Everyone on Twitter wants a blue check mark. But Microsoft Azure's blue badges are even more valuable to a threat actor stealing your data via malicious OAuth apps.
Follow Dark Reading:
 February 01, 2023
LATEST SECURITY NEWS & COMMENTARY
Phishers Trick Microsoft Into Granting Them 'Verified' Cloud Partner Status
Everyone on Twitter wants a blue check mark. But Microsoft Azure's blue badges are even more valuable to a threat actor stealing your data via malicious OAuth apps.
Firmware Flaws Could Spell 'Lights Out' for Servers
Five vulnerabilities in the baseboard management controller (BMC) software used by 15 major vendors could allow remote code execution if attackers gain network access.
Critical VMware RCE Vulnerabilities Targeted by Public Exploit Code
Security vulnerabilities in VMware's vRealize Log Insight platform can be chained together to offer a cybercriminals a gaping hole to access corporate crown jewels.
Poser Hackers Impersonate LockBit in SMB Cyberattacks
Recent cyberattacks against SMBs across Europe have been traced back to copycat groups using leaked LockBit locker malware.
Will Cybersecurity Remain Recession-Proof in 2023?
Demand for skilled professionals will remain high, but cyber budgets will be eaten away.
Are Your Employees Thinking Critically About Their Online Behaviors?
Three mindset shifts will help employees build a habit of vigilance and make better security decisions. Move past security theater to reframe thinking so employees understand data's value, act with intention, and follow data best practices.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Cybercrime Ecosystem Spawns Lucrative Underground Gig Economy
The complex nature of cyberattacks has increased demand for software developers, reverse engineers, and offensive specialists — attracting workers facing financial insecurity.

Convincing, Malicious Google Ads Look to Lift Password Manager Logins
Users searching for Bitwarden and 1Password's Web vaults on Google have recently reported seeing paid ads with links to cleverly spoofed sites for stealing credentials to their password vaults.

Spotlight on 2023 DevSecOps Trends
Solutions that provide more actionable results — remediation that frees up engineers, processes which integrate security into software development from its design, along with automation, IAC, and tool consolidation — are among the DevSecOps strategies that will prevail this year.

MORE
EDITORS' CHOICE
Russia's Sandworm APT Launches Swarm of Wiper Attacks in Ukraine
The incidents are the latest indication of the growing popularity of dangerous disk wipers, created to disrupt and degrade critical infrastructure and other organizations.
LATEST FROM THE EDGE

How Can Disrupting DNS Communications Thwart a Malware Attack?
Malware eventually has to exfiltrate the data it accessed. By watching DNS traffic for suspicious activity, organizations can halt the damage.
LATEST FROM DR TECHNOLOGY

Snyk Gets Nod of Approval With ServiceNow Strategic Investment
One of the most closely watched security startups continues to build bank because its platform appeals to both developers and security pros.
WEBINARS
  • Rethinking Authentication: MFA, Passwordless, Certificates, and More

    Today's data protection requires stronger, better authentication. What does going beyond passwords look like? What are some of the latest strategies around authentication and authorization? What is continuous authentication and what would it look like in your organization? What kind ...

  • A Roadmap to Zero Trust: Steps for Meaningful Progress Amongst the Hype

    Join this webinar as our Zero Trust experts discuss "quick wins" like: --Enforcing strong multifactor authentication and Zero Trust policies for critical applications. --Closing inbound ports open to the Internet. --Areas not always included in the Zero Trust conversation, like ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
NanoLock Addresses Global Industrial & OT Cyber Demand with Expansions into Europe and North America
New Survey Reveals 40% of Companies Experienced a Data Leak in the Past Year
Aura and Nonprofit Cyversity Partner to Support a More Inclusive Cyber Workforce
SentinelOne and KPMG Announce Alliance To Accelerate Cyber Investigations and Response
Sentra Raises $30 Million Series A Financing to Meet Growing Demand for Data Security in the Cloud
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Promise and Reality of Cloud Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us