Windows Defender-Pretender Attack Dismantles Flagship Microsoft EDR

A newly patched flaw in Windows Defender allows attackers to hijack the signature-update process to sneak in malware, delete benign files, and inflict mayhem on target systems. [TechWeb]( Follow Dark Reading: [RSS]( August 10, 2023 LATEST SECURITY NEWS & COMMENTARY [Windows Defender-Pretender Attack Dismantles Flagship Microsoft EDR]( A newly patched flaw in Windows Defender allows attackers to hijack the signature-update process to sneak in malware, delete benign files, and inflict mayhem on target systems. [Black Hat Opens With Call to Steer AI From Predictions to Policy]( Without cybersecurity guardrails now, AI will be harder to harness in the future. ['Downfall' Bug in Billions of Intel CPUs Reveals Major Design Flaw]( A newly revealed flaw affects a good chunk of the world's computers. A patch has been released, but broad, structural change in CPU design will be required to address the root cause. [DAY 2! Dark Reading News Desk: Live at Black Hat USA 2023]( Dark Reading News Desk returns for a second day of interviews from Black Hat USA 2023. The livestream will start at 10 a.m. PT. [Private Key Leaks Allow Attackers to Empty Crypto Investors' Wallets]( Digital signature schemes designed to protect crypto investors are vulnerable to leakage. [It's Time for Cybersecurity to Talk About Climate Change]( From e-waste to conference swag to addressing data center energy consumption, cybersecurity stakeholders need a whole-industry approach to being part of the solution and reducing the risk of climate change. [C-Suite Cybersecurity Sign-off Hinges on Customer Trust, Digital Opps]( Omdia's Maxine Holt says cybersecurity practitioners need to emphasize their role in growing the business, not just preventing breaches. [OWASP Lead Flags Gaping Hole in Software Supply Chain Security]( SBOMs aren't enough: Developers need to dig deeper into how software is built by using a process called binary source validation. [RedHotel Checks in as Dominant China-Backed Cyberspy Group]( The APT has been rampaging across three continents on behalf of China's Ministry of State Security, and now claims the throne as kings of intelligence gathering and economic espionage. [New LLM Tool Seeks and Remediates Vulnerabilities]( Vicarius launched vuln_GPT, which it says will generate and execute scripts to ameliorate flaws such as the TETRA backdoor. [Why Shellshock Remains a Cybersecurity Threat After 9 Years]( Nearly a decade after it was disclosed, the Shellshock vulnerability still plagues organizations. Learn how to protect yourself. [Top 3 Insights I Learned at Recent Cybersecurity Events]( Events like RSA Conference and Infosecurity Europe provide industry collaboration opportunities required to address the evolving cybersecurity threat landscape. [(Sponsored Article) How to Prepare for ChatGPT's Risk Management Challenges]( ChatGPT promises to transform all sorts of corporate business functions, but your business needs to be prepared to address the new risks that come with it. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Microsoft Patches Zero-Day Bug Under Active Exploit in August Update]( Attackers are already exploiting one of Microsoft's August Patch Tuesday fixes in the wild, which offers up a low attack complexity for cyberattackers. [10 Key Controls to Show Your Organization Is Worthy of Cyber Insurance]( More-effective cyber-risk management controls can help bolster a company's policy worthiness. Start with these 10 tips to manage risk as underwriter requirements get more sophisticated. [The Problem With Cybersecurity (and AI Security) Regulation]( Are we really improving security, or are we just imposing more regulation? [MORE]( EDITORS' CHOICE [Citrix Zero-Day: 7K Instances Remain Exposed, 460 Compromised]( Many organizations have failed to patch a critical zero-day vulnerability, allowing hackers to install Web shells on hundreds of endpoints. LATEST FROM THE EDGE [How Hackers Can Hijack a Satellite]( We rely on them for communications, military activity, and everyday tasks. How long before attackers really start to look up at the stars? LATEST FROM DR TECHNOLOGY [Analyzing Network Chaos Leads to Better DDoS Detection]( Suspicious changes in entropy allow researchers to more accurately spot distributed denial-of-service attacks, but false positives remain a problem. LATEST FROM DR GLOBAL [Interpol Shuts Down African Cybercrime Group, Seizes $2 Million]( Operation Jackal involved law enforcement agencies in 21 countries and yielded more than 100 arrests. WEBINARS - [Protecting the Database: How to Secure Your Enterprise Data]( For many enterprises, the "crown jewels" are found in their database applications - virtual "crown jewels" of data in traditional database applications that are often linked to the Internet. What are the chief threats to today's databases? How can you ... - [The Dark Side of AI: Unmasking its Threats and Navigating the Shadows of Cybersecurity in the Digital Age]( Artificial Intelligence has come roaring to the forefront of today's technology landscape. It has revolutionized industries and will modernize careers, bringing numerous benefits and advancements to our daily lives. However, it is crucial to recognize that AI also introduces unseen ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Symmetry Systems Closes $17.7M To Scale its AI-Powered Data Security Platform]( [Sweet Security Lands $12M in Seed Funding to Shift Cloud Security Right]( [LastPass Announces Availability of FIDO2 Authenticators for Passwordless Login]( [Checkmarx CISO Study Finds 96% of CISOs Say Their Business Prospects Consider Their Organizations' AppSec Maturity When Making Deal Decisions]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Secrets of Successful SecOps Data Analytics]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117666&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_08.10.23&sp_cid=49449&utm_content=DR_NL_Dark%20Reading%20Daily_08.10.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#d6 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)