Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs

The Water Hydra cyberattacker group is one adversary using the zero-days to get past built-in Windows protections. [TechWeb]( Follow Dark Reading: [RSS]( February 14, 2024 LATEST SECURITY NEWS & COMMENTARY [Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs]( The Water Hydra cyberattacker group is one adversary using the zero-days to get past built-in Windows protections. [Ivanti Gets Poor Marks for Cyber Incident Response]( Cascading critical CVEs, cyberattacks, and delayed patching are plaguing Ivanti VPNs, and forcing cybersecurity teams to scramble for solutions. Researchers are unimpressed. [Glupteba Botnet Adds UEFI Bootkit to Cyberattack Toolbox]( A malware with every malicious feature in the book is adding new pages, with a fresh ability to invade the lowest levels of a Windows machine. [Hamas Cyberattacks Ceased After the Oct. 7 Terror Attack. But Why?]( Hamas-linked threat actors have defied norms, with no discernible uptick in cyber operations prior to the group's attack in Israel — and a complete abandonment of them thereafter. [Ivanti VPN Flaw Exploited to Inject Novel Backdoor; Hundreds Pwned]( A SAML vulnerability in Ivanti appliances has led to persistent remote access and full control for opportunistic cyberattackers. [BofA Warns Customers of Data Leak in Third-Party Breach]( An attack on a technology partner claimed by LockBit ransomware exposed sensitive information, including Social Security numbers, of more than 57,000 banking customers. [FCC Requires Telecom & VoIP Providers to Report PII Breaches]( The Commission's breach rules for voice and wireless providers, untouched since 2017, have finally been updated for the modern age. [Aircraft Leasing Company Acknowledges Cyberattack in SEC Filing]( Black Basta ransomware claimed responsibility, but the company says its investigation is ongoing. [CISO and CIO Convergence: Ready or Not, Here It Comes]( Recent shifts underscore the importance of collaboration and alignment between these two IT leaders for successful digital transformation. [Islamic Nonprofit Infiltrated for 3 Years With Silent Backdoor]( Saudi Arabia charity was under surveillance with the modified reverse proxy tool, researchers discovered. [(Sponsored Article) Redefining Cyber Defense: Fighting Emerging Threats With AI]( To combat the ever-evolving threat landscape, defenders need artificial intelligence (AI)-native technology. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps]( Attackers are breaching cloud environments and playing games with corporate Microsoft 365 apps, and further victims are likely to come. [It's Time to Rethink Third-Party Risk Assessment]( Continuously evaluating and updating your third-party risk assessment can improve your security posture and ensure your company doesn't have the next headline-making incident. [How 'Big 4' Nations' Cyber Capabilities Threaten the West]( Russia, China, Iran, and North Korea pose significant cyber threats to Western nations. [33M French Citizens Impacted in Country's Largest-Ever Breach]( Viamedis and Almerys, two payment processors widely used by French health insurers, were victims of cyberattackers who struck five days apart. [MORE]( PRODUCTS & RELEASES [OPSWAT Invests $10M in Scholarship Learning Program to Help Close Cybersecurity Skills Gap]( [Akto Launches Proactive GenAI Security Testing Solution]( [OpenText Joins the Joint Cyber Defense Collaborative to Enhance US Government Cybersecurity]( [ISC2 Collaborates With IBM to Launch Entry-Level Cybersecurity Certificate]( [BlackBerry Provides Update on Progress in Separation of Divisions and Path to Profitability]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Fortinet, Ivanti Keep Customers Busy With Yet More Critical Bugs]( Brand-new vulnerabilities from both vendors this week — one exploited in the wild — add to a steady stream of critical security issues in the security platforms. LATEST FROM THE EDGE [How Changes in State CIO Priorities for 2024 Apply to API Security]( The National Association of State Chief Information Officers' top 10 list sheds light on where state and local governments need to direct their cybersecurity efforts. Here's what it means for application security. LATEST FROM DR TECHNOLOGY [Forget Deepfakes or Phishing: Prompt Injection is GenAI's Biggest Problem]( With prompt injection, AI puts new spin on an old security problem LATEST FROM DR GLOBAL [Middle East & Africa CISOs Plan to Increase 2024 Budgets by 10%]( New data shows higher-than-expected cybersecurity growth in the Middle East, Turkey, and Africa region, thanks to AI and other factors. WEBINARS - [How Supply Chain Attacks Work -- And How to Stop Them]( - [Building a Modern Endpoint Strategy for 2024 and Beyond]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [A Solution Guide to Operational Technology Cybersecurity]( - [Stopping Active Adversaries: Lessons from the Cyber Frontline]( - [Endpoint Best Practices to Block Ransomware]( - [FortiSASE Customer Success Stories - The Benefits of Single Vendor SASE]( - [Mandiant Threat Intelligence at Penn State Health]( - [2023 Snyk AI-Generated Code Security Report]( - [Migrations Playbook for Saving Money with Snyk + AWS]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [How Enterprises Assess Their Cyber-Risk]( - [The State of Supply Chain Threats]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=121222&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_02.14.24&sp_cid=51955&utm_content=DR_NL_Dark%20Reading%20Daily_02.14.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#b2 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)