A proof-of-concept exploit allows remote compromises of Spring Web applications.
Follow Dark Reading:
 March 31, 2022
LATEST SECURITY NEWS & COMMENTARY
Zero-Day Vulnerability Discovered in Java Spring Framework
A proof-of-concept exploit allows remote compromises of Spring Web applications.
Cybercriminals Fighting Over Cloud Workloads for Cryptomining
Whether compromising misconfigured cloud infrastructure or taking advantage of free-tier cloud development platforms, attackers see a vast pool of workloads to use for cryptomining.
How Security Complexity Is Being Weaponized
As environments grow noisier, it becomes easier for attackers to intentionally create distractions.
Smart Cities: Secure by Design? It Takes a Village
Smart-city security breaches have potentially very serious consequences — they can be economically devastating and even life-threatening, if handled wrong.
CISA, DOE Warn of Attacks on Uninterruptible Power Supply (UPS) Devices
Take UPS management interfaces off the Internet "immediately," agencies say.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm
Evgeny Viktorovich Gladkikh tried to cause catastrophic damage to Saudi oil refinery in 2017 via the Triton/Trisis malware, the US has alleged.

Vodafone Portugal: The Attack on Brand Reputations and Public Confidence Through Cybercrime
Companies must prepare effective, data-driven threat-response strategies as they monitor for reputational risks as well as cyberattacks.

HR Alone Can't Solve the Great Resignation
Here's how IT teams and decision-makers can step up to support the workforce. Creating a culture of feedback and introducing automation can mitigate burnout, inspire employees, and reduce turnover.

MORE
EDITORS' CHOICE

Log4j Attacks Continue Unabated Against VMware Horizon Servers
Threat actors are exploiting the vulnerability to drop Web shells and cryptominers, security vendor says.
LASTEST FROM THE EDGE

How Casinos Can Prevent Loyalty Incentive and Account Takeover Fraud
As casinos go digital, their loyalty programs and authentic accounts are at risk.
LASTEST FROM DR TECHNOLOGY

How to Prevent the Next Log4j-Style Zero-Day Vulnerability
An interactive static analyzer gives developers information on potential risks arising from user inputs while they code. This could be a game-changer.
Tech Resources
ACCESS TECH LIBRARY NOW

  • Protecting Industrial Control Systems from Modern Threats

    A 2021 attack on an industrial control system (ICS) at a water treatment plant in a small town in Florida raised eyebrows and surfaced new fears about the risks these kind of systems face. Unfortunately, many ICS systems are working on ...

  • Rethinking Asset Management to Improve Enterprise Security

    One common reason behind many enterprise security breaches is that attackers found a system, application, or device that security teams didn't know they had. Attackers can tamper with these unknown systems to make them look legitimate, and security defenders may ...

MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To update your profile, change your e-mail address, or unsubscribe, click here.
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.