Here are which Microsoft patches to prioritize among the June Patch Tuesday batch.
Follow Dark Reading:
 June 16, 2022
LATEST SECURITY NEWS & COMMENTARY
Microsoft Patches 'Follina' Zero-Day Flaw in Monthly Security Update
Here are which Microsoft patches to prioritize among the June Patch Tuesday batch.
24+ Billion Credentials Circulating on the Dark Web in 2022 — So Far
Username and password combinations offered for sale on the Dark Web by criminals has increased 65% since 2020.
Design Weakness Discovered in Apple M1 Kernel Protections
The proof-of-concept attack from MIT CSAIL researchers undermines the pointer authentication feature used to defend the Apple chip's OS kernel.
Emotet Banking Trojan Resurfaces, Skating Past Email Security
The malware is using spreadsheets, documents, and other types of Microsoft Office attachments in a new and improved version that is often able to bypass email gateway-security scanners.
'Hertzbleed' Side-Channel Attack Threatens Cryptographic Keys for Servers
A novel timing attack allows remote attackers with low privileges to infer sensitive information by observing power-throttling changes in the CPU.
Google: SBOMs Effective Only if They Map to Known Vulns
SBOMs should be connected with vulnerability databases to fulfill their promise of reducing risk, Google security team says.
Beware the 'Secret Agent' Cloud Middleware
New open source database details the software that cloud service providers typically silently install on enterprises' virtual machines — often unbeknownst to customers.
Symbiote Malware Poses Stealthy, Linux-Based Threat to Financial Industry
A Linux-based banking Trojan is a master at staying under the radar.
How Information Security Teams Can Help Reduce Stress and Burnout
Work across the organization and take practical steps to ease user stress — prioritize user productivity by offering the right tools to avoid shadow IT and cultivate a transparent security culture. Remember the security team, too, and automate as many processes as possible.
Artificial Intelligence and Security: What You Should Know
Next-generation AI products learn proactively and identify changes in the networks, users, and databases using "data drift" to adapt to specific threats as they evolve.
3 Big Takeaways From the Verizon DBIR 2022
The annual report is always filled with useful security information. Here are several of the most important lessons from this year's edition.
Critical Citrix Bugs Impact All ADM Servers, Agents
Citrix ADM vulnerabilities could lead to admin password reset and disruption of ADM license service, company warns.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Understanding and Mitigating Single Sign-on Risk
SSO's one-to-many architecture is both a big advantage and a weakness.

How AI Is Useful — and Not Useful — for Cybersecurity
AI works best when security professionals and AI are complementing each other.

MORE
EDITORS' CHOICE
CISA Recommends Organizations Update to the Latest Version of Google Chrome
Google last week reported seven vulnerabilities in the browser, four of which it rated as high severity.
LATEST FROM THE EDGE

EU Debates AI Act to Protect Human Rights, Define High-Risk Uses
The commission argues that legislative action is needed to ensure a well-functioning market for AI systems that balances benefits and risks.
LATEST FROM DR TECHNOLOGY

Why AIs Will Become Hackers
At a 2022 RSA Conference keynote, technologist Bruce Schneier asserted that artificial intelligence agents will start to hack human systems — and what that will mean for us.
WEBINARS
  • Using Threat Modeling to Improve Enterprise Cyber Defenses

    As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ...

  • Implementing Zero Trust in Your Enterprise

    Attackers have shown time and again that perimeter security is no longer enough to keep them out. The concept of internal users and outsiders doesn't work in network defense when attackers use credential theft and lateral movement to pretend they ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • Practical Network Security Approaches for a Multicloud, Hybrid IT World

    The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network

  • Rethinking Endpoint Security in a Pandemic and Beyond

    IT security teams are expending the concept of "endpoint security" as companies adjust to a distributed workforce. How much responsibility will enterprise IT take for the security of personal devices such as printers. How will they manage identities across multiple ...

  • How Enterprises Plan to Address Endpoint Security Threats in a Post-Pandemic World

    Dark Reading's 2022 Endpoint Security Report examines how IT and cybersecurity professionals are grappling with the impact of pandemic-related changes on endpoint security strategies. The report explores how they are building their endpoint security defenses, and provides insight on what organizations ...
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Incognia Introduces Location-Based Liveness Spoofing Detection Solution
Optiv MXDR Enhances Detection Coverage With Expanded Cloud Integration
Corel Acquires Awingu
CrowdStrike Introduces Humio for Falcon, Redefining Threat Hunting with Unparalleled Scale and Speed
37 Major Companies and Organizations Pledge to Enhance Cyber Resiliency and Counter Evolving Global Threats
Akamai Launches New Malware Protection for Uploaded Files
Cybersecurity Industry Leaders Launch Campaign to Close the Cybersecurity Talent Gap
CISA Challenges Partners and Public to Push for 'More Than a Password' in New Social Media Campaign
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Improving Enterprise Cybersecurity With XDR
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us