Researchers had discovered that Microsoft's original mitigation steps for the so-called "ProxyNotShell" flaws was easily bypassed.
| | | LATEST SECURITY NEWS & COMMENTARY | | Microsoft Updates Mitigation for Exchange Server Zero-Days Researchers had discovered that Microsoft's original mitigation steps for the so-called "ProxyNotShell" flaws was easily bypassed. First 72 Hours of Incident Response Critical to Taming Cyberattack Chaos Responding to cyberattacks is extraordinarily stressful, but better planning, frequent practice, and the availability of mental health services can help IR professionals, a survey finds. RatMilad Spyware Scurries onto Enterprise Android Phones A novel mobile malware found lurking behind a phone-spoofing app is being distributed via Telegram and a dedicated website, in a broad operation to monitor corporate victims. Vice Society Publishes LA Public School Student Data, Psych Evals After a flat refusal to pay the ransom, Los Angeles Unified School District's stolen data has been dumped on the Dark Web by a ransomware gang. Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet The "ProxyNotShell" security vulnerabilities can be chained for remote code execution and total takeover of corporate email platforms. CISA: Multiple APT Groups Infiltrate Defense Organization Advanced attackers gained access to Microsoft Exchange services, conducted searches of email, and used an open source toolkit to collect data from the network for nearly a year. Reshaping the Threat Landscape: Deepfake Cyberattacks Are Here It's time to dispel notions of deepfakes as an emergent threat. All the pieces for widespread attacks are in place and readily available to cybercriminals, even unsophisticated ones. Relentless Russian Cyberattacks on Ukraine Raise Important Policy Questions Microsoft cybersecurity executive John Hewie explained cyberwar developments and what they mean for Western democratic policy going forward. Dangerous New Attack Technique Compromising VMware ESXi Hypervisors China-based threat actor used poisoned vSphere Installation Bundles to deliver multiple backdoors on systems, security vendor says. Former NSA Employee Faces Death Penalty for Selling Secrets Suspect allegedly thought he was swapping secrets with a foreign government for crypto — but the contact turned out to be an FBI agent. Capital One Phish Showcases Growing Bank-Brand Targeting Trend Capital One lures leveraged the bank's new partnership with Authentify, showing that phishers watch the headlines, and take advantage. How AWS, Cisco, Netflix & SAP Are Approaching Cybersecurity Awareness Month This year's theme is "See Yourself in Cyber," and these security folks are using the month to reflect on the personal factor in cybersecurity. Ransomware 3.0: The Next Frontier Attackers are already circling back to reselling stolen data instead of — and in addition to — extortion. With the Software Supply Chain, You Can't Secure What You Don't Measure Reports to the National Vulnerability Database jumped in 2022, but we should pay just as much attention to the flaws that are not being reported to NVD, including those affecting the software supply chain. Workforce Data Privacy in the Modern Work Era It takes culture as well as individual and corporate responsibilities to ensure workforce data privacy and compliance. MORE NEWS / MORE COMMENTARY | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
