The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.
Follow Dark Reading:
 August 10, 2022
LATEST SECURITY NEWS & COMMENTARY
Microsoft Patches Zero-Day Actively Exploited in the Wild
The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.
Researchers Debut Fresh RCE Vector for Common Google API Tool
The finding exposes the danger of older, unpatched bugs, which plague at least 4.5 million devices.
Domino's Takes a Methodical Approach to IoT
The success of Domino's Flex IoT project can be attributed in large part to the security best practices it followed.
Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks
Machine-learning algorithms alone may miss signs of a successful attack on your organization.
Tell Dark Reading How You Are Doing
Can you take approximately 15 minutes to share how you're managing security challenges in your organization? After completing the survey, you can be included in a drawing for a $50 Amazon gift card.

MORE NEWS / MORE COMMENTARY
LATEST FROM THE EDGE
Don't Take the Cyber Safety Review Board's Log4j Report at Face Value
Given the lack of reporting requirements, the findings are more like assumptions. Here's what organizations can do to minimize exposure.

LATEST FROM DR TECHNOLOGY
Halo Security Emerges From Stealth With Full Attack Surface Management Platform
The latest startup to enter the attack surface management space also has a free scanning service to audit the contents of any website.

HOT TOPICS
Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.

Capital One Breach Conviction Exposes Scale of Cloud Entitlement Risk
To protect against similar attacks, organizations should focus on bringing cloud entitlements and configurations under control.

MORE
THIS WEEK AT BLACK HAT
Dark Reading News Desk: Live at Black Hat USA 2022
TODAY at 10 PT: Dark Reading News Desk returns to Black Hat USA 2022
Software Development Pipelines Offer Cybercriminals 'Free-Range' Access to Cloud, On-Prem
A Q&A with NCC Group's Viktor Gazdag ahead of a Black Hat USA session on CI/CD pipeline risks reveals a scary, and expanding, campaign vector for software supply chain attacks and RCE.
Abusing Kerberos for Local Privilege Escalation
Upcoming Black Hat USA presentation will examine the implications of Kerberos weaknesses for security on the local machine.
Russia-Ukraine Conflict Holds Cyberwar Lessons
Initial attacks used damaging wiper malware and targeted infrastructure, but the most enduring impacts will likely be from disinformation, researchers say. At Black Hat USA, SentinelOne's Juan Andres Guerrero-Saade and Tom Hegel will discuss.
Stolen Data Gives Attackers Advantage Against Text-Based 2FA
With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.
Cyberattackers Increasingly Target Cloud IAM as a Weak Link
At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.
How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes
Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.
WEBINARS
  • Ransomware Resilience and Response: The Next Generation

    When ransomware locks up your business's critical data and essential gear, there is no time to figure out what to do. There is only time to act - without panicking. That's why a good ransomware response playbook is essential: Do ...

  • Assessing Cyber Risk

    Top executives often ask, "how safe are we from a cyber breach?" But it can be difficult to quantitatively measure cyber risk, and even harder to assess your organization's attack surface. In this webinar, you'll learn how to evaluate your ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Cybrary Unveils Next-Generation Interactive, Hands-On Training Experience to Upskill Cybersecurity Professionals
US Oil and Gas Sector at Risk of a Cyberbreach, According to BreachBits Study
Netscout Arbor Insight Leverages Patented ASI Technology to Enhance Security and Operational Awareness for Network Operators of Any Scale
Lacework Updates Threat Detection To Uncover More Malicious Activity and Speed Investigation at Scale
HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Living on the Edge: Building and Maintaining Security at the Network Edge
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2022  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us