Microsoft Patches Zero-Day Actively Exploited in the Wild | 25 Years of Black Hat

The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit. [TechWeb]( Follow Dark Reading: [RSS]( August 11, 2022 LATEST SECURITY NEWS & COMMENTARY [Microsoft Patches Zero-Day Actively Exploited in the Wild]( The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit. [10 Malicious Code Packages Slither into PyPI Registry]( The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks. [Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War]( A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams. [Genesis IAB Market Brings Polish to the Dark Web]( As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy. [A Ransomware Explosion Fosters Thriving Dark Web Ecosystem]( For the right price, threat actors can get just about anything they want to launch a ransomware attack — even without technical skills or any previous experience. [35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?]( In the last month, "Pl0xP" cloned several GitHub repositories, adding malicious code to the forks that would attempt to infect developer systems and steal sensitive files that included software keys. [Rethinking Software in the Organizational Hierarchy]( Least privilege is a good defense normally applied only to users. What if we limited apps' access to other apps and network resources based on their roles and responsibilities? [Compliance Certifications: Worth the Effort?]( Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential. [Domino's Takes a Methodical Approach to IoT]( The success of Domino's Flex IoT project can be attributed in large part to the security best practices it followed. [A Digital Home Has Many Open Doors]( Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access. [The Myth of Protection Online — and What Comes Next]( It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions. [Pipeline Operators Are Headed in the Right Direction, With or Without TSA's Updated Security Directives]( A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better. [Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks]( Machine-learning algorithms alone may miss signs of a successful attack on your organization. MORE FROM BLACK HAT [Why Bug-Bounty Programs Are Failing Everyone]( In a Black Hat USA talk, Katie Moussouris will discuss why bug-bounty programs are failing in their goals, and what needs to happen next to use bounties in a way that improves security outcomes. [Large Language AI Models Have Real Security Benefits]( Complex neural networks, including GPT-3, can deliver useful cybersecurity capabilities, such as explaining malware and quickly classifying websites, researchers find. [How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes]( Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT. [MORE NEWS /]( [MORE COMMENTARY]( LATEST FROM THE EDGE [What Worries Security Teams About the Cloud?]( What issues are cybersecurity professionals concerned about in 2022? You tell us! LATEST FROM DR TECHNOLOGY [We Have the Tech to Scale Up Open Source Vulnerability Fixes — Now It's Time to Leverage It]( Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation. HOT TOPICS [5 Ways Chess Can Inspire Strategic Cybersecurity Thinking]( Rising interest in chess may feed the next generation of cybersecurity experts. [MORE]( NEWS FROM BLACK HAT [Dark Reading News Desk: Live at Black Hat USA 2022]( TODAY at 10 PT: Dark Reading News Desk returns to Black Hat USA 2022 [Looking Back at 25 Years of Black Hat]( The Black Hat USA conference's silver jubilee is an opportunity to remember its defining moments, the impact it has made on the security community, and its legacy. [New HTTP Request Smuggling Attacks Target Web Browsers]( Threat actors can abuse weaknesses in HTTP request handling to launch damaging browser-based attacks on website users, researcher says. [Stolen Data Gives Attackers Advantage Against Text-Based 2FA]( With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place. [Russia-Ukraine Conflict Holds Cyberwar Lessons]( Initial attacks used damaging wiper malware and targeted infrastructure, but the most enduring impacts will likely be from disinformation, researchers say. At Black Hat USA, SentinelOne's Juan Andres Guerrero-Saade and Tom Hegel will discuss. [Overcoming the Fail-to-Challenge Vulnerability With a Friendly Face]( Ahead of their Black Hat USA talk in August, Simon Pavitt and Stephen Dewsnip explain the value of helping people practice cyber defense via a "malicious floorwalker" exercise. [Software Development Pipelines Offer Cybercriminals 'Free-Range' Access to Cloud, On-Prem]( A Q&A with NCC Group's Viktor Gazdag ahead of a Black Hat USA session on CI/CD pipeline risks reveals a scary, and expanding, campaign vector for software supply chain attacks and RCE. [Abusing Kerberos for Local Privilege Escalation]( Upcoming Black Hat USA presentation will examine the implications of Kerberos weaknesses for security on the local machine. [Cyberattackers Increasingly Target Cloud IAM as a Weak Link]( At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers. [How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes]( Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT. [Stolen Data Gives Attackers Advantage Against Text-Based 2FA]( With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place. [Cyberattackers Increasingly Target Cloud IAM as a Weak Link]( At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers. WEBINARS - [Understanding Machine Learning, Artificial Intelligence, & Deep Learning, and When to Use Them]( Advancements in artificial intelligence technology and machine learning and deep learning algorithms promise to transform enterprise security by giving IT security teams tools to detect and respond to attacks faster than before. Before security teams can use these tools, they ... - [Ransomware Resilience and Response: The Next Generation]( When ransomware locks up your business's critical data and essential gear, there is no time to figure out what to do. There is only time to act - without panicking. That's why a good ransomware response playbook is essential: Do ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Implementing Zero Trust In Your Enterprise: How to Get Started]( - [Five Best Practices for AWS Security Monitoring]( - [Eight Best Practices for a Data-Driven Approach to Cloud Migration]( - [Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal]( - [The Many Risks of Modern Application Development]( - [The Many Facets of Modern Application Development]( - [Endpoint Detection Net Suite Use Cases]( [View More White Papers >>]( FEATURED REPORTS - [State of the Cloud: A Security Perspective]( Cloud computing has evolved over the years from a nice-to-have item on the IT wish list to a core technology driving business initiatives. But despite widespread adoption, cloud-based IT systems continue to be saddled with issues related to data security, ... - [Rethinking Endpoint Security in a Pandemic and Beyond]( IT security teams are expending the concept of "endpoint security" as companies adjust to a distributed workforce. How much responsibility will enterprise IT take for the security of personal devices such as printers. How will they manage identities across multiple ... - [How Enterprises Are Securing the Application Environment]( Download this report from Dark Reading to learn more about the measures enterprises have adopted to ensure the security of their internally developed applications and third-party packaged applications. [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Mimecast Announces Mimecast X1™ Platform Providing Customers With Email and Collaboration Security]( [OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022]( [Bugcrowd Taps Top Hackers for Live Hacking Event with Indeed at 2022 Black Hat Conference]( [Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape]( [Flow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round]( [US Oil and Gas Sector at Risk of a Cyberbreach, According to BreachBits Study]( [Lacework Updates Threat Detection To Uncover More Malicious Activity and Speed Investigation at Scale]( [Cybrary Unveils Next-Generation Interactive, Hands-On Training Experience to Upskill Cybersecurity Professionals]( [HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Black Hat USA 2022 Attendee Report]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)