Researchers Keep a Wary Eye on Critical New Vulnerability in Apache Commons Text

There's nothing yet to suggest CVE-2022-42889 is the next Log4j. But proof-of-concept code is available, and interest appears to be ticking up. [TechWeb]( Follow Dark Reading: [RSS]( October 18, 2022 LATEST SECURITY NEWS & COMMENTARY [Researchers Keep a Wary Eye on Critical New Vulnerability in Apache Commons Text]( There's nothing yet to suggest CVE-2022-42889 is the next Log4j. But proof-of-concept code is available, and interest appears to be ticking up. [Disinformation Attacks Threaten US Midterm Elections]( Foreign nations continue to target various US public entities and private industries with cyberattacks, but the coming midterms are driving more disinformation than hacking, say experts. [4 Stakeholders Critical to Addressing the Cybersecurity Workforce Gap]( A cross-disciplinary effort of change is needed to attract new professionals in the coming decade. [Signal to Ditch SMS/MMS Messaging on Android]( Main driver for the change: "Plaintext SMS messages are inherently insecure." [Tactics Tie Ransom Cartel Group to Defunct REvil Ransomware]( Ransom Cartel ransomware-as-a-service operator blog claims to offer a new and improved version of REvil ransomware. [(Sponsored Article) 5 Signs That It's Time to Invest in Data Loss Prevention]( Automation means more attacks. It also means smarter, easier-to-implement prevention techniques. Here are five signs it is time to put your own data loss prevention strategy into place. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Microsoft 365 Message Encryption Can Leak Sensitive Info]( The default email encryption used in Microsoft Office's cloud version is leaky, which the company acknowledged but said it wouldn't fix. [Care and Feeding of the SOC's Most Powerful Tool: Your Brain]( Once overloaded, our brains can't process information effectively, performance decreases, and even the simplest of tasks seem foreign. [7 IoT Devices That Make Security Pros Cringe]( A look at everything from truly dumb smart devices to cool-looking IoT tech with huge cybersecurity and privacy implications. [MORE]( EDITORS' CHOICE [Concerns Over Fortinet Flaw Mount; PoC Released, Exploit Activity Grows]( The authentication bypass flaw in FortiOS, FortiProxy and FortiSwitchManager is easy to find and exploit, security experts say. LATEST FROM THE EDGE [What Fast-Talkers Can Teach Us About Vetting Vendors]( Here's how to differentiate vendors that can back up their words with solutions and those that cannot. LATEST FROM DR TECHNOLOGY [The Risk of Stateful Anti-Patterns in Enterprise Internet Architecture]( Excessive statefulness hurts the ability to scale networks, applications, and ancillary supporting infrastructure, thus affecting an entire service delivery chain's ability to withstand a DDoS attack. WEBINARS - [State of Bot Attacks: What to Expect in 2023]( Malicious bots have moved past distributed denial-of-service and credential-stuffing attacks and are now capable of launching sophisticated attacks such as performing reconnaissance for future attacks, committing shopping cart and ticketing fraud, and engaging in clickjacking. Bot attacks are highly profitable ... - [Next-Gen Security Operations: Building the SOC of the Future]( What does a security operations center (SOCs) require in 2022? The practice of monitoring and responding to threats looks very different today than it did just a few years ago. Which tools and skills do you need know to outfit a ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [State of Email Security]( - [State of Ransomware Readiness: Facing the Reality Gap]( - [Understanding the Zero Trust Approach]( - [Top Cloud Threats to Cloud Computing: Pandemic Eleven]( - [State of Attack Surface Management: A Crisis of Overconfidence]( - [BotGuard for Applications Higher Education Case Study]( - [10 Ways a Zero Trust Architecture Protects Against Ransomware]( [View More White Papers >>]( FEATURED REPORTS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [6 Elements of a Solid IoT Security Strategy]( - [Incorporating a Prevention Mindset into Threat Detection and Response]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [New Research Report Predicts Blockchain and Quantum Threat Will Quickly Spread Beyond Cybercurrencies; Surge in New Product and Services Opportunities to Come]( [Imprivata Expands Its Integrated Digital Identity Platform to Defragment Identities Across Disparate Applications]( [Acuity Reports Increase in Cyber Liability Insurance Claims as Cybercrime Skyrockets]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Building the SOC of the Future]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)