Cloud Email Filtering Bypass Attack Works 80% of the Time

A majority of enterprises that employ cloud-based email spam filtering services are potentially at risk, thanks to a rampant tendency to misconfigure them. [TechWeb]( Follow Dark Reading: [RSS]( April 01, 2024 LATEST SECURITY NEWS & COMMENTARY [Cloud Email Filtering Bypass Attack Works 80% of the Time]( A majority of enterprises that employ cloud-based email spam filtering services are potentially at risk, thanks to a rampant tendency to misconfigure them. [CISO Corner: Cyber-Pro Swindle; New Faces of Risk; Cyber Boosts Valuation]( Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Australia gets its cyber-groove back, and 2023's zero-day field day. [TheMoon Malware Rises Again with Malicious Botnet for Hire]( Outdated SOHO routers and IoT devices being hijacked by TheMoon to operate an anonymous hacker botnet service called Faceless. [UN Peace Operations Under Fire From State-Sponsored Hackers]( The international body isn't doing enough to protect details on dissidents and activists gathered by peacekeeping operations, particularly across Central Africa. [Geopolitical Conflicts: 5 Ways to Cushion the Blow]( By prioritizing key areas, security leaders can navigate the complexities of geopolitical conflicts more effectively. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Pervasive LLM Hallucinations Expand Code Developer Attack Surface]( The tendency of popular AI-based tools to recommend nonexistent code libraries offers a bigger opportunity than thought to distribute malicious packages. [3 Strategies to Future-Proof Data Privacy]( To meet changing privacy regulations, regularly review data storage strategies, secure access to external networks, and deploy data plane security techniques. [How New-Age Hackers Are Ditching Old Ethics]( Staying up to date and informed on threat-actor group behavior is one way both organizations and individuals can best navigate the continually changing security landscape. [Cisco IOS Bugs Allow Unauthenticated, Remote DoS Attacks]( Several Cisco products, including IOS, IOS XE, and AP software, need patching against various high-risk security vulnerabilities. [MORE]( PRODUCTS & RELEASES [Flare Acquires Foretrace to Accelerate Threat Exposure Management Growth]( [Checkmarx Announces Partnership With Wiz]( [WiCyS and ISC2 Launch Spring Camp for Cybersecurity Certification]( [New Cyber Threats to Challenge Financial Services Sector in 2024]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Suspected MFA Bombing Attacks Target Apple iPhone Users]( Several Apple device users have experienced recent incidents where they have received incessant password reset prompts and vishing calls from a number spoofing Apple's legitimate customer support line. LATEST FROM THE EDGE [Lessons From the LockBit Takedown]( The truly satisfying law enforcement takedown of the ransomware giant shows the value of collaborating — and fighting back. LATEST FROM DR TECHNOLOGY [Are You Affected by the Backdoor in XZ Utils?]( In this Tech Tip, we outline how to check if a system is impacted by the newly discovered backdoor in the open source xz compression utility. LATEST FROM DR GLOBAL [Saudi Arabia, UAE Top List of APT-Targeted Nations in the Middle East]( Government, manufacturing, and the energy industry are the top targets of advanced, persistent threat actors, with phishing attacks and remote exploits the most common vectors. WEBINARS - [Securing Code in the Age of AI]( - [Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Making Sense of Your Security Data: The 6 Hardest Problems]( - [The State of Incident Response]( - [Understanding Today's Threat Actors]( - [A Solution Guide to Operational Technology Cybersecurity]( - [FortiSASE Customer Success Stories - The Benefits of Single Vendor SASE]( - [Zero Trust Access For Dummies, 2nd Fortinet Special Edition]( - [2023 Work-from-Anywhere Global Study]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=122490&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_04.01.24&sp_cid=52796&utm_content=DR_NL_Dark%20Reading%20Daily_04.01.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#2e If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)