Newsletter Subject

Google's .zip, .mov Domains Give Social Engineers a New Tool | OAuth Flaw in Expo Platform Affects 100s of Sites, Apps

From

ubm.com

Email Address

darkreading@am.amtechwebresources.com

Sent On

Thu, May 25, 2023 03:09 PM

Email Preheader Text

Security professionals warn that Google's new top-level domains, .zip and .mov, pose social engineer

Security professionals warn that Google's new top-level domains, .zip and .mov, pose social engineering risks while providing little reason for their existence. [TechWeb]( Follow Dark Reading: [RSS]( May 25, 2023 LATEST SECURITY NEWS & COMMENTARY [Google's .zip, .mov Domains Give Social Engineers a Shiny New Tool]( Security professionals warn that Google's new top-level domains, .zip and .mov, pose social engineering risks while providing little reason for their existence. [OAuth Flaw in Expo Platform Affects Hundreds of Third-Party Sites, Apps]( A cybersecurity vulnerability found in an implementation of the social login functionality opens the door to account takeovers and more. ['Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs]( According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea. [Microsoft: BEC Attackers Evade 'Impossible Travel' Flags With Residential IP Addresses]( Threat actors are circumventing geo-location-based security detections, using a combination of cybercrime-as-a-service platforms and the purchasing of local IP addresses. [Bridgestone CISO: Lessons From Ransomware Attack Include Acting, Not Thinking]( A February 2022 attack knocked the giant tire maker's North American operations offline for several days. [PyPI Shuts Down Over the Weekend, Says Incident Was Overblown]( The climate of concern around open source security and supply chain attacks may have caused a small story to become a big one. [3 Common Initial Attack Vectors Account for Most Ransomware Campaigns]( The data shows how most cyberattacks start, so basic steps can help organizations avoid becoming the latest statistic. [Apple Patches 3 Zero-Days Possibly Already Exploited]( In an advisory released by the company, Apple revealed patches for three previously unknown bugs it says may already have been used by attackers. [Meta Hit With $1.3B Record-Breaking Fine for GDPR Violations]( The technology conglomerate has until later this year to end its transfer of European user's data across the Atlantic. [3 Ways Hackers Use ChatGPT to Cause Security Headaches]( As ChatGPT adoption grows, the industry needs to proceed with caution. Here's why. [Cyber Warfare Lessons From the Russia-Ukraine Conflict]( Techniques used in cyber warfare can be sold to anyone — irrespective of borders, authorities, or affiliations. We need to develop strategies to respond at scale. [Keep Your Friends Close and Your Identity Closer]( As we share an increasing amount of personal information online, we create more opportunities for threat actors to steal our identities. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Talking Security Strategy: Cybersecurity Has a Seat at the Boardroom Table]( Pending new SEC rules reinforce how integral cybersecurity is to modern business operations, and will help close the gap between security teams and those making policy decisions. [Enterprises Must Prepare Now for Shorter TLS Certificate Lifespans]( Shorter certificate lifespans are beneficial, but they require a rethink of how to properly manage them. [5 Questions to Ask When Evaluating a New Cybersecurity Technology]( Any new cybersecurity technology should be not just a neutral addition to a security stack but a benefit to the other technologies or people managing them. [MORE]( EDITORS' CHOICE [Microsoft Azure VMs Hijacked in Cloud Cyberattack]( Cybercrime group that often uses smishing for initial access bypassed traditional OS targeting and evasion techniques to directly gain access to the cloud. LATEST FROM DR GLOBAL [Israeli Shipping, Logistics Companies Targeted in Watering Hole Attacks]( Researchers say the Iranian nation-state actor known as Tortoiseshell could be behind the attacks. LATEST FROM THE EDGE [What Security Professionals Need to Know About Aggregate Cyber-Risk]( Widespread cyber incidents will happen, but unlike natural disasters, specific security controls can help prevent a catastrophe. LATEST FROM DR TECHNOLOGY [Google Adds Guardrails to Keep AI in Check]( Companies are starting to address the misuse of artificial intelligence (AI). At Google I/O, for example, executives promised its AI has safety measures. WEBINARS - [Mastering Endpoint Security: The Power of Least Privilege]( Join us at one of our upcoming live and interactive events we will explore the critical role of least privilege in endpoint security, how it helps to systematically strengthen organization's security posture, and provides a solid foundation for endpoint security ... - [Here's What Zero Trust Really Means]( Credential theft, lateral movement and other cyberattack tricks have foiled perimeter security again and again. We know that the old philosophy of trusting everything and everyone inside a network is no longer sound. The zero-trust model - trust nothing, verify ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Ultimate Guide to the CISSP]( - [Welcome to Modern Web App Security]( - [AppSec Best Practices: Where Speed, Security, and Innovation Meet in the Middle]( - [Large Insurer goes beyond Breach and Attack Simulation (BAS) with Cymulate]( - [What Are the Top and Niche Use Cases for Breach and Attack Simulation Technology?]( - [2023 Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP)]( - [Top Ten Tips: Securing Multi-Cloud with Modern CSPM]( [View More White Papers >>]( FEATURED REPORTS - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... - [Shoring Up the Software Supply Chain Across Enterprise Applications]( Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Netwrix Report: Enterprises Suffer More Ransomware and Other Malware Attacks Than Smaller Organizations]( [Appdome Launches Build-to-Test, Automated Testing Option for Protected Mobile Apps]( [Technology Veterans James Wickett and Ken Johnson Launch DryRun Security to Bring Security to Developers]( [Satori Augments Its Data Security Platform With Posture Management and Data Store Discovery Capabilities]( [AppSec Teams Stuck in Catch-Up Cycle Due to Massive Cloud-Native Enablement Gap]( [OX Security Launches OX-GPT, AppSec's First ChatGPT Integration]( [CommonMagic APT Campaign Broadens Target Scope to Central and Western Ukraine]( [Honeywell Releases Cyber Insights to Better Identify Cybersecurity Threats and Vulnerabilities]( [Harvard Pilgrim Health Care Notifies Individuals of Privacy Incident]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)

