Dark Reading Daily -- May 16, 2024

Cybercriminals are trafficking DocuSign assets that allow for easy extortion and business email compromise.

LATEST SECURITY NEWS & COMMENTARY

Scammers Fake DocuSign Templates to Blackmail & Steal From Companies

Cybercriminals are trafficking DocuSign assets that allow for easy extortion and business email compromise.

Patch Now: Another Google Zero-Day Under Exploit in the Wild

Google has rolled an emergency patch for CVE-2024-4947, the third Chrome zero-day it's addressed in the past week.

Flaw in Wi-Fi Standard Can Enable SSID Confusion Attacks

Attackers can exploit the issue to trick users into connecting to insecure networks, but it works only under specific conditions.

FBI, DoJ Shut Down BreachForums, Launch Investigation

Instead of online contraband, the website now asks anyone with information that could help with the investigation to contact authorities.

D-Link Routers Vulnerable to Takeover Via Exploit for Zero-Day

A vulnerability in the HNAP login request protocol that affects a family of devices gives unauthenticated users root access for command execution.

3 Tips for Becoming the Champion of Your Organization's AI Committee

CISOs are now considered part of the organizational executive leadership and have both the responsibility and the opportunity to drive not just security but business success.

(Sponsored Article) A Cyber-Resiliency Plan Focused on Offensive Security

The convergence of cyber resiliency and business planning is gaining strategic importance and enabling more successful and sustainable outcomes.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
Dangerous Google Chrome Zero-Day Allows Sandbox Escape Exploit code is circulating for CVE-2024-4761, disclosed less than a week after a similar security vulnerability was disclosed as being used in the wild. Unprotected Session Tokens Can Undermine FIDO2 Security While the protocol has made passwordless authentication a reality, token-binding is key to prevent against token theft and reuse, security vendor says. There Is No Cyber Labor Shortage There are plenty of valuable candidates on the market. Hiring managers are simply looking in the wrong places. As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs Scattered Spider is as active as ever, despite authorities claiming that they're close to nailing its members. MORE

PRODUCTS & RELEASES

Alkira Raises $100M in Series C Funding to Simplify, Secure and Scale Critical Network Infrastructure

Notice of a Data Breach

Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings

runZero Research Explores Unexpected Exposures in Enterprise Infrastructure

MORE PRODUCTS & RELEASES

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Microsoft Windows DWM Zero-Day Poised for Mass Exploit

CVE-2024-30051, under active exploit, is the most concerning out of this month's Patch Tuesday offerings, and already being abused by several QakBot actors.

LATEST FROM THE EDGE

Heartbleed: When Is It Good to Name a Vulnerability?

Ten years have passed since Heartbleed was first identified, but the security industry is still grappling with the question of branded vulnerabilities and naming vulnerabilities appropriately.

LATEST FROM DR TECHNOLOGY

Google's AI Watermarks Will Identify Deepfakes

Thy SynthID line of watermarking techniques can be used to identify AI-generated images, video, and text.

LATEST FROM DR GLOBAL

Nigeria Halts Cybersecurity Tax After Public Outrage

In the midst of an economy struggling with soaring inflation, the Nigerian government paused plans to place a levy on domestic transactions that was aimed at enhancing cybersecurity.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>