Microsoft Zero-Days Allow Defender Bypass, Privilege Escalation

Another two bugs in this month's set of fixes for 63 CVEs were publicly disclosed previously but have not been exploited yet. [TechWeb]( Follow Dark Reading: [RSS]( November 15, 2023 LATEST SECURITY NEWS & COMMENTARY [Microsoft Zero-Days Allow Defender Bypass, Privilege Escalation]( Another two bugs in this month's set of fixes for 63 CVEs were publicly disclosed previously but have not been exploited yet. [21 Vulnerabilities Discovered in Crucial IT-OT Connective Routers]( In this Black Hat Europe preview, devices bridging critical machinery with the wider Internet are exposed and subject to numerous supply chain-induced bugs. [Danish Energy Attacks Portend Targeting More Critical Infrastructure]( Targeted attacks against two dozen related companies is just the latest evidence that hackers want a piece of energy. [Zero-Days in Edge Devices Become China's Cyber Warfare Tactic of Choice]( While China is already among the world's most formidable threat actors, a focus on exploiting public-facing appliances makes its state-sponsored APTs more dangerous than ever. [Royal Ransom Demands Exceed $275M, Rebrand in Offing]( The swift-moving ransomware crew continues to evolve quickly and has already attacked more than 350 victims since it was first detected just over a year ago. [Steps CISOs Should Take Before, During & After a Cyberattack]( By creating a plan of action, organizations can better respond to attacks. [Google Goes After Scammers Abusing Its Bard AI Chatbot]( A pair of lawsuits are part of a wider strategy to establish guardrails preventing AI-powered scams, frauds, and harassment, Google's general counsel says. [(Sponsored Article) Security Is a Process, Not a Tool]( Process failures are the root cause of most serious cybersecurity incidents. We need to treat security as a process issue, not try to solve it with a collection of tools. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS ['Hunters International' Cyberattackers Take Over Hive Ransomware]( Hunters International appears to have acquired Hive ransomware from its original operators and may be seeking to cash in on the malware's reputation. [Ransomware Mastermind Uncovered After Oversharing on Dark Web]( Meet "farnetwork," one of the most prolific RaaS operators around, who spilled too many details during an affiliate "job interview." [Meet Your New Cybersecurity Auditor: Your Insurer]( As cyber insurance gets more expensive and competitive, security decision-makers have actionable opportunities to strengthen their cyber defenses. [Identity Alone Won't Save Us: The TSA Paradigm and MGM's Hack]( To combat sophisticated threats, we need to improve how we approach authorization and access controls. [MORE]( EDITORS' CHOICE [SEC Suit Ushers in New Era of Cyber Enforcement]( A federal push to enforce cybersecurity requirements is holding public companies and government contractors accountable as a matter of law and for national security. LATEST FROM THE EDGE [Make Changes to Be Ready for the New SEC Cybersecurity Disclosure Rule]( Mandiant/Google Cloud's Jill C. Tyson and Dark Reading's Terry Sweeney on how companies can better plan and prepare for the Securities and Exchange Commission's new cybersecurity disclosure rule. LATEST FROM DR TECHNOLOGY [HARmor Cleans, Sanitizes, Encrypts HAR Files]( Okta's breach highlights the importance of sanitizing the data logged in HAR files before sharing them. LATEST FROM DR GLOBAL [Molerats Group Wields Custom Cybertool to Steal Secrets in the Middle East]( The so-called TA402 group continues to focus on cyber espionage against government agencies with the "IronWInd" malware. WEBINARS - [How to Combat the Latest Cloud Security Threats]( More businesses have shifted critical assets and operations to the cloud, as service providers enhance their security capabilities and companies adapt to more remote workforces. In this webinar, experts outline the top ways that attackers are exploiting cloud services, applications ... - [Tricks to Boost Your Threat Hunting Game]( Proactive "threat hunting" is becoming a more common practice for organizations who know it is no longer enough to detect threats and defend against them. How do these enterprises build threat hunting programs? How do they staff them, and what ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023]( - [Threat Intelligence: Data, People and Processes]( - [Global Perspectives on Threat Intelligence]( - [Building Cyber Resiliency: Key Strategies for Proactive Security Operations]( - [Mandiant Threat Intelligence at Penn State Health]( - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( [View More White Papers >>]( FEATURED REPORTS - [The State of Supply Chain Threats]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [DirectDefense Launches ThreatAdvisor 3.0 to Streamline Security Operations With SOAR Technology]( [LastPass Launches Enhanced User Interface for Mobile Vault]( [Beyond Identity Releases New Assessment to Guide Companies Toward Zero Trust]( [Stream Security Expands into CloudSecOps Market With Launch of Real-Time Cloud Security Solution]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Key DevSecOps Principles for Enterprise Mobile App Development]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=119324&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_11.15.23&sp_cid=50510&utm_content=DR_NL_Dark%20Reading%20Daily_11.15.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#dc If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)