Marketing emails from ubm.com

View More
Sent On

26/03/2024

Sent On

26/03/2024

Sent On

26/03/2024

Sent On

26/03/2024

Sent On

26/03/2024

Sent On

26/03/2024

Email Content Statistics

Subscribe Now

Subject Line Length

Data shows that subject lines with 6 to 10 words generated 21 percent higher open rate.

Subscribe Now

Average in this category

Subscribe Now

Number of Words

The more words in the content, the more time the user will need to spend reading. Get straight to the point with catchy short phrases and interesting photos and graphics.

Subscribe Now

Average in this category

Subscribe Now

Number of Images

More images or large images might cause the email to load slower. Aim for a balance of words and images.

Subscribe Now

Average in this category

Subscribe Now

Time to Read

Longer reading time requires more attention and patience from users. Aim for short phrases and catchy keywords.

Subscribe Now

Average in this category

Subscribe Now

Predicted open rate

Subscribe Now

Spam Score

Spam score is determined by a large number of checks performed on the content of the email. For the best delivery results, it is advised to lower your spam score as much as possible.

Subscribe Now

Flesch reading score

Flesch reading score measures how complex a text is. The lower the score, the more difficult the text is to read. The Flesch readability score uses the average length of your sentences (measured by the number of words) and the average number of syllables per word in an equation to calculate the reading ease. Text with a very high Flesch reading ease score (about 100) is straightforward and easy to read, with short sentences and no words of more than two syllables. Usually, a reading ease score of 60-70 is considered acceptable/normal for web copy.

Subscribe Now

Technologies

What powers this email? Every email we receive is parsed to determine the sending ESP and any additional email technologies used.

Subscribe Now

Email Size (not include images)

Font Used

No. Font Name
Subscribe Now

Copyright © 2019–2024 SimilarMail.