Enterprises typically use the Java-like programming language to customize their Salesforce instances, but attackers are hunting for vulnerabilities in the apps.
Follow Dark Reading:
 February 22, 2024
LATEST SECURITY NEWS & COMMENTARY
Misconfigured Custom Salesforce Apps Expose Corporate Data
Enterprises typically use the Java-like programming language to customize their Salesforce instances, but attackers are hunting for vulnerabilities in the apps.
El Al Flight Crew Suffers Midflight Communication Disruption
Though the incident took place over a known Houthi area, some say this incident was at the hands of a Somali group, based on frequent communication disruptions in the country.
Iran Warship Aiding Houthi Pirates Hacked by US
US reportedly launched a cyberattack against an Iranian military ship suspected of helping Houthi rebel pirates menacing shipping traffic in the Red Sea.
Critical ConnectWise RMM Bug Poised for Exploitation Avalanche
Two days after disclosure, most instances of the remote desktop tool remain unpatched, while cyberattackers have started in-the-wild exploitation — and researchers warn it could get ugly, fast.
'KeyTrap' DNS Bug Threatens Widespread Internet Outages
Thanks to a 24-year-old security vulnerability tracked as CVE-2023-50387, attackers could stall DNS servers with just a single malicious packet, effectively taking out wide swaths of the Internet.
CISO Corner: CIO Convergence, 10 Critical Security Metrics & Ivanti Fallout
Also in this issue: Mideast investment, new FCC breach notification rules, and how Dark Reading readers use GenAI tools in their cybersecurity apparatus.
Volt Typhoon Hits Multiple Electric Utilities, Expands Cyber Activity
"Voltzite," the APT's subset that focuses on OT networks and critical infrastructure, has also compromised targets in Africa.
Google's Cloud Run Service Spreads Several Bank Trojans
A surging bank malware campaign abuses Google Cloud Run and targets Latin America, with indications that it's hitting other regions as well, researchers warn.
iOS, Android Malware Steals Faces to Defeat Biometrics With AI Swaps
Southeast Asia is learning the hard way that biometric scans are nearly as easy to bypass as other kinds of authentication data, thanks to a creative banking Trojan.
Cybersecurity's Transformative Shift
The industry is evolving from one of conventional threat detection toward a strategy that emphasizes context and preempts user behavior.
How CISOs Balance Business Growth, Security in Cyber-Threat Landscape
Collaboration, care, and proactive planning need to be part of CISO toolboxes as worsening threat environments become the new normal. CISOs need to adjust processes so business innovation can continue.
Cyber Insurance Needs to Evolve to Ensure Greater Benefit
A catastrophic cyber event hasn't yet come to pass, but vast amounts of personal data have been compromised. We need to be prepared for worst-case scenarios.
Name That Toon: Keys to the Kingdom
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
'VoltSchemer' Hack Allows Wireless Charger Takeovers
Researchers tested their theory on nine chargers, each different and available to consumers, and found them all vulnerable to their attacks.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
CISO and CIO Convergence: Ready or Not, Here It Comes
Recent shifts underscore the importance of collaboration and alignment between these two IT leaders for successful digital transformation.

4 Key Steps to Reevaluate Your Cybersecurity Priorities
Amid a spike in attacks, now is a good time for brands to strengthen their cybersecurity strategy.

Like Seat Belts and Airbags, 2FA Must Be Mandatory ASAP
One of the worst hacks in history demonstrated that any online service must force its users to adopt at least two-factor authentication. This must be applied everywhere ASAP as a public safety measure.

We're at a Pivotal Moment for AI and Cybersecurity
But generative AI's ability to strengthen security and fortify defenses can keep bad actors in check.

MORE
PRODUCTS & RELEASES
Vade Releases 2023 Phishers' Favorites Report
Strata Identity Reins in Global Access and Compliance Challenges With Cross-Border Orchestration Recipes
Quorum Cyber Joins Elite Microsoft FastTrack-Ready Partner Group
LightEdge Releases Next-Gen Suite of Cloud Security & Managed Services
Somos, Inc. Protects Businesses' IoT Assets With the Availability of SomosID
Perforce to Acquire Delphix, Adding Enterprise Data Management Software to its DevOps Portfolio
Demand for 'Secure by Design' Product Growing, Creating Opportunity for Software Security Specialization
Cobalt's New Report Uncovers a Big Shift in Cybersecurity Strategy
Vectra AI Launches Global, 24x7 Open MXDR Service Built to Defend Against Hybrid Attacks
JumpCloud's Q1 2024 SME IT Trends Report Reveals AI Optimism Tempered by Security Concerns
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Microsoft Exchange Server Flaw Exploited as a Zero-Day Bug
Microsoft has observed signs of active exploits targeting CVE-2024-21410.
LATEST FROM THE EDGE

Library Cyber Defenses Are Falling Down
Librarians are being asked to defend themselves online against sophisticated and complex attacks. It's an unequal fight.
LATEST FROM DR TECHNOLOGY

What Using Security to Regulate AI Chips Could Look Like
An exploratory research proposal is recommending regulation of AI chips and stronger governance measures to keep up with the rapid technical innovations in artificial intelligence.
LATEST FROM DR GLOBAL

Q&A: The Cybersecurity Training Gap in Industrial Networks
Cyberattacks and threats increasingly are honed in on ICS/OT networks, but security training for operators of these critical infrastructure environments is perilously scarce.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us