Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately.
Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately.
Follow Dark Reading:
 March 16, 2023
LATEST SECURITY NEWS & COMMENTARY
Microsoft Zero-Day Bugs Allow Security Feature Bypass
Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately.
ChatGPT Browser Extension Hijacks Facebook Business Accounts
Between March 3 and March 9, at least 2,000 people a day downloaded the malicious "Quick access to ChatGPT" Chrome extension from the Google Play app store.
Access Control Gap in Microsoft Active Directory Widens Enterprise Attack Surface
One researcher thinks trust is broken in AD. Microsoft disagrees that there's a security vulnerability. But enterprise IT environments should be aware of an authentication gap either way.
Cyberattackers Continue Assault Against Fortinet Devices
Patched earlier this month, a code-execution vulnerability is the latest FortiOS weakness to be exploited by attackers, who see the devices as well-placed targets for initial access operations.
US Lawmakers Face Cyberattacks, Potential Physical Harm After DC Health Link Breach
The threat actor who posted the data for sale has claimed credit for multiple other breaches, including one at grocery platform Weee! that exposed data on more than 1.1 million customers.
Analysts Spot a Wave of SVB-Related Cyber Fraud Striking the Business Sector
Over the weekend, cybercriminals laid the groundwork for Silicon Valley Bank-related fraud attacks that they're now starting to cash in on. Businesses are the targets and, sometimes, the enablers.
AI-Created YouTube Videos Spread Around Malware
AI-generated videos pose as tutorials on how to get cracked versions of Photoshop, Premiere Pro, and more.
Hackers Lure Cybersecurity Researchers With Fake LinkedIn Recruiter Profiles
Campaign demonstrates the DPRK-backed cyberattackers are gaining tools to avoid EDR tools.
5 Lessons Learned From Hundreds of Penetration Tests
Developers must balance creativity with security frameworks to keep applications safe. Correlating business logic with security logic will pay in safety dividends.
How Businesses Can Get Ready for AI-Powered Security Threats
Organizations need to take steps now to strengthen their cyber defenses.
How to Jump-Start Your Cybersecurity Career
With more than 700,000 cybersecurity jobs available, now is a good time to consider a career change.
5 Critical Components of Effective ICS/OT Security
These agile controls and processes can help critical infrastructure organizations build an ICS security program tailored to their own risk profile.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Meet Data Privacy Mandates With Cybersecurity Frameworks
Protection laws are always evolving. Here's how you can streamline your compliance efforts .

Make Sure Your Cybersecurity Budget Stays Flexible
CISOs' ability to pivot tight budgets is key to defense plans that can stand up to attackers.

MORE
EDITORS' CHOICE
SVB Meltdown: What It Means for Cybersecurity Startups' Access to Capital
The implosion of Silicon Valley Bank will impact investors, startups, and enterprise customers as they become more cautious over the near term, security experts say.
LATEST FROM THE EDGE

How Patch Tuesday Keeps the Beat After 20 Years
Patch Tuesday turned security updates from chaotic events into a routine. Here's how we got here and where things might be heading.
LATEST FROM DR TECHNOLOGY

Researchers Create an AI Cyber Defender That Reacts to Attackers
Based on deep reinforcement learning, the system can adapt to defenders' tactics and stop 95% of simulated attacks, according to its developers.
WEBINARS
  • Managing Identity in the Cloud

    Shifting identity management and provisioning to the cloud helps streamline these operations. It also brings a new set of challenges, including integrating and managing user identities, privileges, and other attributes used in various on-premise and cloud systems, especially if your ...

  • Ten Emerging Vulnerabilities Every Enterprise Should Know

    Every day, black hat attackers and white hat researchers are discovering new security vulnerabilities in widely-used systems and applications that might be exploited to compromise your data. Are you aware of the newest - and potentially most impactful - vulnerabilities ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • The Promise and Reality of Cloud Security

    Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...

  • 10 Hot Talks From Black Hat USA 2022

    Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ...

  • 2022 State of Network Management (a $499 Value FREE)

    We surveyed networking professionals about their networking budgets, spending priorities, and concerns. Find out how big of a role security is playing and how they plan to address it. Download the report today!
View More Dark Reading Reports >>
PRODUCTS & RELEASES
DirectDefense Reports the Top Threats From 2022 and What's Trending for 2023
SecurityScorecard Appoints Former US Congressman John Katko As Senior Advisor
Optiv More Than Doubles Federal Presence With ClearShark Acquisition
Samsung Next Invests in Mitiga, Brings Total Funding to $45M
Keeper Security Issues Top 5 Cybersecurity Tips for 2023 College Basketball Tournament
ThreatBlockr Announces Partnership With Engaged Security Partners
Forrester Study Reveals Businesses Are Insufficiently Prepared to Manage Enterprise Risks
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Promise and Reality of Cloud Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023   |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us