STE WILLIAMS

In the wake of companies such as British Airways, Marriott, and Facebook facing record privacy violation fines, organizations are seeing the ramifications of not having their privacy compliance under control. Clearly, the lines between data security and data privacy are blurring, and companies are beginning to establish their lines of defense for data security — and are still figuring out data governance and management.

The responsibility for helping companies comply with privacy regulations lies in a gray area between security teams and data teams. To avoid the billion-dollar fines that are becoming more common, privacy and security teams must collaborate to achieve compliance.

Formidable Fines
Last year, tech behemoths including Facebook, Google, Apple, and YouTube all came under investigation for violations of the European Union’s General Data Protection Regulation, and some have been fined as a result. Facebook was hit the hardest, garnering the largest fine ever required of a tech company, $5 billion. In the EU to date, we’ve seen fines racking up to €372 million. The introduction of California Consumer Privacy Act will only raise the bar for these fines globally.

As a result, companies have established accountability with a data protection officer (DPO) and involved every employee in the privacy conversation. We can expect these practices to become more common, and security teams, as well as data management and governance teams, will be more involved in privacy-related matters. Additionally, while the tech giants have made the most spectacular headlines, we have also seen those fines and infringement repercussions trickling down to smaller companies across the globe, broadening the need for implementation of privacy best practices. 

Recent smaller fines include a $21,000 fine for a Swedish school after it conducted a trial in which the attendance of 22 pupils was tallied using facial recognition.

Similarly, a €500 million online food delivery company in Germany failed to comply with data subject access rights after not deleting accounts of former customers in 10 cases — even if they’d been inactive in the company’s service platform for years. To make matters worse, eight former customers also complained about unsolicited advertising emails from the company. Specifically, a data subject who had objected to the use of his data for advertising purposes still received 15 additional advertising emails from the delivery service. In other cases, the company did not provide the data subjects with the required information or they did so only after the Berlin data protection officer intervened. This resulted in a nearly €200,000 fine, which is significant compared with the company’s global revenue.

These cases illustrate that data privacy has become a very broad topic, spanning beyond the traditional data security vulnerabilities that we first think about. Every company must be prepared, no matter its size and business activities. In addition to the fines, repercussions for companies that fail to comply include:

• Exposure to reputational and revenue risks as data privacy violations are breaking customer satisfaction and relationships: For example, the Information Commissioner’s Office, the UK’s independent authority on data privacy, said that 46% of the complaints it collects are related to the disrespect of the right for data access, rectification, and deletion.
• Rising costs in their operations: For example, it has been shown that addressing subject rights requests, which gives individuals the right to obtain a copy of their personal data, with a manual process is not only error prone but can be very costly, with an average of $1.40 per request, according to a recent Gartner survey. 

Collaboration for Compliance
Privacy teams must establish the framework for data privacy, which includes, but is not limited to, data security and protection against data breaches. Typically, privacy teams are responsible for knowing where user data is and how it flows, proactively safeguarding it and making sure it is used for a purpose. One important role of the privacy team is to establish privacy by design, which means that each project within the company that needs personal data must understand and be accountable for the impact it has on privacy. This requires strong collaboration between the privacy, security, IT, and data teams to protect, monitor, and take action once a breach has occurred — whether it involves sensitive user, company, or customer information.

While the privacy and security teams are generally not intertwined, they certainly have overlap that needs to be addressed. To give companies the best chance of avoiding fiscal repercussions, data privacy teams must take stock of how data use can be interpreted as a personal privacy infringement and share their practices with security teams, which can take measures to protect the data where it lives before it is threatened.

Having a DPO who acts as an orchestrator, engaging both the privacy and security teams and educates employees is a best practice for ensuring compliance. Once a niche role, the DPO got a huge boost with GDPR, which made it mandatory, and today there are an estimated half-million DPOs registered in Europe alone! While the chief security officer (CSO) role is not a result of privacy regulations, it has become more widespread across the enterprise and was elevated to an executive level in the digital era.

