A newly patched flaw in Windows Defender allows attackers to hijack the signature-update process to sneak in malware, delete benign files, and inflict mayhem on target systems.
Follow Dark Reading:
 August 10, 2023
LATEST SECURITY NEWS & COMMENTARY
Windows Defender-Pretender Attack Dismantles Flagship Microsoft EDR
A newly patched flaw in Windows Defender allows attackers to hijack the signature-update process to sneak in malware, delete benign files, and inflict mayhem on target systems.
Black Hat Opens With Call to Steer AI From Predictions to Policy
Without cybersecurity guardrails now, AI will be harder to harness in the future.
'Downfall' Bug in Billions of Intel CPUs Reveals Major Design Flaw
A newly revealed flaw affects a good chunk of the world's computers. A patch has been released, but broad, structural change in CPU design will be required to address the root cause.
DAY 2! Dark Reading News Desk: Live at Black Hat USA 2023
Dark Reading News Desk returns for a second day of interviews from Black Hat USA 2023. The livestream will start at 10 a.m. PT.
Private Key Leaks Allow Attackers to Empty Crypto Investors' Wallets
Digital signature schemes designed to protect crypto investors are vulnerable to leakage.
It's Time for Cybersecurity to Talk About Climate Change
From e-waste to conference swag to addressing data center energy consumption, cybersecurity stakeholders need a whole-industry approach to being part of the solution and reducing the risk of climate change.
C-Suite Cybersecurity Sign-off Hinges on Customer Trust, Digital Opps
Omdia's Maxine Holt says cybersecurity practitioners need to emphasize their role in growing the business, not just preventing breaches.
OWASP Lead Flags Gaping Hole in Software Supply Chain Security
SBOMs aren't enough: Developers need to dig deeper into how software is built by using a process called binary source validation.
RedHotel Checks in as Dominant China-Backed Cyberspy Group
The APT has been rampaging across three continents on behalf of China's Ministry of State Security, and now claims the throne as kings of intelligence gathering and economic espionage.
New LLM Tool Seeks and Remediates Vulnerabilities
Vicarius launched vuln_GPT, which it says will generate and execute scripts to ameliorate flaws such as the TETRA backdoor.
Why Shellshock Remains a Cybersecurity Threat After 9 Years
Nearly a decade after it was disclosed, the Shellshock vulnerability still plagues organizations. Learn how to protect yourself.
Top 3 Insights I Learned at Recent Cybersecurity Events
Events like RSA Conference and Infosecurity Europe provide industry collaboration opportunities required to address the evolving cybersecurity threat landscape.
(Sponsored Article) How to Prepare for ChatGPT's Risk Management Challenges
ChatGPT promises to transform all sorts of corporate business functions, but your business needs to be prepared to address the new risks that come with it.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Microsoft Patches Zero-Day Bug Under Active Exploit in August Update
Attackers are already exploiting one of Microsoft's August Patch Tuesday fixes in the wild, which offers up a low attack complexity for cyberattackers.

10 Key Controls to Show Your Organization Is Worthy of Cyber Insurance
More-effective cyber-risk management controls can help bolster a company's policy worthiness. Start with these 10 tips to manage risk as underwriter requirements get more sophisticated.

The Problem With Cybersecurity (and AI Security) Regulation
Are we really improving security, or are we just imposing more regulation?

MORE
EDITORS' CHOICE
Citrix Zero-Day: 7K Instances Remain Exposed, 460 Compromised
Many organizations have failed to patch a critical zero-day vulnerability, allowing hackers to install Web shells on hundreds of endpoints.
LATEST FROM THE EDGE

How Hackers Can Hijack a Satellite
We rely on them for communications, military activity, and everyday tasks. How long before attackers really start to look up at the stars?
LATEST FROM DR TECHNOLOGY

Analyzing Network Chaos Leads to Better DDoS Detection
Suspicious changes in entropy allow researchers to more accurately spot distributed denial-of-service attacks, but false positives remain a problem.
LATEST FROM DR GLOBAL

Interpol Shuts Down African Cybercrime Group, Seizes $2 Million
Operation Jackal involved law enforcement agencies in 21 countries and yielded more than 100 arrests.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
  • Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks

    The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ...

  • How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

    Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ...

  • The Promise and Reality of Cloud Security

    Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ...
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Symmetry Systems Closes $17.7M To Scale its AI-Powered Data Security Platform
Sweet Security Lands $12M in Seed Funding to Shift Cloud Security Right
LastPass Announces Availability of FIDO2 Authenticators for Passwordless Login
Checkmarx CISO Study Finds 96% of CISOs Say Their Business Prospects Consider Their Organizations' AppSec Maturity When Making Deal Decisions
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Secrets of Successful SecOps Data Analytics
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us