Security professionals warn that Google's new top-level domains, .zip and .mov, pose social engineering risks while providing little reason for their existence.
| | | LATEST SECURITY NEWS & COMMENTARY | | Google's .zip, .mov Domains Give Social Engineers a Shiny New Tool Security professionals warn that Google's new top-level domains, .zip and .mov, pose social engineering risks while providing little reason for their existence. OAuth Flaw in Expo Platform Affects Hundreds of Third-Party Sites, Apps A cybersecurity vulnerability found in an implementation of the social login functionality opens the door to account takeovers and more. 'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea. Microsoft: BEC Attackers Evade 'Impossible Travel' Flags With Residential IP Addresses Threat actors are circumventing geo-location-based security detections, using a combination of cybercrime-as-a-service platforms and the purchasing of local IP addresses. Bridgestone CISO: Lessons From Ransomware Attack Include Acting, Not Thinking A February 2022 attack knocked the giant tire maker's North American operations offline for several days. PyPI Shuts Down Over the Weekend, Says Incident Was Overblown The climate of concern around open source security and supply chain attacks may have caused a small story to become a big one. 3 Common Initial Attack Vectors Account for Most Ransomware Campaigns The data shows how most cyberattacks start, so basic steps can help organizations avoid becoming the latest statistic. Apple Patches 3 Zero-Days Possibly Already Exploited In an advisory released by the company, Apple revealed patches for three previously unknown bugs it says may already have been used by attackers. Meta Hit With $1.3B Record-Breaking Fine for GDPR Violations The technology conglomerate has until later this year to end its transfer of European user's data across the Atlantic. 3 Ways Hackers Use ChatGPT to Cause Security Headaches As ChatGPT adoption grows, the industry needs to proceed with caution. Here's why. Cyber Warfare Lessons From the Russia-Ukraine Conflict Techniques used in cyber warfare can be sold to anyone — irrespective of borders, authorities, or affiliations. We need to develop strategies to respond at scale. Keep Your Friends Close and Your Identity Closer As we share an increasing amount of personal information online, we create more opportunities for threat actors to steal our identities. MORE NEWS / MORE COMMENTARY | | |
| | | | | WEBINARS | | Mastering Endpoint Security: The Power of Least Privilege Join us at one of our upcoming live and interactive events we will explore the critical role of least privilege in endpoint security, how it helps to systematically strengthen organization's security posture, and provides a solid foundation for endpoint security ... Here's What Zero Trust Really Means Credential theft, lateral movement and other cyberattack tricks have foiled perimeter security again and again. We know that the old philosophy of trusting everything and everyone inside a network is no longer sound. The zero-trust model - trust nothing, verify ... | | View More Dark Reading Webinars >> |
|
| | | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