Privacy is a different discipline from security though, and there needs to be accountability and practices that are deployed widely so everyone in a company understands and implements them. The CSO acts as a bridge between security and privacy to ensure this happens, especially in the US, where regulations do not mandate a DPO.

Not only is data privacy important for the good of the individual, but it must also be a top priority for companies, which risk losing billions of dollars. While doing good for the user is the theoretical ideal, the threat of fiscal repercussions should drive organizations to take privacy seriously — and this is best practiced through collaboration between security and privacy teams. Everyone from security and privacy teams to sales and marketing teams must be in compliance and understand their responsibilities. Educate every individual at the company and collaborate together on training and trust exercises. 

Related Content:

• 6 Questions to Ask Once You’ve Learned of a Breach
• Ambiguity Around CCPA Will Lead to a Slow Start in 2020
• How to Get Prepared for Privacy Legislation
• Rethinking Enterprise Data Defense

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “With International Tensions Flaring, Cyber-Risk Is Heating Up for All Businesses.”

Jean-Michel Franco has dedicated his career to developing and broadening the adoption of innovative technologies and is currently the Senior Director of Product Marketing at Talend. He is an expert of GDPR, CCPA, and data privacy, working on the front lines with Talend’s … View Full Bio

Article source: https://www.darkreading.com/risk/avoid-that-billion-dollar-fine-blurring-the-lines-between-security-and-privacy/a/d-id/1336818?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

FireEye has announced the purchase of Cloudvisory, a company specializing in visibility, compliance, and policy governance for multicloud environments. Financial terms of the purchase were not disclosed.

According to the announcement, the acquisition is intended to add cloud security capabilities to the FireEye Helix platform, allowing more customers to have a single solution for cloud and container security. Founded in 2013, Cloudvisory operates across AWS, Azure, Google Cloud, Kubernetes, OpenStack, and VMware, as well as virtualized and bare metal environments.

Read more here.

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “The Y2K Boomerang: InfoSec Lessons Learned from a New Date-Fix Problem.”

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: https://www.darkreading.com/cloud/fireeye-buys-cloudvisory/d/d-id/1336850?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

FireEye has announced the purchase of Cloudvisory, a company specializing in visibility, compliance, and policy governance for multicloud environments. Financial terms of the purchase were not disclosed.

According to the announcement, the acquisition is intended to add cloud security capabilities to the FireEye Helix platform, allowing more customers to have a single solution for cloud and container security. Founded in 2013, Cloudvisory operates across AWS, Azure, Google Cloud, Kubernetes, OpenStack, and VMware, as well as virtualized and bare metal environments.

Read more here.

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “The Y2K Boomerang: InfoSec Lessons Learned from a New Date-Fix Problem.”

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: https://www.darkreading.com/cloud/fireeye-buys-cloudvisory/d/d-id/1336850?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Security researchers today published the details of how a ransomware attack could abuse the Windows Encrypting File System (EFS). Several major security vendors have released patches to protect machines from this attack after anti-malware tools failed to defend against the technique.

The discovery comes from SafeBreach Labs, where researchers were brainstorming new, more sophisticated ways to implement ransomware. “It’s important we understand what can be done so we can develop better controls around it,” says co-founder and CTO Itzik Kotler. One of their goals was to find attack vectors that today’s defenses lack capabilities to defend against.

Starting in Windows 2000, Microsoft began to offer EFS to business customers using the Windows Pro, Professional, Business, Ultimate, Enterprise, and Education editions. EFS enables encryption of specific folders and files keyed to the Windows user. Encryption and decryption are done in the NTFS driver, under the file system filter drivers. Part of the encryption key is stored in a file the user can access; part is computed from the account password. EFS should not be confused with BitLocker, which is a full-disk encryption feature.

