Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
Patch Tuesday
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)

For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug …

russian flag
100+ domains seized to stymie Russian Star Blizzard hackers

Microsoft and the US Justice Department have seized over 100 domains used by Star Blizzard, a Russian nation-state threat actor. “Between January 2023 and August 2024, …

Patch Tuesday
October 2024 Patch Tuesday forecast: Recall can be recalled

October 2024 Patch Tuesday is now live: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) October arrived, and Microsoft started the month …

HNS
Darktrace brings real-time cloud detection and response to Microsoft Azure customers

Darktrace announced the expansion of Darktrace / CLOUD to support Microsoft Azure environments. The AI-driven Cloud Detection and Response (CDR) system leverages …

cloud
Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts

Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. …

Microsoft Recall
Microsoft revised the controversial Copilot+ Recall feature

Microsoft has made changes to Recall – the screenshot-taking, AI-powered search feature for Copilot+ PCs running Windows 11 – to reassure users worried about …

HNS
Portnox enhances passwordless risk-based access for enterprise applications

Portnox announced support for Microsoft External Authentication Methods (EAM) for its Conditional Access for Applications solution. This new integration extends …

Windows Server
Windows Server 2025 gets hotpatching option, without reboots

Organizations that plan to upgrade to Windows Server 2025 once it becomes generally available will be able to implement some security updates by hotpatching running processes. …

laptop
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering web pages on Windows – “was …

patch tuesday
September 2024 Patch Tuesday forecast: Downgrade is the new exploit

September 2024 Patch Tuesday is now live: Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes I asked for a calm August 2024 Patch …

HNS
Veeam Software expands protection for Microsoft 365

Veeam Software announced Veeam Backup for Microsoft 365 v8, which delivers comprehensive and flexible immutability for Microsoft 365 data. Now organizations can ensure their …

Google Chrome
New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)

A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity …

Don't miss

Cybersecurity news