In the latest incarnation of the TLStorm vulnerability, switches from Avaya and Aruba — and perhaps others — are susceptible to compromise from an internal attacker.
Follow Dark Reading:
 May 04, 2022
LATEST SECURITY NEWS & COMMENTARY
TLS Flaws Leave Avaya, Aruba Switches Open to Complete Takeover
In the latest incarnation of the TLStorm vulnerability, switches from Avaya and Aruba — and perhaps others — are susceptible to compromise from an internal attacker.
REvil Revival: Are Ransomware Gangs Ever Really Gone?
The infamous ransomware group appears to be back from the dead — maybe — and using the old brand, but experts question whether a reconstituted gang will have much success.
Unpatched DNS-Poisoning Bug Affects Millions of Devices, Stumps Researchers
The security vulnerability puts wide swaths of industrial networks and IoT devices at risk of compromise, researchers warn.
SolarWinds Attackers Gear Up for Typosquatting Attacks
The same infrastructure traced back to Russian-speaking threat group Nobelium is being used to set up misspelled domain names, presaging impersonation attacks bent on credential harvesting, analysts say.
Third-Party App Access Is the New Executable File
By providing these apps and other add-ons for SaaS platforms and associated permissions, businesses present bad actors with more opportunities to gain access to company data.
Developing Software? Get Accountability Right First
Software accountability offers a fresh perspective for creating and managing digital products, mainly by making processes more reliable and transparent for every stakeholder.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Google Offers $1.5M Bug Bounty for Android 13 Beta
The security vulnerability payout set bug hunters rejoicing, but claiming the reward is much, much easier said than done.

Microsoft Patches Pair of Dangerous Vulnerabilities in Azure PostgreSQL
Flaws gave attackers a way to access other cloud accounts and databases, security vendor says.

Security Stuff Happens: What Do You Do When It Hits the Fan?
Breaches can happen to anyone, but a well-oiled machine can internally manage and externally remediate in a way that won't lead to extensive damage to a company's bottom line. (Part 1 of a series.)

MORE
EDITORS' CHOICE

How to Create a Cybersecurity Mentorship Program
As the talent shortage rages on, companies have found mentorship programs to be one of the best ways to obtain the security skills they need to develop their existing teams.
LATEST FROM THE EDGE

What Should I Know About Defending IoT Attack Surfaces?
The Internet of Things needs to be part of the overall corporate information security policy to prevent adversaries from using these devices as an entry point.
LATEST FROM DR TECHNOLOGY

Aryaka, Carnegie Mellon’s CyLab to Research New Threat Mitigation Techniques
The security research partnership will focus on developing new techniques and releasing them as open source.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Implementing Zero Trust in Your Enterprise

    Attackers have shown time and again that perimeter security is no longer enough to keep them out. The concept of internal users and outsiders doesn't work in network defense when attackers use credential theft and lateral movement to pretend they ...

  • Building and Maintaining an Effective IoT Cybersecurity Strategy

    The Internet of Things (IoT) is much bigger than appliances in business contexts, as tools and non-computer devices are increasingly connected to the Internet. And attackers are taking advantage of these Internet-enabled technologies to target corporate data and systems. How ...
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE

Practical Network Security Approaches for a Multicloud, Hybrid IT World
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Syxsense Launches Unified Endpoint Security and Management Platform
Radware Launches SkyHawk Security, a Spinoff of Its Cloud Native Protector Business
Teleport Raises $110 Million Series C at $1.1 Billion Valuation Led by Bessemer Venture Partners
OccamSec Unveils New Cybersecurity Platform
MORE PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us