Researchers created their concept ransomware in a lab environment to test whether antivirus software could defend against it. Because this malware uses EFS functionality, as opposed to the typical ransomware tactic of overwriting the file, it uses a different set of system calls.

“We thought there was good potential there for completely evading security controls,” says Amit Klein, vice president of security research. “Indeed, that turned out to be the case.”

The malware they developed first generates a key to be used by EFS, as well as a certificate for that key, which is added to the personal certificate store. It then sets the current EFS key to the certificate the malware created; now, this key can be invoked on specific files and folders to encrypt them. The ransomware saves the key files to memory and deletes them from two folders:

• %APPDATA% MicrosoftCryptoRSAsid (where sid is the user SID)

• %ProgramData% MicrosoftCryptoRSAMachineKeys

From there, the ransomware erases the EFS data from memory, rendering the encrypted files inaccessible to the victim. Ideally, the researchers explain, it also wipes slack parts of the disk to ensure data from the EFS key files and temporary files used by EncryptFile can’t be retrieved. The malware can now encrypt data it stole from the two previously mentioned files using a public key hardwired into the ransomware and send encrypted data to the attacker. Files are encrypted at a deep level of the kernel and won’t be noticed by file-system filter drivers. The attack doesn’t require admin rights or human interaction, Klein writes in a blog post.

Every ransomware should have a way to restore the files, Klein explains, and this one is no different. An attacker would need to decrypt the key files using their private key to restore them to their original state. When this happens, Windows will be able to read the user files.

Researchers tested the EFS ransomware on Windows 10 64-bit versions 1803, 1809, and 1903. It should also work on Windows 32-bit operating systems and on earlier version of Windows — likely Windows 8.x, Windows 7, and Windows Vista.

Inside the Patching Process
The team tested its malware with three anti-ransomware tools from well-known vendors: ESET (Internet Security 12.1.34.0), Kaspersky (Anti Ransomware Tool for Business 4.0.0.861a), and Microsoft (Windows 10 Controlled Folder Access on Windows 10 64-bit version 1809, build 17763). All three failed to defend against this type of ransomware attack.

SafeBreach then notified 17 major anti-malware and anti-ransomware vendors for Windows endpoints, provided its proof of concept, and found many products were affected.

“The whole business of disclosing this threat to major solution vendors is about reducing the threat of this being used in the wild at some later point,” Klein says. SafeBreach disclosed the attack to companies in June and July 2019, he notes. More than six months passed between the time of disclosure to the last vendor and SafeBreach’s public disclosure today.

“Some vendors took a very short while to figure out what the problem is and how they want to address it,” he notes. “Other vendors took quite a bit of time to start working on addressing the issue.” Most affected vendors deployed updates to defend against this attack technique.

One possible workaround for this attack is to disable ESF entirely, which is possible with admin rights. Klein advises taking this route if your organization does not actively use the feature.

As ransomware evolves, security vendors must also adapt to defend against new and changing threats. Signature-based tools “are not up to this job,” Klein writes in his post, and while heuristics-based solutions hold promise, additional research is required to train them to protect against future threats.

Related Content:

• Massive Oracle Patch Reverses Company’s Trend Toward Fewer Flaws
• 7 Ways to Get the Most Out of a Penetration Test
• How Data Breaches Affect the Enterprise
• 2019 Online Malware and Threats: A Profile of Today’s Security Posture

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “With International Tensions Flaring, Cyber-Risk Is Heating Up for All Businesses.”

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance Technology, where she covered financial … View Full Bio

Article source: https://www.darkreading.com/risk/new-ransomware-tactic-shows-how-windows-efs-can-aid-attackers/d/d-id/1336849?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Security researchers today published the details of how a ransomware attack could abuse the Windows Encrypting File System (EFS). Several major security vendors have released patches to protect machines from this attack after anti-malware tools failed to defend against the technique.

