Microsoft, three others release patches to fix a vulnerability in their respective products that enables such manipulation. Potentially other EDR products affected as well.
Follow Dark Reading:
 December 07, 2022
LATEST SECURITY NEWS & COMMENTARY
For Cyberattackers, Popular EDR Tools Can Turn into Destructive Data Wipers
Microsoft, three others release patches to fix a vulnerability in their respective products that enables such manipulation. Potentially other EDR products affected as well.
Shift to Memory-Safe Languages Gains Momentum
Software firms and the National Security Agency urge developers to move to memory-safe programming languages to eliminate a major source of high-severity flaws.
Wiper, Disguised as Fake Ransomware, Targets Russian Orgs
The program, dubbed CryWiper, is aimed at Russian targets; it requests a ransom but has no way to decrypt any overwritten files.
Machine Learning Models: A Dangerous New Attack Vector
Threat actors can weaponize code within AI technology to gain initial network access, move laterally, deploy malware, steal data, or even poison an organization's supply chain.
Russian Actors Use Compromised Healthcare Networks Against Ukrainian Orgs
Victims include at least 15 healthcare organizations, one Fortune 500 company, and other organizations in multiple countries, security vendor says.
Google Chrome Flaw Added to CISA Patch List
CISA gives agencies deadline to patch against Google Chrome bug being actively exploited in the wild.
Russia Readies Winter Cyberattacks As Troops Retreat From Ukraine
Microsoft warns that the Kremlin is ramping up cyberattacks against infrastructure and supply chains and starting disinformation campaigns as Russian troops lose on the battlefield.
Applying the OODA Loop to Cybersecurity and Secure Access Service Edge
Organizations can best defend themselves on the cyber battlefield by adopting a military-style defense.
What Will It Take to Secure Critical Infrastructure?
There's no quick fix after decades of underinvestment, but the process has started. Cybersecurity grants, mandatory reporting protocols, and beefed-up authentication requirements are being put in place.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Malware Authors Inadvertently Take Down Own Botnet
A single improperly formatted command has effectively killed KmsdBot botnet, security vendor says.

SiriusXM, MyHyundai Car Apps Showcase Next-Gen Car Hacking
A trio of security bugs allow remote attackers to unlock or start the car, operate climate controls, pop the trunk, and more — all via poorly coded mobile apps.

The Privacy War Is Coming
Privacy standards are only going to increase. It's time for organizations to get ahead of the coming reckoning.

MORE
EDITORS' CHOICE
Infostealer Malware Market Booms, as MFA Fatigue Sets In
The successful combo of stolen credentials and social engineering to breach networks is increasing demand for infostealers on the Dark Web.
LATEST FROM THE EDGE

Name That Edge Toon: Not Your Average Bear
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
LATEST FROM DR TECHNOLOGY

ASM Can Fill Gaps While Working to Implement SBOM
If compiling a software bill of materials seems daunting, attack surface management tools can provide many of the benefits.
WEBINARS
  • Security Considerations for Working with Cloud Services Providers

    With so many workloads in the could these days, enterprises are working with one or more of the major cloud services providers. How you can be ensured that these providers are handling data securely? What is the plan if there ...

  • Seeing Your Attack Surface Through the Eyes of an Adversary

    The best way to manage exposure, reduce risk, and improve your security posture is to understand your attack surface through the eyes of an attacker. Cortex Xpanse provides automated Attack Surface Management with an agentless implementation. Xpanse scans the entirety ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Cambridge Centre for Risk Studies and Kivu Release Benchmark of Cost-Effective Responses to Cybercrime
Intellicene Brand Launches After Completion of Acquisition by Volaris Group
AlgoSec Acquires Prevasio To Disrupt Agentless Cloud Security Market
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Developing and Testing an Effective Breach Response Plan
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us