The exploit requires a specific nonstandard configuration to work, limiting the danger it poses, but future research could turn up more broadly usable attacks.
Follow Dark Reading:
 April 01, 2022
LATEST SECURITY NEWS & COMMENTARY
Spring Fixes Zero-Day Vulnerability in Framework and Spring Boot
The exploit requires a specific nonstandard configuration to work, limiting the danger it poses, but future research could turn up more broadly usable attacks.
Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks
CISA urges organizations using affected technologies to implement recommended mitigation measures.
Nation-State Hackers Ramp Up Ukraine War-Themed Attacks
Among them is the operator of the Ghostwriter misinformation campaign, with a new browser-in-browser phishing technique, according to Google's research team.
Protecting Your Organization Against a New Class of Cyber Threats: HEAT
Take a preventative threat approach and apply security measures near end users, applications, and data to increase protection.
Global BEC Crackdown Nets 65 Suspects
FBI and international law enforcement agencies execute "Operation Eagle Sweep."
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Log4j Attacks Continue Unabated Against VMware Horizon Servers
Threat actors are exploiting the vulnerability to drop Web shells and cryptominers, security vendor says.

Security's Life Cycle Isn't the Developers' Life Cycle
Whether it's PCI-DSS, SSDLC, or GDPR, the criteria that security standards expect businesses to uphold are neither realistic or feasible.

How Security Complexity Is Being Weaponized
As environments grow noisier, it becomes easier for attackers to intentionally create distractions.

MORE
EDITORS' CHOICE

Zero-Day Vulnerability Discovered in Java Spring Framework
A proof-of-concept exploit allows remote compromises of Spring Web applications.
LATEST FROM THE EDGE

Companies Going to Greater Lengths to Hire Cybersecurity Staff
The cybersecurity market is red-hot. But with so many still-unfilled positions, companies may be more willing to bend or break some hiring rules.
LATEST FROM DR TECHNOLOGY

Understanding Private 5G LANs in the Enterprise
As the technology matures and costs begin to drop, 5G LAN looks more like a realistic replacement for corporate Wi-Fi networks.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Protecting Industrial Control Systems from Modern Threats

    A 2021 attack on an industrial control system (ICS) at a water treatment plant in a small town in Florida raised eyebrows and surfaced new fears about the risks these kind of systems face. Unfortunately, many ICS systems are working on ...

  • Rethinking Asset Management to Improve Enterprise Security

    One common reason behind many enterprise security breaches is that attackers found a system, application, or device that security teams didn't know they had. Attackers can tamper with these unknown systems to make them look legitimate, and security defenders may ...
MORE WEBINARS
FEATURED REPORTS
  • How Enterprises Are Assessing Cybersecurity Risk in Today's Environment

    Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.

  • How Data Breaches Affect the Enterprise

    Many organizations report that major impacts have declined significantly compared with a year ago, suggesting that many have gotten better at containing breach fallout. Download this report to delve more into this timely topic.
MORE REPORTS
CURRENT ISSUE

Rethinking Endpoint Security in a Pandemic and Beyond
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
U.S. Cyber Command Adds APUS as Member in Newly Formed Academic Network
CriticalStart Releases Enhanced Capabilities for Microsoft 365 Defender
Cloud Security Architecture Needs to Be Strategic, Realistic, and Based on Risk
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |   Informa Tech  |   Privacy Statement  |   Terms & Conditions  |  Contact Us