The computing giant didn't fix ProxyNotLogon in October's Patch Tuesday, but it disclosed a rare 10-out-of-10 bug and patched two other zero-days, including one being exploited.
Follow Dark Reading:
 October 12, 2022
LATEST SECURITY NEWS & COMMENTARY
Microsoft Addresses Zero-Days, but Exchange Server Exploit Chain Remains Unpatched
The computing giant didn't fix ProxyNotLogon in October's Patch Tuesday, but it disclosed a rare 10-out-of-10 bug and patched two other zero-days, including one being exploited.
Critical Open Source vm2 Sandbox Escape Bug Affects Millions
Attackers could exploit the "Sandbreak" security bug, which has earned a 10 out of 10 on the CVSS scale, to execute a sandbox escape, achieve RCE, and run shell commands on a hosting machine.
AI and Residual Finger Heat Could Be a Password Cracker's Latest Tools
New research demonstrates the use of thermal camera images of keyboards and screens in concert with AI to correctly guess computer passwords faster and more accurately.
High-Value Targets: String of Aussie Telco Breaches Continues
Australian IT services provider Dialog has announced a breach, making it the third telecom company in the area compromised in less than a month.
OT Cybersecurity Leader Paul Brager Passes Away
The IT security executive led ICS/OT, IT/OT integration, and other security programs, as well as diversity and inclusion efforts in the industry.
It's Time to Make Security an Innovation Enabler
How data-driven security can best safeguard your unique cloud operations.
Proposed SEC Disclosure Rules Could Transform Cyber-Incident Response
It's not too early for firms to start preparing for change.
Intel Processor UEFI Source Code Leaked
Exposed code included private key for Intel Boot Guard, meaning it can no longer be trusted, according to a researcher.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
US Airports in Cyberattack Crosshairs for Pro-Russian Group Killnet
Killnet calls on other groups to launch similar attacks against US civilian infrastructure, including marine terminals and logistics facilities, weather monitoring centers, and healthcare systems.

6 Things Every CISO Should Do the First 90 Days on the Job
A CISO's responsibilities have evolved immensely in recent years, so their first three months on the job should look a different today than they might have several years ago.

Ransomware 3.0: The Next Frontier
Attackers are already circling back to reselling stolen data instead of — and in addition to — extortion.

MORE
EDITORS' CHOICE
Emotet Rises Again With More Sophistication, Evasion
An analysis of the malware and its infection strategies finds nearly 21,000 minor and 139 major variations on the malware — complexity that helps it dodge analysis.
LATEST FROM THE EDGE

Name That Edge Toon: Mumbo Dumbo
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
LATEST FROM DR TECHNOLOGY

Dependency Management Aims to Make Security Easier
Existing software security firms and new startups tackle the tasks of exposing dependencies and helping developers manage their use of open-source components.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
CURRENT ISSUE
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.