States Help Municipalities Build Their Cyber Defenses

State CISOs and cybersecurity task forces are grappling with the best ways to use federal grant money to keep their citizens safe online.

LATEST FROM DR TECHNOLOGY

Smartphones That Help You Bust Out of the Android/iOS Ecosystem

If you are in the market for a smartphone but want to break away from the Apple-Google duopoly, look no further: These alternative smartphones are based on various Linux variants and custom hardware.

LATEST FROM DR GLOBAL

Israel Blames Iran for Hospital Data Breach

Israeli intelligence said a cyber unit of Hezbollah also was involved in the cyberattack.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Everything You Need to Know About DNS Attacks
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks
The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ...

View More Dark Reading Reports >>