Here's what you need to patch now, including six critical updates for Microsoft's final Patch Tuesday of the year.
| | | LATEST SECURITY NEWS & COMMENTARY | | Microsoft Squashes Zero-Day, Actively Exploited Bugs in Dec. Update Here's what you need to patch now, including six critical updates for Microsoft's final Patch Tuesday of the year. Uber Breached, Again, After Attackers Compromise Third-Party Cloud Threat actors leak employee email addresses, corporate reports, and IT asset information on a hacker forum after an attack on an Uber technology partner. Microsoft-Signed Malicious Drivers Usher In EDR-Killers, Ransomware Malicious Windows drivers signed as legit by Microsoft have been spotted as part of a toolkit used to kill off security processes in post-exploitation cyber activity. 3 Ways Attackers Bypass Cloud Security At Black Hat Europe, a security researcher details the main evasion techniques attackers are currently using in the cloud. Report: Air-Gapped Networks Vulnerable to DNS Attacks Common mistakes in network configuration can jeopardize the security of highly protected assets and allow attackers to steal critical data from the enterprise. Metaparasites & the Dark Web: Scammers Turn on Their Own Sophos research unveiled at Black Hat Europe details a thriving subeconomy of fraud on the cybercrime underground, aimed at Dark Web forum users. Rash of New Ransomware Variants Springs Up in the Wild Vohuk, ScareCrow, and AESRT add to the ransomware chaos that organizations have to contend with on a daily basis. Amid Outrage, Rackspace Sends Users Email Touting Its Incident Response More than 10 days after a ransomware attack, affected Rackspace customers are being told the incident had a "limited impact," and have been invited to a webinar for additional details. Where to Find the Best Open Source Security Technology A free resource, updated monthly, lists the most-popular, highly rated OSS projects. The Cybersecurity Industry Doesn't Have a Stress Problem — It Has a Leadership Problem Organizations need servant leaders to step forward and make their teams' professional effectiveness and happiness a priority. CSAF Is the Future of Vulnerability Management Version 2.0 of the Common Security Advisory Framework will enable organizations to automate vulnerability remediation. Phishing in the Cloud: We're Gonna Need a Bigger Boat SasS security is everyone's problem. When Companies Compensate the Hackers, We All Foot the Bill Ensuring stronger in-house defenses is integral to retaining customer loyalty. MORE NEWS / MORE COMMENTARY | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