The discovery comes from SafeBreach Labs, where researchers were brainstorming new, more sophisticated ways to implement ransomware. “It’s important we understand what can be done so we can develop better controls around it,” says co-founder and CTO Itzik Kotler. One of their goals was to find attack vectors that today’s defenses lack capabilities to defend against.

Starting in Windows 2000, Microsoft began to offer EFS to business customers using the Windows Pro, Professional, Business, Ultimate, Enterprise, and Education editions. EFS enables encryption of specific folders and files keyed to the Windows user. Encryption and decryption are done in the NTFS driver, under the file system filter drivers. Part of the encryption key is stored in a file the user can access; part is computed from the account password. EFS should not be confused with BitLocker, which is a full-disk encryption feature.

Researchers created their concept ransomware in a lab environment to test whether antivirus software could defend against it. Because this malware uses EFS functionality, as opposed to the typical ransomware tactic of overwriting the file, it uses a different set of system calls.

“We thought there was good potential there for completely evading security controls,” says Amit Klein, vice president of security research. “Indeed, that turned out to be the case.”

The malware they developed first generates a key to be used by EFS, as well as a certificate for that key, which is added to the personal certificate store. It then sets the current EFS key to the certificate the malware created; now, this key can be invoked on specific files and folders to encrypt them. The ransomware saves the key files to memory and deletes them from two folders:

• %APPDATA% MicrosoftCryptoRSAsid (where sid is the user SID)

• %ProgramData% MicrosoftCryptoRSAMachineKeys

From there, the ransomware erases the EFS data from memory, rendering the encrypted files inaccessible to the victim. Ideally, the researchers explain, it also wipes slack parts of the disk to ensure data from the EFS key files and temporary files used by EncryptFile can’t be retrieved. The malware can now encrypt data it stole from the two previously mentioned files using a public key hardwired into the ransomware and send encrypted data to the attacker. Files are encrypted at a deep level of the kernel and won’t be noticed by file-system filter drivers. The attack doesn’t require admin rights or human interaction, Klein writes in a blog post.

Every ransomware should have a way to restore the files, Klein explains, and this one is no different. An attacker would need to decrypt the key files using their private key to restore them to their original state. When this happens, Windows will be able to read the user files.

Researchers tested the EFS ransomware on Windows 10 64-bit versions 1803, 1809, and 1903. It should also work on Windows 32-bit operating systems and on earlier version of Windows — likely Windows 8.x, Windows 7, and Windows Vista.

Inside the Patching Process
The team tested its malware with three anti-ransomware tools from well-known vendors: ESET (Internet Security 12.1.34.0), Kaspersky (Anti Ransomware Tool for Business 4.0.0.861a), and Microsoft (Windows 10 Controlled Folder Access on Windows 10 64-bit version 1809, build 17763). All three failed to defend against this type of ransomware attack.

SafeBreach then notified 17 major anti-malware and anti-ransomware vendors for Windows endpoints, provided its proof of concept, and found many products were affected.

“The whole business of disclosing this threat to major solution vendors is about reducing the threat of this being used in the wild at some later point,” Klein says. SafeBreach disclosed the attack to companies in June and July 2019, he notes. More than six months passed between the time of disclosure to the last vendor and SafeBreach’s public disclosure today.

“Some vendors took a very short while to figure out what the problem is and how they want to address it,” he notes. “Other vendors took quite a bit of time to start working on addressing the issue.” Most affected vendors deployed updates to defend against this attack technique.

One possible workaround for this attack is to disable ESF entirely, which is possible with admin rights. Klein advises taking this route if your organization does not actively use the feature.

As ransomware evolves, security vendors must also adapt to defend against new and changing threats. Signature-based tools “are not up to this job,” Klein writes in his post, and while heuristics-based solutions hold promise, additional research is required to train them to protect against future threats.

Related Content:

• Massive Oracle Patch Reverses Company’s Trend Toward Fewer Flaws
• 7 Ways to Get the Most Out of a Penetration Test
• How Data Breaches Affect the Enterprise
• 2019 Online Malware and Threats: A Profile of Today’s Security Posture

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “With International Tensions Flaring, Cyber-Risk Is Heating Up for All Businesses.”

