9 New Microsoft Bugs to Patch Now

78 new CVEs patched in this month's batch — nearly half of which are remotely executable and three of which attackers already are exploiting. [TechWeb]( Follow Dark Reading: [RSS]( February 15, 2023 LATEST SECURITY NEWS & COMMENTARY [9 New Microsoft Bugs to Patch Now]( 78 new CVEs patched in this month's batch — nearly half of which are remotely executable and three of which attackers already are exploiting. [OT Network Security Myths Busted in a Pair of Hacks]( How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network. [Configuration Issues in SaltStack IT Tool Put Enterprises at Risk]( Researchers flag common misconfiguration errors and a template injection technique that could let an attacker take over the IT management network and connected systems. [Why SecDataOps Is the Future of Your Security Program]( The goal: Ensure that data is always finely curated and accessible, and that security decisions get made with high-fidelity data. [Lessons All Industries Can Learn From Automotive Security]( Industry standards must evolve as digital transformation makes all companies software companies. Security testing boosts development speed and software quality. [Oakland City Services Struggle to Recover From Ransomware Attack]( Fire emergency, 911 services functioning, along with Oakland financial systems, city says. [Hospitals Sued for Using Meta's Ad-Tracking Code, Violating HIPAA]( Lawsuits say hospitals using Meta Pixel code violated patient privacy — sharing conditions, medications, and more with Facebook. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [What Happened to #OpRussia?]( The cyberwar to attack Russia has never really stopped, despite a decreasing interest from the West. [Reddit Hack Shows Limits of MFA, Strengths of Security Training]( A tailored spear-phishing attack successfully convinced a Reddit employee to hand over their credentials and their one-time password, but soon after, the same worker notified security. [Healthcare in the Crosshairs of North Korean Cyber Operations]( CISA, FBI, and South Korean intelligence agencies warn that the North Korean government is sponsoring ransomware attacks to fund its cyber-espionage activities. [MORE]( EDITORS' CHOICE [Embattled VMware ESXi Hypervisor Flaw Exploitable in Myriad Ways]( It's not just Internet-accessible hosts that are vulnerable, researchers say. LATEST FROM THE EDGE [10 No-BS Tips for Building a Diverse and Dynamic Security Team]( Advice from women and nonbinary security leaders on creating well-rounded security teams, stronger CISO leadership, and a more resilient industry. LATEST FROM DR TECHNOLOGY [Expel Tackles Cloud Threats With MDR for Kubernetes]( The new managed detection and response platform simplifies cloud security for Kubernetes applications. WEBINARS - [Ten Emerging Vulnerabilities Every Enterprise Should Know]( Every day, black hat attackers and white hat researchers are discovering new security vulnerabilities in widely-used systems and applications that might be exploited to compromise your data. Are you aware of the newest - and potentially most impactful - vulnerabilities ... - [The Ransomware Evolution: Protecting Against Professionalized Cybercriminal Operations]( Ransomware gangs are highly professional operations, with teams dedicated for customer service, help-desk, software development, distribution, and even marketing. There are marketplaces where attackers can easily pick up ransomware and attack infrastructure. Does your organization understand what kind of cybercriminal ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [State of Email Security]( - [Ransomware Resilience and Response: The Next-Generation]( - [Ransomware Is On The Rise]( - [State of Ransomware Readiness: Facing the Reality Gap]( [View More White Papers >>]( FEATURED REPORTS - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Vaultree Appoints Technology Industry Veteran Rinki Sethi to Its Board of Directors]( [Cyber-Physical Systems Vulnerability Disclosures Reach Peak, While Disclosures by Internal Teams Increase 80% Over 18 Months]( [Ping Identity and Deloitte Forge Alliance to Give Organizations Advanced Identity and Access Solutions]( [SynSaber Launches a Free OT PCAP Analyzer Tool for the Industrial Security Community]( [ThreatConnect Closes 2022 with Accelerated Growth in Threat Intelligence Operations (TI Ops)]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Promise and Reality of Cloud Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)