Microsoft Patches Critical Exchange Server Flaw
Remote code execution vulnerability among 71 bug fixes issued in March Patch Tuesday.
Read More...
After a Busy December Attacks on Log4j Vulnerability Dropped
While attackers and researchers shift their attention to the next new vulnerability, security teams make sure they finish patching vulnerable Log4j versions in ...
Read More...
More Than 70% of SOC Analysts Experiencing Burnout
Nearly 65% of security operations center (SOC) analysts are likely to change jobs in the next year, survey shows.
Read More...
Ukrainian Troops Targeted in Phishing Attacks by Suspected Belarusian APT
Ukraine's Computer Emergency Response Team calls out UNIC1151 nation-state hacking group out of Belarus as behind the attacks.
Read More...
GitHub Opens Security Database to Community Contributions
The Microsoft company will allow community members to add information and code samples to security advisories using the standard pull request to change the docu...
Read More...
Accelerated Ransomware Attacks Pressure Targeted Companies to Speed Response
Threat actors have focused on two ends of the spectrum — quick, impactful attacks or stealthy intrusions — making strong prevention and faster response more imp...
Read More...
Best Practices
Critical flaws in remote management agent impacts thousands of medical devices
Critical vulnerabilities in a software agent that's used for remote management could allow hackers to execute malicious code and commands on thousands of med...
Read More...
Nvidia hackers release code-signing certificates that malware can abuse
The hacker group that recently broke into systems belonging to graphics chip maker Nvidia has released two of the company's old code-signing certificates. Re...
Read More...
Facebook and Microsoft are the most impersonated brands in phishing
Facebook jumped to the top spot in the 20 most impersonated brands by phishers in 2021, representing 14% of phishing pages, according to Vade's annual Phishe...
Read More...
Attivo Networks expands Active Directory protection
A popular target of attackers, Microsoft Active Directory will receive an extra measure of protection under a new offering announced Thursday by Attivo Netwo...
Read More...
New Threats and Vulnerabilities
CVE-2021-4002
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned...
Read More...
CVE-2021-43590
Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a Plain-text password storage vulnerability. A local high privil...
Read More...
CVE-2022-0845
Code Injection in GitHub repository pytorchlightning/pytorch-lightning prior to 1.6.0.
Read More...
CVE-2022-22943
VMware Tools for Windows (11.x.y and 10.x.y prior to 12.0.0) contains an uncontrolled search path vulnerability. A malicious actor with local administrative pri...
Read More...
CVE-2022-25106
D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to cause a Denia...
Read More...
CVE-2021-38988
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Fo...
Read More...
Patch Management
Cloud computing: Microsoft fixes Azure flaw that could have allowed access to other accounts
Microsoft has fixed a bug in its Azure Automation service that allowed an attacker on the service to access resources and data of other users.
Read More...
FBI warns: This ransomware group has gone after critical infrastructure firms again and again
FBI raises an alarm about RagnarLocker, a ransomware gang that hides its malware inside a Windows XP virtual machine.
Read More...
Google is buying cybersecurity company Mandiant for $54 billion
Cybersecurity services and threat intelligence resources come with deal, which will see Mandiant join Google Cloud.
Read More...
Phishing attempts from FancyBear and Ghostwriter stepping up says Google
Google TAG also sees Chinese Mustang Panda going after Europeans and DDoS attempts against Ukrainian targets.
Read More...
Microsofts latest Windows patches fix the bug causing user data not to be erased
Microsoft is rolling out a fix for the Windows reset bug discovered a few weeks ago as part of its Windows 10 and 11 Patch Tuesday updates.
Read More...
.png)
.png)
.png)
.png)
