Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.
Follow Dark Reading:
 September 30, 2024
LATEST SECURITY NEWS & COMMENTARY
Novel Exploit Chain Enables Windows UAC Bypass
Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.
Shadow AI, Sensitive Data Exposure & More Plague Workplace Chatbot Use
Productivity has a downside: A shocking number of employees share sensitive or proprietary data with the generational AI platforms they use, without letting their bosses know.
Millions of Kia Vehicles Open to Remote Hacks via License Plate
The vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking in automotive APIs.
Top Allies for Executives & Boards to Leverage During a Cyber Crisis
It is imperative for executives and board members to know who their top allies are, and how to best leverage them to successfully navigate a crisis and minimize the harm caused by a breach.
Could Security Misconfigurations Become No. 1 in OWASP Top 10?
As Superman has kryptonite, software has weaknesses — with misconfigurations leading the pack.
(Sponsored Article) Defending Nations: 3 Strategic Shifts to Evolve Government Cyber Defense
To safeguard national security, governments must evolve in three areas to protect against a constantly evolving threat landscape.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
NIST Drops Password Complexity, Mandatory Reset Rules
The latest draft version of NIST's password guidelines simplifies password management best practices and eliminates those that did not promote stronger security.

Boredom Is the Silent Killer in Your IT Systems
An environment that values creativity, continuous learning, and calculated risk-taking can prevent boredom while building a resilient, adaptable team ready to tackle whatever challenges come their way.

Congress Advances Bill to Add AI to National Vulnerability Database
The AI Incident Reporting and Security Enhancement Act would allow NIST to create a process for reporting and tracking vulnerabilities found in AI systems.

Critical Automated Tank Gauge Bugs Threaten Gas Infrastructure
The security vulnerabilities could lead to everything from gas spills to operations data disclosure, affecting gas stations, airports, military bases, and other hypersensitive locations.

How Russia, China & Iran Are Targeting US Elections
While these threats remain a valid concern, US government agencies have doubled down on their assurances to the American public that election infrastructure is secure.

MORE
PRODUCTS & RELEASES
Stellar Cyber Secures National 'Don't Click It' Day
Cybersecurity Success Hinges on Full Organizational Support, New CompTIA Report Asserts
OneTrust Automates DORA ICT Risk Management and Compliance
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Memory-Safe Code Adoption Has Made Android Safer
The number of memory bugs in Android declined sharply after Google began transitioning to Rust for new features in its mobile OS.
LATEST FROM THE EDGE

How Should CISOs Navigate the SEC Cybersecurity and Disclosure Rules?
Companies that commit to risk management have a strong cybersecurity foundation that makes it easier to comply with the SEC's rules. Here is what you need to know about 8K and 10K filings.
LATEST FROM DR TECHNOLOGY

Security Concerns Plague Emerging Chip Architecture
The RISC-V chip architecture is gaining popularity worldwide, but the fact that it is easy to modify the processor design means it is also easy to introduce hard-to-patch vulnerabilities.
LATEST FROM DR GLOBAL

'SloppyLemming' APT Abuses Cloudflare Service in Pakistan Attacks
Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target?
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us