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance Technology, where she covered financial … View Full Bio

Article source: https://www.darkreading.com/risk/new-ransomware-tactic-shows-how-windows-efs-can-aid-attackers/d/d-id/1336849?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

A targeted attack is targeting a previously unknown vulnerability in Internet Explorer to corrupt memory and exploit victims’ Windows systems, Microsoft warned in an advisory published on January 17.

The flaw, described as a scripting engine memory corruption vulnerability and designated CVE-2020-0674, allows an attacker to take control of a Windows system by forcing it to use an older version of Microsoft’s JavaScript that is only present for backward compatibility. By default, Internet Explorer does not use the vulnerable dynamic library, Microsoft stated.

“The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user,” Microsoft stated in Advisory 200001. “An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.”

While the attack is serious, its impact is limited because Internet Explorer is only used by a limited number of users who want backward compatibility with older Microsoft technologies. Currently, only 2.3% of visitors use Internet Explorer 11, one of the vulnerable versions, according to W3counter.

The vulnerable library, codejscript.dll/code is typically not used, so an attacker needs to control the website or have created a web page that is opened in a vulnerable browser.

“By convincing a user to view a specially crafted HTML document — [that is,] a web page [or] an email attachment — PDF file, Microsoft Office document, or any other document that supports embedded Internet Explorer scripting engine content, an attacker may be able to execute arbitrary code,” Carnegie Mellon University’s CERT Coordination Center stated in an advisory.

Companies that rely on Internet Explorer — a much smaller portion than a decade ago — should apply Microsoft’s recommended workaround as soon as possible, says Casey Ellis, founder and chief technology officer of Bugcrowd.

“In the absence of a patch, having a workaround is crucial, and it’s great that Microsoft provided alternatives to mitigate the risk to users,” he says. “Since Google’s Threat Analysis Group reported the vulnerability, it’s unlikely that Chrome is affected by a similar bug and is safe to use.”

The advice to use another browser is a more viable protection, mostly since other browsers are now much more popular than Microsoft Edge. Currently, only about 8% of web visitors use either Internet Explorer or, more likely, Microsoft Edge, according to W3Counter.

This is not the first time that Microsoft has had to scramble to contain attacks targeted its older scripting engines. If it seems like deja vu, it’s because Microsoft patched a similar flaw in November. The issue, CVE-2019-1429, allowed attackers to corrupt the scripting engine’s memory using a specially crafted website or an ActiveX control.

A year before that, another vulnerability, CVE-2018-8653, affected the scripting engine of Internet Explorer, allowing attackers to execute Visual Basic scripts or Microsoft’s version of JavaScript.

Although Microsoft adopted a bug bounty to head off flaws, nation-state and criminal hackers continue to find ways to compromise systems, raising the question: If Microsoft’s bug bounty did not convince the attacker to sell the vulnerability information to the software maker, are bug bounties effective?

Bugcrowd’s Ellis defends the bounties because they raise the price of exploits and give ethical researchers another reason to disclose issues.

“This does not undermine bug bounties or crowdsourced security,” he says. “The reality is that since the exploit has been used in limited targeted attacks, it is likely an offensive buyer paid more for it than Microsoft was offering or it was developed in-house for offensive use.”

Ellis notes that Microsoft credited two organizations for finding the latest issue.

Related Content

• Microsoft Patches IE Zero-Day Among 74 Vulnerabilities
• Microsoft Issues Out-of-Band Patch for Internet Explorer
• Researchers Disclose New Vulnerabilities in Windows Drivers
• Attackers Use Scripting Flaw in Internet Explorer, Forcing Microsoft Patch

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “With International Tensions Flaring, Cyber-Risk Is Heating Up for All Businesses.”

