According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea.
Follow Dark Reading:
 May 25, 2023
LATEST SECURITY NEWS & COMMENTARY
'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs
According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea.
Google's .zip, .mov Domains Give Social Engineers a Shiny New Tool
Security professionals warn that Google's new top-level domains, .zip and .mov, pose social engineering risks while providing little reason for their existence.
OAuth Flaw in Expo Platform Affects Hundreds of Third-Party Sites, Apps
A cybersecurity vulnerability found in an implementation of the social login functionality opens the door to account takeovers and more.
SuperMailer Abuse Bypasses Email Security for Super-Sized Credential Theft
Secure email gateways and end users alike are being fooled by a cyberattack campaign that's enjoying skyrocketing volumes against businesses in every industry, globally.
Threat Actors Compromise Barracuda Email Security Appliances
The company's ESG appliances were breached, but their other services remain unaffected by the compromise.
5 Questions to Ask When Evaluating a New Cybersecurity Technology
Any new cybersecurity technology should be not just a neutral addition to a security stack but a benefit to the other technologies or people managing them.
How Universities Can Bridge Cybersecurity's Gender Gap
It's time to invest in initiatives that engage young women in cybersecurity early and often.
(Sponsored Article) How to Protect Your Organization From Vulnerabilities
Cobalt's fifth edition of "The State of Penetration Testing Report" taps into data from 3,100 pen tests and more than 1,000 responses from security practitioners.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Microsoft: BEC Attackers Evade 'Impossible Travel' Flags With Residential IP Addresses
Threat actors are circumventing geo-location-based security detections, using a combination of cybercrime-as-a-service platforms and the purchasing of local IP addresses.

Enterprises Must Prepare Now for Shorter TLS Certificate Lifespans
Shorter certificate lifespans are beneficial, but they require a rethink of how to properly manage them.

PyPI Shuts Down Over the Weekend, Says Incident Was Overblown
The climate of concern around open source security and supply chain attacks may have caused a small story to become a big one.

MORE
EDITORS' CHOICE
Bridgestone CISO: Lessons From Ransomware Attack Include Acting, Not Thinking
A February 2022 attack knocked the giant tire maker's North American operations offline for several days.
LATEST FROM DR GLOBAL

Israeli Shipping, Logistics Companies Targeted in Watering Hole Attacks
Researchers say the Iranian nation-state actor known as Tortoiseshell could be behind the attacks.
LATEST FROM THE EDGE

Improving Cybersecurity Requires Building Better Public-Private Cooperation
Security vendors, businesses, and US government agencies need to work together to fight ransomware and protect critical infrastructure.
LATEST FROM DR TECHNOLOGY

Enterprises Rely on Multicloud Security to Protect Cloud Workloads
As enterprises adopt multicloud, the security picture has become foggy. Cloud workload protection platforms and distributed firewalls are creating clarity.
WEBINARS
  • Here's What Zero Trust Really Means

    Credential theft, lateral movement and other cyberattack tricks have foiled perimeter security again and again. We know that the old philosophy of trusting everything and everyone inside a network is no longer sound. The zero-trust model - trust nothing, verify ...

  • Why Threat Modeling Is Critical for Enterprise Cyber Defense

    As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • Successfully Managing Identity in Modern Cloud and Hybrid Environments

    Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ...

  • The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

    The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ...

  • The Promise and Reality of Cloud Security

    Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Technology Veterans James Wickett and Ken Johnson Launch DryRun Security to Bring Security to Developers
Netwrix Report: Enterprises Suffer More Ransomware and Other Malware Attacks Than Smaller Organizations
Honeywell Releases Cyber Insights to Better Identify Cybersecurity Threats and Vulnerabilities
Harvard Pilgrim Health Care Notifies Individuals of Privacy Incident
Appdome Launches Build-to-Test, Automated Testing Option for Protected Mobile Apps
MORE PRODUCTS & RELEASES
CURRENT ISSUE

How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023   |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us