Microsoft Fixes Two Zero-Day Bugs Used in Attacks
Microsoft patched two zero-day vulnerabilities being actively exploited in the wild as part of its September Patch Tuesday yesterday.The first...
News
UK ICO and NCSC Set to Share Anonymized Threat Intelligence
The UK’s data protection regulator and its leading security agency have signed an agreement to cooperate more closely on cyber...
US-CERT Vulnerability Summary for the Week of September 4, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocanonical_ltd. -- snapd_for_linuxUsing the TIOCLINUX ioctl request, a malicious snap could inject...
Alert: New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints
Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on...
Researchers Detail 8 Vulnerabilities in Azure HDInsight Analytics Service
More details have emerged about a set of now-patched cross-site scripting (XSS) flaws in the Microsoft Azure HDInsight open-source analytics...
Microsoft Warns of New Phishing Campaign Targeting Corporations via Teams Messages
Microsoft is warning of a new phishing campaign undertaken by an initial access broker that involves using Teams messages as...
Webinar: Identity Threat Detection & Response (ITDR) – Rips in Your Identity Fabric
In today's digital age, SaaS applications have become the backbone of modern businesses. They streamline operations, enhance productivity, and foster...
Microsoft Releases Patch for Two New Actively Exploited Zero-Days Flaws
Microsoft has released software fixes to remediate 59 bugs spanning its product portfolio, including two zero-day flaws that have been...
How Cyberattacks Are Transforming Warfare
There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in...
Rust-Written 3AM Ransomware: A Sneak Peek into a New Malware Family
A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in...
Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability
Adobe's Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat...
Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird
Mozilla on Tuesday released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively...
Why Network Visibility Doesn’t Have to be so Complicated
Cybersecurity has become a core priority in the business world and, as Internet of Things (IoT) devices proliferate, home network...
Free Download Manager site redirected Linux users to malware for years
A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing...
‘Redfly’ hackers infiltrated power supplier’s network for 6 months
An espionage threat group tracked as 'Redfly' hacked a national electricity grid organization in Asia and quietly maintained access to...
Apple backports BLASTPASS zero-day fix to older iPhones
Apple released security updates for older iPhones to fix a zero-day vulnerability tracked as CVE-2023-41064 that was actively exploited to...
CISA offers free security scans for public water utilities
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has announced it is offering free security scans for critical infrastructure facilities,...
Ransomware access broker steals accounts via Microsoft Teams phishing
Image: Midjourney Microsoft says an initial access broker known for working with ransomware groups has recently switched to Microsoft Teams...
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web...
New ‘MetaStealer’ malware targets Intel-based macOS systems
A new information stealer malware named 'MetaStealer' has appeared in the wild, stealing a wide variety of sensitive information from...
Adobe warns of critical Acrobat and Reader zero-day exploited in attacks
Adobe has released security updates to patch a zero-day vulnerability in Acrobat and Reader tagged as exploited in attacks. Even...
Mozilla Products Remote Code Execution Vulnerability
A vulnerability was identified in Mozilla Products, a remote attacker could exploit this vulnerability to trigger remote code execution on...
Google Chrome Remote Code Execution Vulnerability
A vulnerability was identified in Google Chrome. A remote attacker could exploit this vulnerability to trigger remote code execution on...
Microsoft Monthly Security Update (September 2023)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesBrowser Low Risk Windows High RiskElevation of Privilege Denial of Service...