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT’s Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline … View Full Bio

Article source: https://www.darkreading.com/vulnerabilities---threats/microsoft-dhs-warn-of-zero-day-attack-targeting-ie-users/d/d-id/1336851?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

A targeted attack is targeting a previously unknown vulnerability in Internet Explorer to corrupt memory and exploit victims’ Windows systems, Microsoft warned in an advisory published on January 17.

The flaw, described as a scripting engine memory corruption vulnerability and designated CVE-2020-0674, allows an attacker to take control of a Windows system by forcing it to use an older version of Microsoft’s JavaScript that is only present for backward compatibility. By default, Internet Explorer does not use the vulnerable dynamic library, Microsoft stated.

“The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user,” Microsoft stated in Advisory 200001. “An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.”

While the attack is serious, its impact is limited because Internet Explorer is only used by a limited number of users who want backward compatibility with older Microsoft technologies. Currently, only 2.3% of visitors use Internet Explorer 11, one of the vulnerable versions, according to W3counter.

The vulnerable library, codejscript.dll/code is typically not used, so an attacker needs to control the website or have created a web page that is opened in a vulnerable browser.

“By convincing a user to view a specially crafted HTML document — [that is,] a web page [or] an email attachment — PDF file, Microsoft Office document, or any other document that supports embedded Internet Explorer scripting engine content, an attacker may be able to execute arbitrary code,” Carnegie Mellon University’s CERT Coordination Center stated in an advisory.

Companies that rely on Internet Explorer — a much smaller portion than a decade ago — should apply Microsoft’s recommended workaround as soon as possible, says Casey Ellis, founder and chief technology officer of Bugcrowd.

“In the absence of a patch, having a workaround is crucial, and it’s great that Microsoft provided alternatives to mitigate the risk to users,” he says. “Since Google’s Threat Analysis Group reported the vulnerability, it’s unlikely that Chrome is affected by a similar bug and is safe to use.”

The advice to use another browser is a more viable protection, mostly since other browsers are now much more popular than Microsoft Edge. Currently, only about 8% of web visitors use either Internet Explorer or, more likely, Microsoft Edge, according to W3Counter.

This is not the first time that Microsoft has had to scramble to contain attacks targeted its older scripting engines. If it seems like deja vu, it’s because Microsoft patched a similar flaw in November. The issue, CVE-2019-1429, allowed attackers to corrupt the scripting engine’s memory using a specially crafted website or an ActiveX control.

A year before that, another vulnerability, CVE-2018-8653, affected the scripting engine of Internet Explorer, allowing attackers to execute Visual Basic scripts or Microsoft’s version of JavaScript.

Although Microsoft adopted a bug bounty to head off flaws, nation-state and criminal hackers continue to find ways to compromise systems, raising the question: If Microsoft’s bug bounty did not convince the attacker to sell the vulnerability information to the software maker, are bug bounties effective?

Bugcrowd’s Ellis defends the bounties because they raise the price of exploits and give ethical researchers another reason to disclose issues.

“This does not undermine bug bounties or crowdsourced security,” he says. “The reality is that since the exploit has been used in limited targeted attacks, it is likely an offensive buyer paid more for it than Microsoft was offering or it was developed in-house for offensive use.”

Ellis notes that Microsoft credited two organizations for finding the latest issue.

Related Content

• Microsoft Patches IE Zero-Day Among 74 Vulnerabilities
• Microsoft Issues Out-of-Band Patch for Internet Explorer
• Researchers Disclose New Vulnerabilities in Windows Drivers
• Attackers Use Scripting Flaw in Internet Explorer, Forcing Microsoft Patch

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “With International Tensions Flaring, Cyber-Risk Is Heating Up for All Businesses.”

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT’s Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline … View Full Bio

Article source: https://www.darkreading.com/vulnerabilities---threats/microsoft-dhs-warn-of-zero-day-attack-targeting-ie-users/d/d-id/1336851?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple