Ransomware Attackers Abuse Multiple Windows CLFS Driver Zero-Days

Attackers were escalating privileges left and right in 2023, thanks to one performance-oriented, security-lacking driver. [TechWeb]( Follow Dark Reading: [RSS]( December 26, 2023 LATEST SECURITY NEWS & COMMENTARY [Ransomware Attackers Abuse Multiple Windows CLFS Driver Zero-Days]( Attackers were escalating privileges left and right in 2023, thanks to one performance-oriented, security-lacking driver. [Google Releases Eighth Zero-Day Patch of 2023 for Chrome]( CVE-2023-7024, exploited in the wild prior to patching, is a Chrome vulnerability that allows remote code execution within the browser's WebRTC component. [Iran's 'Peach Sandstorm' Cyberattackers Target Global Defense Network]( The FalseFont backdoor allows operators to remotely access an infected system and launch additional files. [5 Tips for Strengthening the Developer-Security Team Relationship]( Adopt these best practices to move past a reactive approach to software development and build a productive work environment. Collaboration can turn security into a shared goal, not a bottleneck. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS ['BattleRoyal' Hackers Deliver DarkGate RAT Using Every Trick]( The shadowy threat actor uses some nifty tricks to drop popular malware with targets that meet its specifications. [Chameleon Android Trojan Offers Biometric Bypass]( A more sophisticated version of a "work in progress" malware is impersonating a Google Chrome app to attack a wider swath of mobile users. [8 Strategies for Defending Against Help Desk Attacks]( The help desk is under siege from AI-based and other attacks. Next-gen tactics call for in-depth cyber-defense strategies. [How AI Is Shaping the Future of Cybercrime]( Cybercriminals are increasingly using AI tools to launch successful attacks, but defenders are battling back. [MORE]( PRODUCTS & RELEASES [Ransomware Attacks in November Rise 67% From 2022]( [Console & Associates, P.C.: ESO Solutions Notifies 2.7M People of Data Breach That Leaked Their SSNs]( [New DMARC Data Shows 75% Increase in Suspicious Emails Hitting Inboxes]( [Black Hat Europe 2023 Closes on Record-Breaking Event in London]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Russian Water Utility Hacked in Retaliation for Kyivstar Hit]( Moscow's Rosvodokanal water-management company was ransacked by Ukraine-aligned Blackjack group, with reports that the company's IT infrastructure was "destroyed." LATEST FROM THE EDGE [Security Pros Grapple With Ways to Manage GenAI Risk]( Security professionals in Dark Reading's latest survey are well aware of the risks posed by generative AI in their organizations, but questions remain on what strategies to employ. LATEST FROM DR TECHNOLOGY [GenAI Tools Will Permeate All Areas of the Enterprise]( Many departments and groups see the benefits of using generative AI tools, which will complicate the security teams' job of protecting the enterprise from data leaks and compliance and privacy violations. LATEST FROM DR GLOBAL [Strengthening Resilience: Navigating the Cybersecurity Landscape]( The significance of cybersecurity resilience has never been higher as we grow more reliant on digital infrastructure. WEBINARS - [Tips for Managing Cloud Security in a Hybrid Environment]( - [2024 API Security Trends & Predictions]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [SANS ICS/OT Cybersecurity Survey: 2023's Challenges and Tomorrow's Defenses]( - [Threat Terrain of the Modern Factory: Survey of Programmable Assets and Robot Software]( - [IT Zero Trust vs. OT Zero Trust: It's all about Availability]( - [The OT Zero Trust Handbook: Implementing the 4 Cornerstones of OT Security]( - [Buyer's Guide: Choosing a True DevSecOps Solution for Your Apps on AWS]( - [2023 Software Supply Chain Attack Report]( - [The Need for a Software Bill of Materials]( [View More White Papers >>]( FEATURED REPORTS - [The State of Supply Chain Threats]( - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=120090&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_12.26.23&sp_cid=51130&utm_content=DR_NL_Dark%20Reading%20Daily_12.26.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#1c If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)