June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange
For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly …
Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)
For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass …
Cybersecurity leaders introduced open-source information sharing to help OT community
A group of OT cybersecurity leaders and critical infrastructure defenders introduced their plans for ETHOS (Emerging THreat Open Sharing), an open-source, vendor-agnostic …
Microsoft patches zero-day exploited by attackers (CVE-2023-28252)
It’s April 2023 Patch Tuesday, and Microsoft has released fixes for 97 CVE-numbered vulnerabilities, including one actively exploited zero-day (CVE-2023-28252). About …
3CX customers targeted via trojanized desktop app
Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …
Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)
It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 76 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, …
Vulnerabilities of years past haunt organizations, aid attackers
Known vulnerabilities – those for which patches have already been made available – are the primary vehicle for cyberattacks, according to Tenable. The Tenable report …
Video walkthrough: Cybertech Tel Aviv 2023
Help Net Security is in Israel this week for Cybertech Tel Aviv 2023, talking to the key players from the cybersecurity industry and businesses from a wide range of sectors, …
Microsoft plugs actively exploited zero-day hole (CVE-2023-21674)
To mark the January 2023 Patch Tuesday, Microsoft has released patches for 98 CVE-numbered vulnerabilities, including one exploited in the wild (CVE-2023-21674) and one …
A year later, Log4Shell still lingers
72% of organizations remain vulnerable to the Log4Shell vulnerability as of October 1, 2022, Tenable‘s latest telemetry study has revealed, based on data collected from …
Microsoft fixes many zero-days under attack
November 2022 Patch Tuesday is here, with fixes for many vulnerabilities actively exploited in the wild, including CVE-2022-41091, a Windows Mark of the Web bypass flaw, and …
Adaptive Shield and Tenable joint solution helps organizations protect their SaaS stack
Adaptive Shield has joined forces with Tenable, to provide a consolidated posture management solution that correlates the risk of SaaS users and their endpoints. While SaaS …
Featured news
Resources
Don't miss
- Hard-coded credentials found in Moxa industrial security appliances, routers (CVE-2025-6950)
- China-linked Salt Typhoon hackers attempt to infiltrate European telco
- Most AI privacy research looks the wrong way
- Why ex-military professionals are a good fit for cybersecurity
- Nodepass: Open-source TCP/UDP tunneling solution