Microsoft's January 2023 Patch Tuesday security update contains fixes for bugs in multiple products. Here's what you need to patch now.
| | | LATEST SECURITY NEWS & COMMENTARY | | 98 Patches: Microsoft Greets New Year With Zero-Day Security Fixes Microsoft's January 2023 Patch Tuesday security update contains fixes for bugs in multiple products. Here's what you need to patch now. JsonWebToken Security Bug Opens Servers to RCE The JsonWebToken package plays a big role in the authentication and authorization functionality for many applications. Better Phishing, Easy Malicious Implants: How AI Could Change Cyberattacks Current defenses are able to protect against today's AI-enhanced cybersecurity threats, but that won't be the case for long as these attacks become more effective and sophisticated. Black Hat Flashback: The Deadly Consequences of Weak Medical Device Security Hacking to kill: Dark Reading's Fahmida Y. Rashid reflects on the monumental Black Hat 2011 moment when Jay Radcliffe showed how to hack his insulin pump. PurpleUrchin Gang Embraces DevOps in Massive Cloud Malware Campaign The Automated Libra group is deploying all components of its campaign in an automated manner via containers, stealing free trial resources for cryptomining, but the threat could get larger. 200M Twitter Profiles, With Email Addys, Dumped on Dark Web for Free A data dump of Twitter user details on an underground forum appears to stem from an API endpoint compromise and large-scale data scraping. Quantum Decryption Breakthrough? Not So Fast A paper by two dozen Chinese researchers maintains that near-future quantum computers could crack RSA-2048 encryption, but experts call the claims misleading. Rackspace Ransomware Incident Highlights Risks of Relying on Mitigation Alone Organizations often defer patching because of business disruption fears — but that didn't work out very well for Rackspace's Hosted Exchange service. From Ferrari to Ford, Cybersecurity Bugs Plague Automotive Safety Security vulnerabilities plague automakers, and as vehicles become more connected, a more proactive stance on cybersecurity will be required — alongside regulations. Preparing for the Effects of Quantum-Centric Supercomputing While it has been a perennial forecast that efficient universal quantum computers are “a decade away,” that prospect now seems a legitimate possibility. Organizations need to get ready now. Web 3.0 Shifts Attack Surface and Highlights Need for Continuous Security A model of continuous authentication and identification is needed to keep consumers safe. Don't Be Blindsided by Software Bills of Materials It's imperative we collaborate and partner to improve software security. This may require developing tools and standards that can enrich SBOMs and provide deeper analysis. The Resolution Every CSO/CISO Should Make This Year Shift your mindset from risk to resilience. MORE NEWS / MORE COMMENTARY | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
