A vulnerability with a 9.8 CVSS rating in IBM's widely deployed Aspera Faspex offering is being actively exploited to compromise enterprises.
Follow Dark Reading:
 March 30, 2023
LATEST SECURITY NEWS & COMMENTARY
Patch Now: Cybercriminals Set Sights on Critical IBM File Transfer Bug
A vulnerability with a 9.8 CVSS rating in IBM's widely deployed Aspera Faspex offering is being actively exploited to compromise enterprises.
Bundestag Bungle: Political Microtargeting of Facebook Users Draws Ire
With shades of the Cambridge Analytica scandal, German political parties skirted consumer data privacy regulations during the country's last parliamentary election, a privacy watchdog warns.
Twitter's Source Code Leak on GitHub a Potential Cyber Nightmare
Indicators point to Twitter's source code being publicly available for around three months, offering a developer security object lesson for businesses.
Top Tech Talent Warns of AI's Threat to Human Existence in Open Letter
Elon Musk, Steve Wozniak, and Andrew Yang are among more than 1,000 tech leaders asking for time to establish human safety parameters around AI.
7 Women Leading the Charge in Cybersecurity Research & Analysis
From rising stars to veterans heading up research teams, check out our profiles of women making a big impact in cyber defense as the threat landscape expands.
Millions of Pen Tests Show Companies' Security Postures Are Getting Worse
A lack of website protections, Sender Policy Framework (SPF) records, and DNSSEC configurations leave companies open to phishing and data exfiltration attacks.
Hey, Siri: Hackers Can Control Smart Devices Using Inaudible Sounds
A technique, dubbed the "Near-Ultrasound Inaudible Trojan" (NUIT), allows an attacker to exploit smartphones and smart speakers over the Internet, using sounds undetectable by humans.
Zoom Zoom: 'Dark Power' Ransomware Extorts 10 Targets in Less Than a Month
A new threat actor is racking up victims and showing unusual agility. Part of its success could spring from the use of the Nim programming language.
Clop Keeps Racking Up Ransomware Victims With GoAnywhere Flaw
After several weeks and more than 130 ransomware victims, GoAnywhere parent company Forta issues a statement.
CISA Releases Hunt Tool for Microsoft's Cloud Services
CISA released the hunt and response tool to help defenders extract cloud artifacts without performing additional analytics.
MacStealer Malware Plucks Bushels of Data From Apple Users
A novel cyber threat against macOS users is being sold for $100 a pop on the Dark Web, and activity is ramping up.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest
In two days, ethical researchers from 10 countries have unearthed more than 22 zero-day bugs in a wide range of technologies at the annual hacking contest.

MITRE Rolls Out Supply Chain Security Prototype
Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services.

Chinese Warships Suspected of Signal-Jamming Passenger Jets
Attackers claiming to be part of the Chinese navy are making calls to commercial Qantas pilots midair, while GPS, comms systems, and altimeter instruments are all experiencing denial of service.

MORE
EDITORS' CHOICE
Name That Toon: It's E-Live!
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
LATEST FROM THE EDGE

How CISOs Can Work With the CFO to Get the Best Security Budget
CISOs can and should push back when they're presented with budget costs that affect the business. Here's how.
LATEST FROM DR TECHNOLOGY

Drive to Pervasive Encryption Boosts Key Management
Key vaults, aka key-management-as-a-service (KMaaS), promise to allow companies to encrypt sensitive data across cloud and third parties with granular control.
WEBINARS
  • How to Launch a Threat Hunting Program

    Security teams need to be more proactive about finding threats before they can cause too much damage. How do these enterprises build threat hunting programs? What stakeholders needs to be involved? What skills are necessary for the threat hunting team? ...

  • ChatGPT: Defending Your Business Against AI-Supercharged Ransomware

    This webinar will dig into the ways criminals are projected to take advantage of ChatGPT and other AI tools to improve the reach and effectiveness of their ransomware attacks. The session will conclude with a review of a 12-step plan ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Lightspin Launches Remediation Hub to Identify and Fix Cloud Security Threats
Bitwarden Announces Secrets Management With a Combination of Open Source, End-to-End Encryption, and Ease of Use
CyberSecure Announces Strategic Alliance
Vectra Unifies AI-Driven Behavior-Based Detection and Signature-Based Detection
Kaspersky Survey Finds One in Three Users Have Experienced CryptoTheft
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023   |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us