Microsoft Patches Wormable Vuln in Windows 7, 2003, XP, Server 2008 | 7 Steps for Effective Pen Tests

[TechWeb]( Follow Dark Reading: [RSS]( May 16, 2019 Top!Top?elq_mid=91070&elq_cid=22844169 LATEST SECURITY NEWS & COMMENTARY [Microsoft Patches Wormable Vuln in Windows 7, 2003, XP, Server 2008]( Microsoft releases security updates for some out-of-support systems to fix a bug that could be weaponized as a worm if exploited. [New Intel Vulnerabilities Bring Fresh CPU Attack Dangers]( Four newly discovered vulns from the speculative-execution family bring Meltdown-like threats to Intel's processors. [Website Attack Attempts Rose by 69% in 2018]( Millions of websites have been compromised, but the most likely malware isn't cyptomining: it's quietly stealing files and redirecting traffic, a new Sitelock report shows. [Attackers Are Messing with Encryption Traffic to Evade Detection]( Unknown groups have started tampering with Web traffic encryption, causing the number of fingerprints for connections using Transport Layer Security to jump from 19,000 to 1.4 billion in less than a year. [Introducing the Digital Transformation Architect]( Bet-the-company transformation that expands the attack surface requires close alignment and leadership across executive, IT and security teams. [78% of Consumers Say Online Companies Must Protect Their Info]( Yet 68% agree they also must do more to protect their own information. [MORE NEWS & COMMENTARY]( Middle!Middle?elq_mid=91070&elq_cid=22844169 HOT TOPICS [Baltimore Ransomware Attack Takes Strange Twist]( Tweet suggests possible screenshot of stolen city documents and credentials in the wake of attack that took down city servers last week. [Demystifying the Dark Web: What You Need to Know]( The Dark Web and Deep Web are not the same, neither is fully criminal, and more await in this guide to the Internet's mysterious corners. [Why AI Will Create Far More Jobs Than It Replaces]( Just as spreadsheets and personal computers created a job boom in the '70s, so too will artificial intelligence spur security analysts' ability to defend against advanced threats. [MORE]( EDITOR'S CHOICE [Effective Pen Tests Follow These 7 Steps]( Third-party pen tests are part of every comprehensive security plan. Here's how to get the most from this mandatory investment. [GDPR Drives Changes, but Privacy by Design Proves Elusive]( One year later, the EU mandate's biggest impact has been to focus more attention on data protection and privacy, security analysts say. [Name That Toon: End User Lockdown]( We provide the cartoon. You write the caption! Enter and win a $25 Amazon gift card. Tech Resources - [Building and Managing an IT Security Operations Program]( - [7 Ways to Get the Most from Your IDS/IPS]( - [Securing Real-Time Communications]( - [2019 Cyber Security Report]( - [Ribbon Analytics Application Portfolio]( - [[451 Report] Securing open source: Software composition analysis comes into its own]( - [Real-Time Phishing Threat Intelligence]( [ACCESS TECH LIBRARY NOW]( - [Dark Reading Virtual Event: What to Do When Hackers Attack]( In this fascinating and educational virtual event, you will hear advice and recommendations from some of the cybersecurity industry's top experts and speakers on the critical issues of breach investigation and incident response. - [Zero Trust in Practice]( Zero Trust is quickly becoming the dominant security model for the cloud, shifting the perimeter from the network to the people and devices that make up a modern workforce. Find out how you can get started with Zero Trust today! [MORE WEBINARS]( FEATURED REPORTS - [The State of Cyber Security Incident Response]( Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving. - [Online Malware & Threats: A Profile of Today's Security Posture]( This Dark Reading report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today! [MORE REPORTS]( CURRENT ISSUE [Building and Managing an IT Security Operations Program]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Sectigo Sponsors Let's Encrypt to Enable Certificate Transparency Log Operation]( [LogRhythm Releases Cloud-Based NextGen Security Information and Event Management (SIEM) Platform]( [SolarWinds Partners with SentinelOne to Grow Security Portfolio with Endpoint Detection and Response]( [Rackspace and Telos Team Up to Accelerate FedRAMP Journey]( [MORE PRODUCTS & RELEASES]( Dark Reading Weekly -- Published By [InformationWeek]( UBM Tech 2 Penn Plaza, 15th Floor, New York, NY 10121 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2019]( | [UBM Tech]( | [Privacy Statement]( | [Terms Of Service]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)