Atlassian Confluence Server Bug Under Active Attack to Distribute Ransomware

Most of the attacks involve the use of automated exploits, security vendor says. [TechWeb]( Follow Dark Reading: [RSS]( June 20, 2022 LATEST SECURITY NEWS & COMMENTARY [Atlassian Confluence Server Bug Under Active Attack to Distribute Ransomware]( Most of the attacks involve the use of automated exploits, security vendor says. [DeadBolt Ransomware Actively Targets QNAP NAS Devices — Again]( The QNAP network-connected devices, used to store video surveillance footage, are a juicy target for attackers, experts warn. [Can We Make a Global Agreement to Halt Attacks on Our Energy Infrastructure?]( The energy sector remains susceptible to both espionage between nation-states and cybercrime, and recent developments keep pointing toward more attacks. [WordPress Plug-in Ninja Forms Issues Update for Critical Bug]( The code injection vulnerability is being actively exploited in the wild, researchers say. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Microsoft Patches 'Follina' Zero-Day Flaw in Monthly Security Update]( Here are which Microsoft patches to prioritize among the June Patch Tuesday batch. [CISA Recommends Organizations Update to the Latest Version of Google Chrome]( Google last week reported seven vulnerabilities in the browser, four of which it rated as high severity. [Understanding and Mitigating Single Sign-on Risk]( SSO's one-to-many architecture is both a big advantage and a weakness. [3 Big Takeaways From the Verizon DBIR 2022]( The annual report is always filled with useful security information. Here are several of the most important lessons from this year's edition. [MORE]( EDITORS' CHOICE [Internet Explorer Now Retired but Still an Attacker Target]( Though the once-popular browser is officially now history as far as Microsoft support goes, adversaries won't stop attacking it, security experts say. LATEST FROM THE EDGE [Ransomware and Phishing Remain IT's Biggest Concerns]( Security teams — who are already fighting off malware challenges — are also facing renewed attacks on cloud assets and remote systems. LATEST FROM DR TECHNOLOGY [7 Ways to Bring AI to Cybersecurity]( Academic researchers are developing projects to apply artificial intelligence to detect and stop cyberattacks and keep critical infrastructure secure, thanks to grants from the C3.ai Digital Transformation Institute. WEBINARS - [Outsourcing Cybersecurity: A Decision Maker's Guide]( When it comes to cybersecurity, very few enterprises have all the skills and resources they need on staff. On today's market, your enterprise can outsource a wide variety of cyber tasks, from penetration testing to security monitoring to incident response. ... - [Using Threat Modeling to Improve Enterprise Cyber Defenses]( As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Five Best Practices for AWS Security Monitoring]( - [Eight Best Practices for a Data-Driven Approach to Cloud Migration]( - [Sumo Logic for Continuous Intelligence]( - [Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal]( - [Five Cardinal Sins of Data Security and Privacy]( - [Endpoint Detection Net Suite Use Cases]( - [Optimizing Endpoint Protection]( [View More White Papers >>]( FEATURED REPORTS - [Incorporating a Prevention Mindset into Threat Detection and Response]( - [Rethinking Endpoint Security in a Pandemic and Beyond]( IT security teams are expending the concept of "endpoint security" as companies adjust to a distributed workforce. How much responsibility will enterprise IT take for the security of personal devices such as printers. How will they manage identities across multiple ... - [How Enterprises Plan to Address Endpoint Security Threats in a Post-Pandemic World]( Dark Reading's 2022 Endpoint Security Report examines how IT and cybersecurity professionals are grappling with the impact of pandemic-related changes on endpoint security strategies. The report explores how they are building their endpoint security defenses, and provides insight on what organizations ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [BlastWave Announces Enhancements to Its Zero-Trust Security Software Solution, BlastShield]( [Incognia Introduces Location-Based Liveness Spoofing Detection Solution]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Breaches Prompt Changes to Enterprise IR Plans and Processes]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)