The global assault on vulnerable VMware hypervisors may have been mitigated by updating to the latest version of the product, but patch management is only part of the story.
Follow Dark Reading:
 February 08, 2023
LATEST SECURITY NEWS & COMMENTARY
Ongoing VMware ESXi Ransomware Attack Highlights Inherent Virtualization Risks
The global assault on vulnerable VMware hypervisors may have been mitigated by updating to the latest version of the product, but patch management is only part of the story.
Fresh, Buggy Clop Ransomware Variant Targets Linux Systems
For the moment, victims can decrypt data without paying a ransom. But Clop is a ransomware variant that has caused havoc on Windows systems, so that's bound to change.
'Money Lover' Finance App Exposes User Data
A broken access control vulnerability could have led to dangerous follow-on attacks for users of the money-management app.
Backdoor in Dingo Cryptocurrency Allows Creator to Steal (Nearly) Everything
A tax variable in the software implementing the Dingo Token allows the creators to charge 99% in fees per transaction, essentially stealing funds, an analysis finds.
DPRK Using Unpatched Zimbra Devices to Spy on Researchers
Lazarus Group used a known Zimbra bug to steal data from medical and energy researchers.
New Banking Trojan Targeting 100M Pix Payment Platform Accounts
New malware demonstrates how threat actors are pivoting toward payment platform attacks, researchers say.
Optimizing Cybersecurity Investments in a Constrained Spending Environment
Three ways to stay safe in an economically uncertain 2023.
With TikTok Bans, the Time for Operational Governance Is Now
Emerging risks and trends need to be monitored, but cybersecurity challenges can be fixed with a focus on the fundamentals.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Global Ransomware Attack on VMware EXSi Hypervisors Continues to Spread
The fresh "ESXiArgs" malware is exploiting a 2-year-old RCE security vulnerability (tracked as CVE-2021-21974), resulting in thousands of unpatched servers falling prey to the campaign.

How Cybercriminals Are Operationalizing Money Laundering and What to Do About It
It's time to share threat intelligence and prioritize digital literacy and cyber hygiene to stem the rising money laundering tide.

Patching & Passwords Lead the Problem Pack for Cyber-Teams
Despite growing awareness, organizations remain plagued with unpatched vulnerabilities and weaknesses in credential policies.

MORE
EDITORS' CHOICE
Crypto Drainers Are Ready to Ransack Investor Wallets
Cryptocurrency drainers are the latest hot ticket being used in a string of lucrative cyberattacks aimed at virtual currency investors.
LATEST FROM THE EDGE

5 Ways to Survive Scam Season — or Rather, Tax Season
Security pros need to look beyond user education to find and disarm fraudulent actors.
LATEST FROM DR TECHNOLOGY

Cloud Apps Still Demand Way More Privileges Than They Use
Hackers can't steal a credential that doesn't exist.
WEBINARS
  • The Importance of Bespoke Security

    In this webinar, you will hear from our subject matter experts, Hanah Darley, Head of Threat Research and Toby Lewis, Global Head of Threat Analysis. The discussion will cover the difference between media coverage of cyber threats compared with the ...

  • Shoring Up the Software Supply Chain Across Enterprise Applications

    Modern-day software development depends heavily on third-party components, libraries, and frameworks. Attackers are increasingly targeting these software building blocks to compromise enterprise applications. In this webinar, experts discuss the ever-expanding software attack surface. Find out where potential attack vectors are ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
DataDome's Inaugural E-Commerce Holiday Bot & Online Fraud Report Reveals the U.S. as the Top Source of Bot Attacks
Industrial Cybersecurity Innovator Opscura Receives $9.4M in Series A Funding as Critical Operations Transform
Coalfire Compliance Essentials Optimized for Automated Evidence Collection
Intel 471 Announces Powerful and Scalable Attack Surface Protection Solution Suite
Valtix Survey: 95% of Organizations Say Multi-cloud Is a 'Strategic Priority' but Only 58% Have the Security Architecture to Support It
Infosec Launches New Office Comedy Themed Security Awareness Training Series
Financial Institutions Are Suffering From Increasingly Sophisticated Cyberattacks, According to Contrast Security
ARMO Integrates ChatGPT to Help Users Secure Kubernetes
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Promise and Reality of Cloud Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us