Microsoft Outlook Zero-Click Security Flaws Triggered by Sound File | Novel SMTP Smuggling Technique Slips Past DMARC

Attackers can chain the vulnerabilities to gain full remote code execution. [TechWeb]( Follow Dark Reading: [RSS]( December 21, 2023 LATEST SECURITY NEWS & COMMENTARY [Microsoft Outlook Zero-Click Security Flaws Triggered by Sound File]( Attackers can chain the vulnerabilities to gain full remote code execution. [Novel SMTP Smuggling Technique Slips Past DMARC, Email Protections]( Attackers can spoof millions of email addresses to create targeted phishing attacks using flaws in Microsoft, GTX, and Cisco Secure Email Gateway servers. [Defiant BlackCat Gang Stands Up New Site, Calls for Revenge Attacks]( Ransomware group tries to claw back operations following FBI disruption, and lifts a previous ban on attacks against critical infrastructure in retaliation. [Patch Now: Exploit Activity Mounts for Dangerous Apache Struts 2 Bug]( CVE-2023-50164 is harder to exploit than the 2017 Struts bug behind the massive breach at Equifax, but don't underestimate the potential for attackers to use it in targeted attacks. [Pro-Israeli Hacktivists Attack Iranian Gas Stations]( Iranian officials blame a software issue for the "disruption" to gasoline pumps. [Volt Typhoon-Linked SOHO Botnet Infects Multiple US Gov't Entities]( Chinese threat actors are taking advantage of the poor state of edge security to breach both small and big fish. [Attackers Exploit 6-Year-Old Microsoft Office Bug to Spread Spyware]( Malicious attachments that exploit an RCE flaw from 2017 are propagating Agent Tesla via socially engineered emails and an evasive infection method. [Comcast Xfinity Breached via CitrixBleed; 35M Customers Affected]( A trove of personal data belonging to millions of Americans is just the latest bullet point in a bad year for Citrix customers. [Fresh Qakbot Sightings Confirm Recent Takedown Was a Temporary Setback]( Microsoft and several others have reported seeing the noxious malware surfacing again in a campaign targeting the hospitality industry. [Feds Snarl ALPHV/BlackCat Ransomware Operation]( Dark Web chatter indicates that Scattered Spider worked with the FBI to take down the BlackCat/ALPHV operation. [Microsoft: Multiple Perforce Server Flaws Allow for Network Takeover]( The most critical of the bugs gives attackers privileged access to the local Windows system, paving the way for unauthenticated RCE and installing backdoors. [Millions of Microsoft Accounts Power Lattice of Automated Cyberattacks]( Crimeware-as-a-service (CaaS) gang flies past CAPTCHAs, creating fraudulent accounts to sell to the likes of Scattered Spider; Microsoft mounts a counterattack. [Why I Chose Google Bard to Help Write Security Policies]( Large language models (LLMs) like Bard and ChatGPT can help produce simpler, more readable security documentation in a fraction of the time it takes to do it manually. [Name That Toon: Just for Kicks]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [Adapting to the Post-SolarWinds Era: Supply Chain Security in 2024]( Three years after the SolarWinds attack, new revelations show more must be done to help prevent such a drastic security breach from happening again. [Omdia: Standalone Security Products Outsell Cybersecurity Platforms]( Cybersecurity platform vendors say enterprises want to buy fewer solutions from fewer vendors. Omdia research, however, tells a different, more nuanced story. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [3 Ways to Use Real-Time Intelligence to Defeat Bots]( Threat intelligence feedback loops are an increasingly vital tool in the escalating battle against bots. [Soft Skills Every CISO Needs to Inspire Better Boardroom Relationships]( Now more than ever, CISOs have an opportunity to impact business strategy and change the culture of their organization. [Safeguarding Our Children's Digital Future: A Call to Action]( Frequent cyberattacks on America's schools are putting our children at risk. Urgent action is needed to protect students and families. [Changing How We Think About Technology]( To make real change, organizations need to augment logical thinking with critical thinking. [MORE]( PRODUCTS & RELEASES [Black Hat Europe 2023 Closes on Record-Breaking Event in London]( [Console & Associates, P.C.: ESO Solutions Notifies 2.7M People of Data Breach That Leaked Their SSNs]( [SANS Institute Research Shows What Frameworks, Benchmarks, and Techniques Organizations Use on their Path to Security Maturity]( [Zero Networks Raises $20M in Series B to Prevent Attackers from Spreading in Corporate Networks]( [ONCD Welcomes Mr. Harry Coker, Jr. as Next National Cyber Director]( [Salvador Technologies Raises $6M to Empower Cyber Resilience in Operational Technologies and Critical Infrastructures]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Pro-Hamas Cyberattackers Aim 'Pierogi' Malware at Multiple Mideast Targets]( Gaza Cybergang has created a new backdoor version stuffed with tools to spy on and attack targets. LATEST FROM THE EDGE [How States Help Municipalities Build Their Cyber Defenses]( State CISOs and cybersecurity task forces are grappling with the best ways to use federal grant money to keep their citizens safe online. LATEST FROM DR TECHNOLOGY [Smartphones That Help You Bust Out of the Android/iOS Ecosystem]( If you are in the market for a smartphone but want to break away from the Apple-Google duopoly, look no further: These alternative smartphones are based on various Linux variants and custom hardware. LATEST FROM DR GLOBAL [Israel Blames Iran for Hospital Data Breach]( Israeli intelligence said a cyber unit of Hezbollah also was involved in the cyberattack. WEBINARS - [What's In Your Cloud?]( - [Everything You Need to Know About DNS Attacks]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Threat Terrain of the Modern Factory: Survey of Programmable Assets and Robot Software]( - [IT Zero Trust vs. OT Zero Trust: It's all about Availability]( - [The OT Zero Trust Handbook: Implementing the 4 Cornerstones of OT Security]( - [2023 Snyk AI-Generated Code Security Report]( - [Migrations Playbook for Saving Money with Snyk + AWS]( - [Increase Speed and Accuracy with AI Driven Static Analysis Auditing]( - [The Developers Guide to API Security]( [View More White Papers >>]( FEATURED REPORTS - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Everything You Need to Know About DNS Attacks]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... [View More Dark Reading Reports >>]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=120055&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Weekly_12.21.23&sp_cid=51098&utm_content=DR_NL_Dark%20Reading%20Weekly_12.21.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#12 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)