Week in review

Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools 2024-10-13 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October 2024 Patch Tuesday, Microsoft has […]

React to this headline:

Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast 2024-10-06 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, and Microsoft started the month by announcing the release of Windows

React to this headline:

Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released 2024-09-29 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Windows Server 2025 gets hotpatching option, without reboots Organizations that plan to upgrade to Windows Server 2025 once

React to this headline:

Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18 2024-09-22 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical VMware vCenter Server bugs fixed (CVE-2024-38812) Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can

React to this headline:

Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days 2024-09-15 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) CVE-2024-40711, a critical

React to this headline:

Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast 2024-09-08 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability allows Yubico security keys to be cloned Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys

React to this headline:

Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE 2024-09-01 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen

React to this headline:

Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited 2024-08-25 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. Vulnerabilities in Microsoft

React to this headline:

Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions 2024-08-18 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day vulnerability (CVE-2024-38200)

React to this headline:

Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast 2024-08-11 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: August 2024 Patch Tuesday forecast: Looking for a calm August release August 2024 July ended up being more ‘exciting’ than many

React to this headline:

Week in review: VMware ESXi zero-day exploited, SMS Stealer malware targeting Android users 2024-08-04 at 10:31 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Why a strong patch management strategy is essential for reducing business risk In this Help Net Security interview, Eran Livne,

React to this headline:

Week in review: CrowdStrike-triggered outage insights, recovery, and measuring cybersecurity ROI 2024-07-28 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update By now, most people are aware of – or

React to this headline:

Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw 2024-07-21 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Faulty CrowdStrike update takes out Windows machines worldwide Thousands and possibly millions of Windows computers and servers worldwide have been

React to this headline:

Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach 2024-07-14 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers stole call, text records of “nearly all” of AT&T’s cellular customers Hackers leveraging stolen Snowflake account credentials

React to this headline:

Week in review: A need for a DDoS response plan, human oversight in AI-enhanced software development 2024-07-07 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 4 key steps to building an incident response plan In this Help Net Security interview, Mike Toole,

React to this headline:

Week in review: MOVEit auth bypass flaws quitely fixed, open-source Rafel RAT targets Androids 2024-06-30 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) Progress Software has patched one critical (CVE-2024-5805) and one high-risk

React to this headline:

Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed 2024-06-23 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The rise of SaaS security teams In this Help Net Security interview, Hillary Baron, Senior Technical Director for Research at CSA, highlights

React to this headline:

Week in review: JetBrains GitHub plugin vulnerability, 20k FortiGate appliances compromised 2024-06-16 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) JetBrains has fixed a critical vulnerability (CVE-2024-37051) that could expose

React to this headline:

Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast 2024-06-09 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) If you’re self-hosting an Atlassian Confluence Server or Data Center installation, you

React to this headline:

Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution 2024-06-02 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RansomLord: Open-source anti-ransomware exploit tool RansomLord is an open-source tool that automates the creation of PE files,

React to this headline: