Microsoft Details New Security Features for Windows 11

Security features to come include a TPM-like security processor for protecting artifacts that a computer uses during the secure boot-up process, as well as a control for blocking unsigned and untrusted apps. [TechWeb]( Follow Dark Reading: [RSS]( April 06, 2022 LATEST SECURITY NEWS & COMMENTARY [Microsoft Details New Security Features for Windows 11]( Security features to come include a TPM-like security processor for protecting artifacts that a computer uses during the secure boot-up process, as well as a control for blocking unsigned and untrusted apps. [Developers Increasingly Prioritize Secure Coding]( But "old habits are hard to break," with 48% of developers still shipping code with vulnerabilities. [FIN7 Morphs into a Broader, More Dangerous Cybercrime Group]( Mandiant has now tied the group to at least eight unattributed clusters of activity targeting organizations across various industries and regions. ['Human Behavior' Security Startup Nets $7M in Seed]( Nudge Security plans a general launch of its cloud-based service later this year. [What We Can Learn From Lapsus$ Techniques]( The group is targeting the biggest weak spot in most security postures: finding anomalous behavior by authorized entities. [How to Prepare for Cyber Threats During the Russian Invasion of Ukraine]( Remain calm, maintain control, and triage responses appropriately to ensure that the organization can remain resilient against threats during this crisis and through others to come. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Apple's Zero-Day Woes Continue]( Two new bugs in macOS and iOS disclosed this week add to the growing list of zero-days the company has rushed to patch over the past year. [Smart Cities: Secure by Design? It Takes a Village]( Smart-city security breaches have potentially very serious consequences — they can be economically devastating and even life-threatening, if handled wrong. [Security's Life Cycle Isn't the Developers' Life Cycle]( Whether it's PCI-DSS, SSDLC, or GDPR, the criteria that security standards expect businesses to uphold are neither realistic or feasible. [MORE]( EDITORS' CHOICE [Millions of Installations Potentially Vulnerable to Spring Framework Flaw]( Internet scan indicates hundreds of thousands of vulnerable installations, while data from the major Java repository suggests millions, firms say. LATEST FROM THE EDGE [Name That Edge Toon: In Deep Water]( Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. LATEST FROM DR TECHNOLOGY [How IP Data Can Help Security Professionals Protect Their Networks]( Beefing up security requires a combination of forensic efforts and proactive mitigation. IP context aids both. Tech Resources - [Improving Operations with AI-Assisted Cybersecurity]( - [Unlocking Human Potential in SOC Teams With AI-Assisted Cybersecurity]( - [Quantifying the Gap Between Perceived Security and Comprehensive MITRE ATT&CK Coverage]( - [The Cyber Threat Impact of COVID-19 to Global Business]( - [2022 Insurance Industry Cyber Threat Landscape Report]( - [Managed Security and the 3rd Party Cyber Risk Opportunity Whitepaper]( - [TIM Whitepaper]( [ACCESS TECH LIBRARY NOW]( - [Protecting Industrial Control Systems from Modern Threats]( A 2021 attack on an industrial control system (ICS) at a water treatment plant in a small town in Florida raised eyebrows and surfaced new fears about the risks these kind of systems face. Unfortunately, many ICS systems are working on ... - [Rethinking Asset Management to Improve Enterprise Security]( One common reason behind many enterprise security breaches is that attackers found a system, application, or device that security teams didn't know they had. Attackers can tamper with these unknown systems to make them look legitimate, and security defenders may ... [MORE WEBINARS]( FEATURED REPORTS - [Rethinking Endpoint Security in a Pandemic and Beyond]( IT security teams are expending the concept of "endpoint security" as companies adjust to a distributed workforce. How much responsibility will enterprise IT take for the security of personal devices such as printers. How will they manage identities across multiple ... - [How Enterprises Plan to Address Endpoint Security Threats in a Post-Pandemic World]( Dark Reading's 2022 Endpoint Security Report examines how IT and cybersecurity professionals are grappling with the impact of pandemic-related changes on endpoint security strategies. The report explores how they are building their endpoint security defenses, and provides insight on what organizations ... [MORE REPORTS]( CURRENT ISSUE [How Enterprises Are Securing the Application Environment]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Qualys Delivers Multi-Vector EDR 2.0 with Enhanced Prioritization to Quickly Surface the Most Critical Incidents]( [Citrix® Modernizes Security to Accommodate Hybrid Work]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)