State-sponsored actors continue to exploit CVE-2023-23397, a dangerous no-interaction vulnerability in Microsoft's Outlook email client that was patched in March, in a widespread global campaign.
Follow Dark Reading:
 December 11, 2023
LATEST SECURITY NEWS & COMMENTARY
Russian Espionage Group Hammers Zero-Click Microsoft Outlook Bug
State-sponsored actors continue to exploit CVE-2023-23397, a dangerous no-interaction vulnerability in Microsoft's Outlook email client that was patched in March, in a widespread global campaign.
Apple: 2.5B Records Exposed, Marking Staggering Surge in Data Breaches
Data breaches are rapidly accelerating, according to a number-crunching report from Apple this week — heightening the need to finally implement end-to-end data encryption.
Municipalities Face a Constant Battle as Ransomware Snowballs
As record-breaking volumes of ransomware hit cities, towns, and counties this year, municipalities remain easy targets that pay, and there's no end of the attacks in sight.
ALPHV/BlackCat Takedown Appears to Be Law Enforcement Related
Threat intel sources confirm the ransomware group's site has been shuttered by law enforcement.
Increased Cyber Regulation in the Offing as Attacks Mount
Cybersecurity could be heading for a Sarbanes Oxley-type of regulation in light of escalating attacks, but the devil is in the details.
Kenyan Digital Identity System Shelved Over Data Protection Concerns
Privacy concerns see the proposed digital identity system paused until February.
The 3 Most Prevalent Cyber Threats of the Holidays
Chaos and volume of holiday season sales make a perfect storm of threat opportunity. Companies need to prepare — and practice! — action plans, identify key stakeholders, and consider cyber insurance.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Proxy Trojan Targets macOS Users for Traffic Redirection
Apple users who end up with the Trojan on their machines face a number of bad outcomes, including potential criminal liability.

4 Metrics That Help CISOs Become Strategic Partners With the Board
To demonstrate the CISO role's value, frame your work using metrics that align with the most critical parts of every business: risk, growth, expenses, and people.

Ransomware, Data Breaches Inundate OT & Industrial Sector
Because of the criticality of remaining operational, industrial companies and utilities are far more likely to pay, attracting even more threat groups and a focus on OT systems.

As SAT Goes Digital, Schools Must Prepare for Disruption
Local school districts nationwide need to ensure the basic security and readiness of their network infrastructure before spring 2024.

MORE
PRODUCTS & RELEASES
CISOs See Software Supply Chain Security As Bigger Blind Spot Than GenAI: Cycode
Cybersixgill Announces Identity Intelligence Module for Threat Analysis
ProvenRun Secures €15M Series A to Accelerate its Growth
Foresite Cybersecurity Partners With Crowdstrike
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Iran Threatens Israel's Critical Infrastructure With 'Polonium' Proxy
Cyber mimics life, as Iran uses Lebanese hackers to attack its bête noire.
LATEST FROM THE EDGE

Human-Centric Security Model Meets People Where They Are
Instead of fighting workarounds that compromise security, a human-centered system fixes the process issues that prompt people to work dangerously.
LATEST FROM DR TECHNOLOGY

Making Cyber Insurance Available for Small Biz, Contractors
Cyber insurance companies are moving down-market to offer policies to help protect remote employees, independent contractors, and small businesses from the cost of cyberattacks.
LATEST FROM DR GLOBAL

'HeadCrab' Malware Variants Commandeer Thousands of Servers
New techniques in a second variant of the malware improved functionality and communication commands.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • The State of Supply Chain Threats
  • What Ransomware Groups Look for in Enterprise Victims

    Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ...

  • How to Use Threat Intelligence to Mitigate Third-Party Risk

    The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ...
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us