Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.
Follow Dark Reading:
 March 24, 2023
LATEST SECURITY NEWS & COMMENTARY
Okta Post-Exploitation Method Exposes User Passwords
Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.
New Android Malware Targets Customers of 450 Financial Institutions Worldwide
"Nexus" is the latest in a vast and growing array of Trojans targeting mobile banking and cryptocurrency applications.
Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals
Enterprise storage devices have 14 security weaknesses on average, putting them at risk of compromise by cyberattackers and especially ransomware attacks.
Bundestag Bungle: Political Microtargeting of Facebook Users Draws Ire
With shades of the Cambridge Analytica scandal, German political parties skirted consumer data privacy regulations during the country's last parliamentary election, a privacy watchdog warns.
MITRE Rolls Out Supply Chain Security Prototype
Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services.
Are You Talking to a Carbon, Silicon, or Artificial Identity?
In the triumvirate of identity types, protecting the identity, privacy, and data of carbon-based forms — humans — is key. Safeguards must be in place as AI becomes more interactive.
The Board of Directors Will See You Now
Help the board understand where the business is vulnerable, where controls end, and where exposure begins.
Just 1% of Nonprofit Domains Have Basic DMARC Email Security Protections
DMARC blocks spam and phishing emails sent from spoofed domains, and it's vastly underutilized, a new report says.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Cybersecurity Skills Shortage, Recession Fears Drive 'Upskilling' Training Trend
For companies, training an existing worker is cheaper than hiring, while for employees, training brings job security and more interesting work.

How to Keep Incident Response Plans Current
Review and update plans to minimize recovery time. Practice and a well-thumbed playbook that considers different scenarios will ensure faster recovery of critical data.

Name That Toon: It's E-Live!
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

MORE
EDITORS' CHOICE
Chinese Warships Suspected of Signal-Jamming Passenger Jets
Attackers claiming to be part of the Chinese navy are making calls to commercial Qantas pilots midair, while GPS, comms systems, and altimeter instruments are all experiencing denial of service.
LATEST FROM THE EDGE

How CISOs Can Work With the CFO to Get the Best Security Budget
CISOs can and should push back when they're presented with budget costs that affect the business. Here's how.
LATEST FROM DR TECHNOLOGY

Technology Firms Delivering Much-Sought Encryption-in-Use
If the approaches stand up to scrutiny, companies may soon be able to encrypt most databases in a way that allows using data without the need to decrypt to plaintext.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Vectra Unifies AI-Driven Behavior-Based Detection and Signature-Based Detection
BigID's Data Security Posture Management Solution Integrates With SOAR Platforms
BlackBerry Announces New Patent Sale Transaction With Patent Monetization Company for Up to $900M
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us