Patchless Cisco Flaw Breaks Cloud Encryption for ACI Traffic

Vulnerable Nexus 9000 Series Fabric Switches in ACI mode should be disabled, Cisco advises. [TechWeb]( Follow Dark Reading: [RSS]( July 07, 2023 LATEST SECURITY NEWS & COMMENTARY [Patchless Cisco Flaw Breaks Cloud Encryption for ACI Traffic]( Vulnerable Nexus 9000 Series Fabric Switches in ACI mode should be disabled, Cisco advises. [StackRot Linux Kernel Bug Has Exploit Code on the Way]( Linus Torvalds led a Linux kernel team in developing a set of patches for the privilege escalation flaw. [Google Searches for 'USPS Package Tracking' Lead to Banking Theft]( Attackers are leveraging well-executed brand impersonation in a Google ads malvertising effort that collects both credit card and bank details from victims. [Botnets Send Exploits Within Days to Weeks After Published PoC]( Six months of honeypot data finds that 19% of traffic to sensors were malicious exploit attempts, and 95% of those attempts came from just three botnets. [Shell Becomes Latest Cl0p MOVEit Victim]( In another MOVEit attack, oil and gas giant Shell saw the release of the private information of its employees. [Privacy Woes Hold Up Global Instagram Threads Launch]( Meta's answer to Twitter went live and quickly racked up millions of members — but the social media app's privacy practices are under the microscope. [CISOs Find 'Business as Usual' Shows the Harsh Realities of Cyber-Risk]( C-suite security leaders are feeling less prepared to cope with cyberattacks and more at risk than last year. [Cybersecurity's Future Hinges on Stronger Public-Private Partnerships]( Public and private sector organizations must collaborate on a shared cybersecurity agenda to protect and benefit society at large. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Microsoft Can Fix Ransomware Tomorrow]( You can't encrypt a file you can't open — Microsoft could dramatically impact ransomware by slowing it down. [A Golden Age of AI … or Security Threats?]( Now is the time to build safeguards into nascent AI technology. [Microsoft Teams Exploit Tool Auto-Delivers Malware]( The "TeamsPhisher" cyberattack tool gives pen testers — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant. [MORE]( EDITORS' CHOICE [Cl0p's MOVEit Campaign Represents a New Era in Cyberattacks]( The ransomware group shows an evolution of its tactics with MOVEit zero-day — potentially ushering in a new normal when it comes to extortion supply chain cyberattacks, experts say. LATEST FROM DR TECHNOLOGY [Startup Spotlight: Endor Labs Focuses on Reachability]( The company, one of four finalists in Black Hat USA's 2023 startup competition, looks to find the vulnerabilities an attacker could actually access. LATEST FROM THE EDGE [Mitigating Risk With Threat Intelligence]( Dark Reading's latest special report looks at a missing, but necessary, ingredient to effective third-party risk management. LATEST FROM DR GLOBAL [African Nations Face Escalating Phishing & Compromised Password Cyberattacks]( Cyberattacks against organizations in some African nations increased significantly in 2022, despite a major expansion in cybersecurity hiring to support cloud and digital migration. WEBINARS - [State of DDoS: Mid-Year Threat Report]( Killnet, REvil and Anonymous Sudan - it's been a busy quarter in the DDoS realm. Threat actor groups have been targeting Western organizations in an attempt to disrupt our way of life. If you're finding it hard to keep track ... - [Finding a Backup Strategy That Works For You]( You've been hit with a ransomware, DDoS, natural disaster, or destructive cyberattack. One of the first questions: can we get our data back? Good back-ups are key to business continuity and disaster recovery, but backing up your data in preparation ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [The Cloud Security Workflow Handbook]( - [Top Ten Tips: Securing Multi-Cloud with Modern CSPM]( - [Rediscovering Your Identity]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Everything You Need to Know About DNS Attacks]( - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [83% of Brits Demand Messaging Apps Remain Private, Ahead of Threat From Online Safety Bill]( [Black Hat Announces Maria Markstedter, Jen Easterly, Viktor Zhora, and Kemba Walden As Keynote Speakers for Black Hat USA 2023]( [WatchGuard Threat Lab Report Reveals New Browser-Based Social Engineering Trends]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How to Use Threat Intelligence to Mitigate Third-Party Risk]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)