A pair of Microsoft bugs allow cyberattackers to bypass native Windows Internet download security, says former CERT CC researcher who discovered the flaws.
Follow Dark Reading:
 October 26, 2022
LATEST SECURITY NEWS & COMMENTARY
Windows Mark of the Web Zero-Days Remain Patchless, Under Exploit
A pair of Microsoft bugs allow cyberattackers to bypass native Windows Internet download security, says former CERT CC researcher who discovered the flaws.
Threat Groups Repurpose Banking Trojans into Backdoors
Ursnif, a one-time banking Trojan also known as Gozi, becomes the latest codebase to be repurposed as a more general backdoor, as malware developers trend toward modularity.
Cybersecurity Risks & Stats This Spooky Season
From ransomware to remote workers to cyber-extortion gangs to Fred in shipping who clicks on the wrong link, cybersecurity concerns can keep you awake this season and all seasons.
HR Departments Play a Key Role in Cybersecurity
A more secure organization starts with stronger alignment between HR and the IT operation.
LinkedIn Phishing Spoof Bypasses Google Workspace Security
A credential-stealing attack that spoofed LinkedIn and targeted a national travel organization skates past DMARC and other email protections.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
List of Common Passwords Accounts for Nearly All Cyberattacks
Half of a million passwords from the RockYou2021 list account for 99.997% of all credential attacks against a variety of honeypots, suggesting attackers are just taking the easy road.

8 Trends Driving Cybersecurity in the Public Sector
CISOs and security leaders in state and local governments are dealing with increasing threats like ransomware — with varying degrees of cyber maturity.

Cybersecurity's Role in Combating Midterm Election Disinformation
A multilayered attack technique that took center stage in 2020 and has only grown more endemic.

MORE
EDITORS' CHOICE
Atlassian Vulnerabilities Highlight Criticality of Cloud Services
Two flaws in the popular developer cloud platform show how weaknesses in authorization functions and SaaS flaws can put cloud apps at risk.
LATEST FROM THE EDGE

Equifax's Lessons Are Still Relevant, 5 Years Later
Cybersecurity pros discuss a trio of lessons from the Equifax hack and how to prevent similar attacks in the enterprise.
LATEST FROM DR TECHNOLOGY

Hardware Makers Standardize Server Chip Security With Caliptra
The new open source specification from Open Compute Project is backed by Google, Nvidia, Microsoft, and AMD.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Spyderbat Raises Series A to Deliver Runtime Security Throughout Cloud Native Software Development Environments
MSP Market Opportunity Report Finds Cybersecurity as Primary Growth Driver as SMBs Lack Resources to Develop Security Program In-House
Security Leaders are Calling for Industry to Take Action and Programmatically Improve Secure Coding Education
Study Finds Significant Correlation Between BitSight Analytics and Cybersecurity Incidents
Dealers Report Dramatic Increase in Identity Fraud: Most Lack Effective Protection
SealPath Data Classification Powered by Getvisibility Applies Artificial Intelligence to Improve Accuracy and Efficiency of Data Labelling and Protection
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Building the SOC of the Future
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us