Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.
Follow Dark Reading:
 October 30, 2024
LATEST SECURITY NEWS & COMMENTARY
Recurring Windows Flaw Could Expose User Credentials
Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.
China's 'Evasive Panda' APT Debuts High-End Cloud Hijacking
A professional-grade tool set, appropriately dubbed "CloudScout," is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info for exfiltration.
FBI, Partners Disrupt RedLine, Meta Stealer Operations
A collaboration with the FBI and law-enforcement agencies in Europe, the UK, and Australia, Operation Magnus has seized servers and source code related to the two malware families, which have stolen data from millions of victims worldwide.
French ISP Confirms Cyberattack, Data Breach Affecting 19M
In the latest attack against ISPs, second-largest French provider Free fell victim to unknown cyberattackers who attempted to sell the compromised data it stole from the company on an underground cybercrime forum.
How to Find the Right CISO
Great CISOs are in short supply, so choose wisely. Here are five ways to make sure you've made the right pick.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Mozilla: ChatGPT Can Be Manipulated Using Hex Code
LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new prompt-injection technique.

Russia Kneecaps Ukraine Army Recruitment With Spoofed 'Civil Defense' App
Posing as an application used to locate Ukrainian military recruiters, a Kremlin-backed hacking initiative delivers malware, along with disinformation designed to undermine sign-ups for soldiers in the war against Russia.

Put End-of-Life Software to Rest
Relying on EOL software leaves critical systems exposed — making it a problem no business can afford to ignore.

My Journey From the Air Force to Cybersecurity
Cybersecurity is mission-driven, meaningful work that coincides with the service branches' goals to protect, defend, and create a safer world.

MORE
PRODUCTS & RELEASES
Grip Security Releases 2025 SaaS Security Risks Report
Jake Williams Joins Hunter Strategy As VP of RND & Managing Director of Hunter Labs
American Water Under Investigation for Cyberattack Potentially Affecting 14M Customers
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
Windows 'Downdate' Attack Reverts Patched PCs to a Vulnerable State
Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched driver signature enforcement (DSE) bypass.
LATEST FROM THE EDGE

'Shift Left' Gets Pushback, Triggers Security Soul Searching
A government report's criticism of the 100x metric often used to justify fixing software earlier in development fuels a growing debate over pushing responsibility for secure code onto developers.
LATEST FROM DR TECHNOLOGY

Sophos-SecureWorks Deal Focuses on Building Advanced MDR, XDR Platform
Sophos CEO Joe Levy says the $859 million deal to acquire SecureWorks from majority owner Dell Technologies will put the Taegis platform — with network detection and response, vulnerability detection and response, and identity threat detection and response capabilities — at the core.
LATEST FROM DR GLOBAL

China's Elite Cyber Corps Hone Skills on Virtual Battlefields
The nation leads in the number of capture-the-flag tournaments sponsored by government and industry — a strategy from which Western nations could learn.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us