The "TeamsPhisher" cyberattack tool gives pen testers — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant.
Follow Dark Reading:
 July 06, 2023
LATEST SECURITY NEWS & COMMENTARY
Microsoft Teams Exploit Tool Auto-Delivers Malware
The "TeamsPhisher" cyberattack tool gives pen testers — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant.
Researchers Develop Exploit Code for Critical Fortinet VPN Bug
Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue.
Cl0p's MOVEit Campaign Represents a New Era in Cyberattacks
The ransomware group shows an evolution of its tactics with MOVEit zero-day — potentially ushering in a new normal when it comes to extortion supply chain cyberattacks, experts say.
Chip Giant TSMC Blames $70M LockBit Breach on IT Hardware Supplier
The group has given one of Apple's biggest semiconductor suppliers until Aug. 6 to pay $70 million or risk having its data and "points of entry" to its network publicly leaked.
Researchers Detail 4 SAP Bugs, Including Flaw in ABAP Kernel
Patches are available for three bugs, but with technical details and PoCs now available, threat actors can craft targeted attacks.
Ransomware Halts Operations at Japan's Port of Nagoya
LockBit 3.0 claims responsibility for the cyberattack that shuttered the largest port in Japan, according to authorities.
Russian Satellite Internet Downed via Attackers Claiming Ties to Wagner Group
Attribution for the cyberattack on Dozor-Teleport remains murky, but the effects are real — downed communications and compromised data.
Microsoft Can Fix Ransomware Tomorrow
You can't encrypt a file you can't open — Microsoft could dramatically impact ransomware by slowing it down.
A CISO's Guide to Paying Down Software Supply Chain Security Debt
When you just keep filing it away to handle "someday," security debt typically rears its head when you are most vulnerable and can least afford to pay it.
When It Comes to Secure Coding, ChatGPT Is Quintessentially Human
We're still unprepared to fight the security bugs we already encounter, let alone new AI-borne issues.
A Golden Age of AI … or Security Threats?
Now is the time to build safeguards into nascent AI technology.
Name That Edge Toon: Three-Ring Circus
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Cybersecurity Is the Healthcare Your Organization Needs
Organizations should consider their security practices the same way people think about their well-being. Focus on staying healthy instead of finding a new pill for every security symptom you see.

3 Strategies for Bringing Rigor to Software Security
With the National Cybersecurity Strategy planning to add real teeth into enforcement actions, software vendors have extra incentive to reduce applications' security debt.

CISA BOD 23-01: What Agencies Need to Know About Compliance
The new network visibility mandate provides a good foundation for identifying risks and building better security programs at federal agencies.

MORE
EDITORS' CHOICE
SSH Servers Hit in 'Proxyjacking' Cyberattacks
Cybercriminals employ obfuscated script to stealthily hijack victim server bandwidth for use in legitimate proxy networks.
LATEST FROM DR TECHNOLOGY

Social Engineering Adds Depth to Red Team Exercises
Because social engineering usually succeeds, companies need to test whether their defenses can block adversaries that gain employees' trust.
LATEST FROM THE EDGE

Make Diversity the 'How,' Not the 'What,' of Cybersecurity Success
Cybersecurity leaders should strive to reward high-performing teams that are powered by high levels of inclusion.
LATEST FROM DR GLOBAL

Israel Aided UAE in Defending Against DDoS Attack
Israel's cyber head points finger at Iran-backed MuddyWater APT group as the perpetrator of a recent attack against a university.
WEBINARS
  • Finding the Right Role for Identity and Access Management in Your Enterprise

    End user credentials are essential to enabling your employees to gain access to the data and applications they need. Those credentials are also one of the most prized targets that attackers hope to gain. To enable user access and prevent ...

  • Making Sense of Security Operations Data

    Most security operations centers aren't suffering from not having enough data- they have too much. In this webinar, experts recommend tools and best practices for correlating information from multiple security systems so that your SOC team is focusing on the ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
83% of Brits Demand Messaging Apps Remain Private, Ahead of Threat From Online Safety Bill
Nokod Raises $8M Seed Round From Seasoned Cybersecurity Investors to Enhance Low-Code/No-Code App Security
Center for Internet Security, CREST Join Forces to Secure Organizations Globally
IP Fabric Announces $25M Series B Funding to Accelerate Adoption of Network Assurance
Perception Point Unveils AI Model to Thwart Generative AI-Based BEC Attacks
TXOne Networks' Stellar Solution Safeguards Operational Stability for Organizations in Various Industries
Employer Demand for Technology Workers Across Europe Remains on Firm Footing
WatchGuard Threat Lab Report Reveals New Browser-Based Social Engineering Trends
Cybellum Unveils New Brand, Amplifying Commitment to Team-Centric Product Security
IEC Standardization Leaders Convene in Amsterdam to Review Utility Interworking of Key Standards
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How to Use Threat Intelligence to Mitigate Third-Party Risk
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us