Microsoft issues emergency patch for dangerous Windows RCE bug

Security Digest Information security news and advice from TechTarget's network | May 10, 2017 FEATURED STORY Microsoft out of band patch hits the day before Patch Tuesday by Michael Heller, Senior Reporter The evening before Patch Tuesday, Microsoft released an emergency out of band patch for a dangerous Windows flaw teased by the Google Project Zero team just days earlier. (SearchSecurity.com) Advertisement NEWS   Intel AMT security risk could lead to system access Servers may have been at risk of attack for years because of an Intel AMT security risk that was recently disclosed before manufacturers could patch. (SearchSecurity.com)   New types of ransomware innovate to find opportunity There is no shortage of new types of ransomware, many with unique features, and experts say it's an exercise in innovation and finding revenue opportunity. (SearchSecurity.com)   SS7 vulnerability allows attackers to drain bank accounts News roundup: Attackers exploit SS7 vulnerability and drain bank accounts. Plus, Trump signs government IT executive order, an Intel AMT flaw threatens millions and more. (SearchSecurity.com)   TLS client authentication ensures secure IoT connection The TLS client authentication protocol has been part of the security standard for years, but it's just now coming into its own in certifying secure IoT connections. (SearchSecurity.com)   Google Docs phishing attack grants attacker full Gmail access A Google Docs phishing attack abused OAuth to give malicious actors full access to a victim's Gmail account and contacts, but Google claims to have blocked the attacks. (SearchSecurity.com)   Risk & Repeat: Symantec offers plan to restore certificate trust In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Symantec's continued struggles with certificate trust, and what Mozilla and Google are doing about it. (SearchSecurity.com) EXPERT ADVICE   Identifying and addressing overlooked web security vulnerabilities Certain web security vulnerabilities evade detection due to oversight or carelessness. Expert Kevin Beaver discusses the top overlooked issues and how to address them. (SearchSecurity.com)   ISAOs: The benefits of sharing security information ISAOs are a good way for organizations to share information about security threats. Expert Steven Weil explains what these organizations are and their attributes. (SearchSecurity.com)   How hackers use Google cloud services to attack enterprises Hackers, such as the Carbanak group, use Google cloud services to infiltrate organizations' systems. Expert Rob Shapland explains how that works and what can be done to stop it. (SearchCloudSecurity.com)   How should companies prepare for EU GDPR compliance? Companies that don't meet GDPR compliance standards by May 2018 will be fined. Expert Matthew Pascucci looks at how Microsoft is preparing, and what other companies should do. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2017 TechTarget. All rights reserved.