Windows Hello for Business Opens Door to New Attack Vectors

[TechWeb]( Follow Dark Reading: [RSS]( November 19, 2019 LATEST SECURITY NEWS & COMMENTARY [Windows Hello for Business Opens Door to New Attack Vectors]( Researchers exploring Windows Hello for Business found an Active Directory backdoor and other attack vectors that could lead to privilege escalation. [Americans Fed Up With Lack of Data Privacy]( Eight out of every 10 US adults are worried over their inability to control how data about them is used, a new Pew Research survey shows. [GitHub Initiative Seeks to Secure Open Source Code]( New Security Lab will give researchers, developers, code maintainers, and organizations a way to coordinate efforts on addressing vulnerabilities. [Human Nature vs. AI: A False Dichotomy?]( How the helping hand of artificial intelligence allows security teams to remain human while protecting themselves from their own humanity being used against them. [Quantum Computing Breakthrough Accelerates the Need for Future-Proofed PKI]( Public key infrastructure is a foundational security tool that has evolved to become a critical base for future advancements. Today's generation of PKI can be coupled with quantum-resistant algorithms to extend the lifespan of digital certificates for decades. [Disney+ Credentials Land in Dark Web Hours After Service Launch]( The credentials, priced from free to $11 per account, appear to be due to victims' re-use of logins and passwords. [Facebook Discloses WhatsApp MP4 Video Vulnerability]( A stack-based buffer overflow bug can be exploited by sending a specially crafted video file to a WhatsApp user. [MORE NEWS & COMMENTARY]( HOT TOPICS [Soft Skills: 6 Nontechnical Traits CISOs Need to Succeed]( Degrees, certifications, and experience are all important to career development, but mastering the people side of the equation may matter a whole lot more, CISOs say. [5 Cybersecurity CISO Priorities for the Future]( Seven chief information security officers share their pain points and two-year spending plans. [SHAKEN/STIR: Finally! A Solution to Caller ID Spoofing?]( The ubiquitous Caller ID hasn't changed much over the years, but the technology to exploit it has exploded. That may be about to change. [MORE]( EDITORS' CHOICE [13 Security Pros Share Their Most Valuable Experiences]( From serving as an artillery Marine to working a help desk, a baker's dozen of security pros share experiences that had the greatest influence on their careers. [Unreasonable Security Best Practices vs. Good Risk Management]( Perfection is impossible, and pretending otherwise just makes things worse. Instead, make risk-based decisions. NEW FROM THE EDGE [How Medical Device Vendors Hold Healthcare Security for Ransom]( While being pummeled by ransomware attacks, healthcare centers also face growing IoT-related threats. Here's how they manage security amid a complex set of risks. Tech Resources - [Getting Started With Emerging Technologies]( - [[Infographic] Are You Maximizing Value of the Cloud?]( - [2019 State of DevOps]( - [2019 Malware Trends of the Phishing Landscape]( - [The Silent Threat: Third Party Cyber Risk]( - [5 Steps to Keep Network Security Enforcement Points Secure and Up-To-Date]( - [Healthcare Cyber Heists in 2019]( [ACCESS TECH LIBRARY NOW]( - [Enterprise IoT: Rise of the Unmanaged Devices]( Join the leading enterprise IoT security company, along with IBM Security Services, to see real-life scenarios of these new unmanaged devices - from enterprise to healthcare to manufacturing. - [[Unified Communications Security] How Analytics Addresses the Threats You Don't Even Know About]( As unified communications (UC) adoption grows, so too do the bad actors who prey on vulnerabilities. The source of vulnerabilities stem from a lack of understanding risks and subsequent lack of best practices to address UC security threats. When a ... [MORE WEBINARS]( FEATURED REPORTS - [Rethinking Enterprise Data Defense]( - [The Definitive Guide to Managed Detection and Response (MDR)]( [MORE REPORTS]( CURRENT ISSUE [Navigating the Deluge of Security Data]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Nuspire Security Researchers Discover 730% Increase in Emotet Activity]( [Kaspersky: More Senior Execs Making Cyber Decisions]( [MITRE Engenuity Announces the Center for Threat-Informed Defense]( [Trend Micro Launches Smart Factory Security Solutions]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2019]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)