8 of the 10 Most Exploited Bugs Last Year Involved Microsoft Products

[TechWeb]( Follow Dark Reading: [RSS]( February 05, 2020 LATEST SECURITY NEWS & COMMENTARY [8 of the 10 Most Exploited Bugs Last Year Involved Microsoft Products]( Six of them were the same as from the previous year, according to new Recorded Future analysis. [SharePoint Bug Proves Popular Weapon for Nation-State Attacks]( Thousands of servers could be exposed to SharePoint vulnerability CVE-2019-0604, recently used in cyberattacks against Middle East government targets. [Companies Pursue Zero Trust, but Implementers Are Hesitant]( Almost three-quarters of enterprises plan to have a zero-trust access model by the end of the year, but nearly half of cybersecurity professionals lack the knowledge to implement the right technologies, experts say. [Kubernetes Shows Built-in Weakness]( A Shmoocon presentation points out several weaknesses built in to Kubernetes configurations and how a researcher can exploit them. [Ransomware Attacks: Why It Should Be Illegal to Pay the Ransom]( For cities, states and towns, paying up is short-sighted and only makes the problem worse. [Twitter Suspends Fake Accounts Abusing Feature that Matches Phone Numbers and Users]( The company believes state-sponsored actors may also be involved. [Microsoft DART Finds Web Shell Threat on the Rise]( Various APT groups are successfully using Web shell attacks on a more frequent basis. [MORE NEWS & COMMENTARY]( HOT TOPICS [Two Vulnerabilities Found in Microsoft Azure Infrastructure]( Researchers detail the process of finding two flaws in the Azure Stack architecture and Azure App Service, both of which have been patched. [Aftermath of a Major ICS Hacking Contest]( Pwn2Own Miami could help spur more research on and attention to the security of industrial control system products, experts say. [Researchers Find 24 'Dangerous' Android Apps with 382M Installs]( Shenzhen Hawk Internet Co. is identified as the parent company behind five app developers seeking excessive permissions in Android apps. [MORE]( EDITORS' CHOICE [7 Ways SMBs Can Secure Their Websites]( Here's what small and midsize businesses should consider when they decide it's time to up their website security. [What WON'T Happen in Cybersecurity in 2020]( Predictions are a dime a dozen. Here are six trends that you won't be hearing about anytime soon. NEW FROM THE EDGE [C-Level & Studying for the CISSP]( One CTO tells us about his belated pursuit of a foundational infosecurity certification -- why he wanted it and what it took. Tech Resources - [The Forgotten Link Between Linux Threats & Cloud Security]( - [Black Hat 2019 Hacker Survey Report]( - [One Phish, Two Phish, Three Phish, Fraud Phish]( - [KX III for High Performance Video Applications]( - [Serial Console Servers]( - [5 Steps to Perimeter-Less Security: Adopting Zero-Trust to Secure Access]( - [What to Expect When You're Expecting a Data Breach: End of Year Report]( [ACCESS TECH LIBRARY NOW]( - [Find Out How to Link & Integrate Your Disparate Security Systems]( - [Getting the Most from Threat Intelligence]( In this webinar, learn how to take a fresh look at external threat intelligence and ensure you have an up-to-date view of attackers' means, motives and opportunity. [MORE WEBINARS]( FEATURED REPORTS - [Black Hat 2019 Hacker Survey Report]( - [2019 Threat Hunting Report]( [MORE REPORTS]( CURRENT ISSUE [IT 2020: A Look Ahead]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [McAfee Research Reveals Election Website Security Shortcomings in 2020 Battleground States]( [Tripwire Expands Industrial Security Capabilities, Launches Industrial Appliance Line, Joins ISA Global Security Alliance]( [Cowbell Cyber Demystifies Cyber Insurance with Cowbell Prime 100]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2020]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)