Malicious PowerShell Use, Attacks on Office 365 Surge | 8 Security & Privacy Apps You Should Share

[TechWeb]( Follow Dark Reading: [RSS]( April 15, 2021 LATEST SECURITY NEWS & COMMENTARY [Malicious PowerShell Use, Attacks on Office 365 Accounts Surged in Q4]( There was also a sharp increase in overall malware volumes in the fourth quarter of 2020, COVID-19 related attack activity, and mobile malware, new data shows. [8 Security & Privacy Apps to Share With Family and Friends]( Mobile apps to recommend to the people in your life who want to improve their online security and privacy. [Zoom Joins Microsoft Teams on List of Enterprise Tools Hacked at Pwn2Own]( White-hat hacking event shows yet again why there's no such thing as foolproof security against modern attacks. [FBI Operation Remotely Removes Web Shells From Exchange Servers]( A court order authorized the FBI to remove malicious Web shells from hundreds of vulnerable machines running on-premises Exchange Server. [NSA Alerted Microsoft to New Exchange Server Vulnerabilities]( Microsoft today patched 114 CVEs to address the Exchange Server flaws, more than 50 remote code execution vulnerabilities, and one zero-day. [Microsoft Uses Machine Learning to Predict Attackers' Next Steps]( Researchers build a model to attribute attacks to specific groups based on tactics, techniques, and procedures, and then figure out their next move. [5 Objectives for Establishing an API-First Security Strategy]( With APIs predicted to be the most common attack vector by 2022, an API-first security strategy is critical now more than ever. [Women Are Facing an Economic Crisis & the Cybersecurity Industry Can Help]( Investing in women's cybersecurity careers can bring enormous benefits and help undo some of the significant economic damage wrought by the pandemic. [Microsoft Warns of Malware Delivery via Google URLs]( A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan. [CISA Launches New Threat Detection Dashboard]( Aviary is a new dashboard that works with CISA's Sparrow threat detection tool. [MORE NEWS & COMMENTARY]( HOT TOPICS [DNS Vulnerabilities Expose Millions of Internet-Connected Devices to Attack]( Researchers uncover a fresh set of nine vulnerabilities in four TCP/IP stacks that are widely used in everything from powerful servers and firewalls to consumer IoT products. [Handcuffs Over AI: Solving Security Challenges With Law Enforcement]( We've tried everything else ... now it's time to make the prospect of getting caught -- and punished -- a real deterrent to cybercrime. [The CISO Life Is Half as Good]( Lora Vaughn was at a crossroads -- and that was before mandated pandemic lockdowns came into play. Here's her story of how life got sweeter after she stepped away from the CISO job. [MORE]( EDITORS' CHOICE [Dark Reading to Upgrade Site Design, Performance]( Improvements will make site content easier to navigate, faster, and more functional. [Wake Up and Smell the JavaScript]( The SolarWinds attack showed the true meaning of a supply chain breach. And it's the canary in the coal mine for sensitive data on the Web. LATEST FROM THE EDGE [9 Modern-Day Best Practices for Log Management]( Log management is nothing new. But doing so smartly, correctly, and concisely in today's data-driven world is another story. Tech Resources - [What Elite Threat Hunters See That Others Miss: Case Study]( - [Are We Cyber-Resilient? The Key Question Every Organization Must Answer]( - [10 Must-Have Capabilities for Stopping Malicious Automation Checklist]( - [SANS 2021 Cyber Threat Intelligence Survey]( - [Smart Service Management: Working Better Together with a Connected Enterprise]( - [How to Optimize Your Windows 10 Defense Strategy]( - [Develop an Effective Prevention Strategy Designed for Virtual Desktop Infrastructure]( [ACCESS TECH LIBRARY NOW]( - [Building Asset Management into Your Enterprise Security Strategy - Free Webinar]( In this webinar, experts discuss methods and technologies for gaining a more complete picture of your IT environment, and for securing or eliminating unknown elements that attempt to use your network. Attend this webinar and you'll: --Learn what tools can ... - [Insider Threats: An Interactive Crisis Simulation]( This interactive webinar will throw attendees into an emerging insider threat simulation taking place at a fictional pharmaceutical company. In this scenario, participants from various industries must use their decision-making skills to find the insider threat, manage the growing crisis, ... [MORE WEBINARS]( FEATURED REPORTS - [Improving Security by Moving Beyond VPN]( - [Accelerate Threat Resolutions with DNS]( [MORE REPORTS]( CURRENT ISSUE [2021 Top Enterprise IT Trends]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Invicti Security Reports on Lost Year in Web Application Security]( [CloudKnox Uncovers Permissions Gap Across Enterprise Hybrid & Multi-Cloud Environments]( [Imperva Research Labs Reveals Bot Traffic Climbs to Record High in 2020]( [Survey: 60% of Educational Organizations Hit by Phishing Attacks Targeting Cloud Data]( [Vital Pandemic Industries Foster Unprecedented DDoS Attack Activity, NETSCOUT Threat Intelligence Report Finds]( [1Password Launches Secrets Automation & Makes Acquisition to Protect Infrastructure Secrets]( [MORE PRODUCTS & RELEASES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)