Microsoft Fixes 27 Remote Code Execution Flaws

[TechWeb](?elq_mid=79716&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170810&cid=NL_DR_EDT_DR_daily_20170810&elqTrackId=ea081b8646ce42519a6e36bf6ac0f854&elq=a271c546705949bbab3b33223f89152f&elqaid=79716&elqat=1&elqCampaignId=27567) Follow Dark Reading: [RSS]( August 10, 2017 Top!Top?elq_mid=79716&elq_cid=22844169 LATEST SECURITY NEWS & COMMENTARY [Microsoft Fixes 27 Remote Code Execution Flaws]( Microsoft issued patches for 48 vulnerabilities as part of its monthly Patch Tuesday update, 25 of which were 'critical.' [SMBs Practice Better IoT Security Than Large Enterprises Do]( Small-to midsized businesses are more prepared than big ones to face the next IoT attack: good news given the sharp rise in IoT botnet attacks in the first half of 2017, new reports released today show. [Carbon Black Refutes Claims of Flaw in its EDR Product]( Endpoint security firm responds to DirectDefense's report, noting that the information was shared voluntarily via a feature in the product that comes disabled by default. [Uptick in Malware Targets the Banking Community]( A number of recent attacks, using tactics old and new, have made off with an astonishing amount of money. How can financial institutions fight back? [Two Iranians Face Charges for Computer Hacking, Credit Card Fraud]( Federal prosecutors charged two Iranian nationals with identity theft and use of stolen credit card numbers as well as threatening to expose the breach to one of the victim's customers. [MORE NEWS & COMMENTARY]( HOT TOPICS [New Consortium Promotes Proper Data Sanitization Practices]( The International Data Sanitization Consortium (IDSC) will create guidelines and best practices for sanitizing data on hardware devices. [WannaCry 'Kill Switch' Creator Arrested in Vegas]( Federal authorities indicted and nabbed Marcus Hutchins, aka MalwareTech, for allegedly creating and distributing the Kronos banking Trojan. [Steganography Use on the Rise Among Cyber Espionage, Cybercrime Groups]( At least three cyber espionage campaigns and several malware samples in recent months have employed ancient technique, Kaspersky Lab says. [MORE]( IN CASE YOU MISSED IT [2017 Pwnie Awards: Who Won, Lost, and Pwned]( Security pros corralled the best and worst of cybersecurity into an award show highlighting exploits, bugs, achievements, and attacks from the past year. Tech Resources - [The DomainTools Report: Spring 2017 Edition]( - [GDPR Compliance: You Need an Action Plan, Do You Have One?]( - [Ransomware and the Limits of Conventional Protection]( - [Smarter Cybersecurity Solutions for Small & Mid-sized Businesses]( - [Gartner Reprint: Decommissioning Applications]( - [Legacy Decommissioning: Good for the Budget, Good for Compliance](-good-for-compliance-/391103?elq_mid=79716&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170810&cid=NL_DR_EDT_DR_daily_20170810&elqTrackId=8c41431dd35940ffb10601a0353a813a&elq=a271c546705949bbab3b33223f89152f&elqaid=79716&elqat=1&elqCampaignId=27567) - [Investigate Attacks Like Never Before]( [ACCESS TECH LIBRARY NOW]( - [Using Threat Data to Improve Your Cyber Defense]( Attend this webinar to learn how you can determine which threats pose the greatest danger to your enterprise, and how to analyze threat data and use it to help improve your organization's cyber defense. - [[Cloud Covered] Key Steps Security Professionals can Use to get Security into Your Org's Cloud Strategy]( Join us as we explore key steps security professionals can employ to get their security program into their organization's cloud strategy. This webinar will cover: - How organizations are limiting their security ROI - How to state the case for ... [MORE WEBINARS]( Partner Perspectives [Fight 'Credential Stuffing' with a New Approach to Authorization]( Token-based authorization that lets users prove their identity through Facebook, Google, or Microsoft credentials can dramatically reduce your attack surface and give enterprises a single point of control. [Can Your Risk Assessment Stand Up Under Scrutiny?]( Weak risk assessments have gotten a pass up until now, but that may be changing. [Lessons from Verizon: Managing Cloud Security for Partners]( The recent Verizon breach - data exposed by an insecure Amazon S3 bucket - highlights the need for enterprises to have visibility into how partners and other stakeholders keep their data secure. Middle!Middle?elq_mid=79716&elq_cid=22844169 FEATURED REPORTS - [[Security Breach Report] Overall Impact of & Steps to Prevent Breaches]( Despite the escalation of cybersecurity staffing and technology, enterprises continue to suffer data breaches and compromises at an alarming rate. How do these breaches occur? How are enterprises responding, and what is the impact of these compromises on the business? ... - [How to Invest in Cybersecurity & Prioritize Resources](strategic-security-report]-how-enterprises-are-attacking-the-cybersecurity-challenge/390403?elq_mid=79716&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170810&cid=NL_DR_EDT_DR_daily_20170810&elqTrackId=868f1dea7aa0425eb4a0689dffc2fead&elq=a271c546705949bbab3b33223f89152f&elqaid=79716&elqat=1&elqCampaignId=27567) In 2016, enterprises encountered a range of new exploits and threats -- including ransomware and state-sponsored attacks -- and developed new plans of defense. How will these organizations be investing their cybersecurity budgets and staffing in the next 12 months? What tools ... [MORE REPORTS]( CURRENT ISSUE [Security Vulnerabilities: The Next Wave]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Security Summit Alert: Tax Pros Warned of New Scam to Steal Their Passwords]( [Hackers: Privileged Accounts Provide Fastest Access to Sensitive, Critical Data]( [Darktrace Releases Version 3 of its AI Cyber Defense Solution]( [Perimeterx Raises $23 million to Expand AI Behavioral Threat Platform](23-million-to-expand-ai-behavioral-threat-platform-/d/d-id/1329567?elq_mid=79716&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170810&cid=NL_DR_EDT_DR_daily_20170810&elqTrackId=7bfb3cd1025d410a89ed31b87a31b961&elq=a271c546705949bbab3b33223f89152f&elqaid=79716&elqat=1&elqCampaignId=27567) [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [InformationWeek](?elq_mid=79716&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170810&cid=NL_DR_EDT_DR_daily_20170810&elqTrackId=828892a4424a481ab91eaa381f9076ab&elq=a271c546705949bbab3b33223f89152f&elqaid=79716&elqat=1&elqCampaignId=27567) UBM Tech 2 Penn Plaza, 15th Floor, New York, NY 10121 To update your profile, change your e-mail address, or unsubscribe, [cick here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2017]( | [UBM Tech]( | [Privacy Statement]( | [Terms Of Service]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)