Dark Reading Daily.

"Move over, MOVEit:  Critical Progress Bug infests WS_FTP software."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 02 October 2023, 1453 UTC.

Content provided by email subscription to "Dark Reading Daily."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtxSvvGtxqLqCDrJLssZXTsDNw ("Dark Reading Daily").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Move Over, MOVEit: Critical Progress Bug Infests WS_FTP Software
In the wake of Cl0p's MOVEit rampage, Progress Software is sending file-transfer customers scrambling again — this time to patch a critical bug that is easily exploitable with a specially crafted HTTPS POST request.
DHS: Physical Security a Concern in Johnson Controls Cyberattack
An internal memo cites DHS floor plans that could have been accessed in the breach.
Cybersecurity Gaps Plague US State Department, GAO Report Warns
The federal department that oversees the US diplomatic corps abroad suffers a serious lack of visibility into the cyber threats it faces and the security vulnerabilities it's harboring.
Spyware Vendor Targets Egyptian Orgs With Rare iOS Exploit Chain
The Israeli company developed highly-targeted, mobile malware that would make any APT jealous.
People Still Matter in Cybersecurity Management
Cybersecurity's constant stream of shiny new things shouldn't distract managers from their focus on the people they're protecting.
Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files
Images purporting to be of the Armenia and Azerbaijan conflict were malware downloaders in disguise.
(Sponsored Article) Evaluating New Partners and Vendors From an Identity Security Perspective
Before working with new vendors, it's important to understand the potential risks they may pose to your digital environments.
Johnson Controls International Disrupted by Major Cyberattack
The company filed with the SEC and is assessing its operations and financial damages.

New Cisco IOS Zero-Day Delivers a Double Punch
The networking giant discloses new vulnerabilities the same day as warnings get issued that Cisco gear has been targeted in a Chinese APT attack.

How the Okta Cross-Tenant Impersonation Attacks Succeeded
Sophisticated attacks on MGM and Caesars underscore the reality that even robust identity and access management may not be enough to protect you.

4 Legal Surprises You May Encounter After a Cybersecurity Incident
Many organizations are not prepared to respond to all the constituencies that come knocking after a breach or ransomware incident.

Government Shutdown Poised to Stress Nation's Cybersecurity Supply Chain
CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.

How Can Your Security Team Help Developers Shift Left?
Implementing a shift-left process in cybersecurity requires pulling together people, processes, and technology.

A Preview of Windows 11's Passkeys Support
The latest update to Windows 11 introduces support for passkeys, which provide phishing-resistant passwordless authentication.

Q&A: UK Ambassador on Creating New Cybersecurity Agencies Around the World
How the UK is assisting other nations in forming their own versions of a National Centre for Cybersecurity (NCSC).
  • Fundamentals of a Cyber Risk Assessment

    Executives are increasingly thinking about cyberattacks and security threats in terms of risk to their organization. It can be difficult for organizations to quantitatively measure risk, or to assess how an attack or breach would impact the business. In this ...

  • Using AI in Application Security Tooling

    As AI continues to improve, security vendors are considering how they can use AI to protect applications. In web application and API security tooling used to protect production environments, AI/ML can be used to enhance and complement existing tactics ...

View More Dark Reading Webinars >>
View More White Papers >>
View More Dark Reading Reports >>

How to Deploy Zero Trust for Remote Workforce Security

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us


Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.