Cybersecurity Daily: News & Threats
(00:00:00) Defender's 29-Day Patch Gap, MRU Ransomware & Cyber Insurance Controls (00:01:14) Mount Royal University Ransomware (00:02:15) Student Data Left Unprotected (00:03:01) Delete-After-Steal Breaks Backup Logic (00:03:19) Cyber Insurance Tightening Controls A critical privilege escalation flaw in Windows Defender's Malware Protection Engine went unpatched for 29 days after a public proof-of-concept dropped — and that gap is more than a statistic. Researcher Nightmare Eclipse published the exploit for CVE-2026-50656, rated CVSS 7.8, while Microsoft assessed it as "Exploitation More Likely." The fix is now live in engine version 1.1.26060.3008, but security teams need to verify deployment across every endpoint. Three of Nightmare Eclipse's prior Defender disclosures — BlueHammer, RedSun, and UnDefend — were each weaponised in live attacks before patches arrived. A fifth disclosure is claimed for July 14. Meanwhile, ransomware group CMD Organization claims to have exfiltrated 10 terabytes from Mount Royal University, then deleted the contents of the H drive entirely. Their demand: $1.9 million — more than three times their typical ask. The delete-after-steal tactic breaks the standard backup-and-restore defence model. You can recover files; you cannot un-expose data an adversary already holds. Student passport scans were published as proof of access, yet the university's credit monitoring offer covered employees only — a compliance and reputational risk in one move. Rounding out today's briefing: cyber insurers have abandoned the checkbox questionnaire model. Coverage now requires documented, verifiable proof of MFA, endpoint detection and response tooling, and active incident response plans. The gap between what organisations document and what they actually run is where claims are increasingly denied. Patch, verify, and revisit any backup-centric assumptions before your next renewal. This episode includes AI-generated content.
62 episodes
Comments
0Be the first to comment
Sign up now and become a member of the Cybersecurity Daily: News & Threats community!