Microsoft fixes wormable RCE in Windows Server and Windows (CVE-2022-21907)
The first Patch Tuesday of 2022 is upon us, and Microsoft has delivered patches for 96 CVE-numbered vulnerabilities, including a wormable RCE flaw in Windows Server …
Infosec products of the month: December 2021
Here’s a look at the most interesting products from the past month, featuring releases from Action1, AwareGO, BlackBerry, Box, Castellan Solutions, Cloudflare, Code42, Cossack …
The Log4j saga: New vulnerabilities and attack vectors discovered
The Apache Log4j saga continues, as several new vulnerabilities have been discovered in the popular library since Log4Shell (CVE-2021-44228) was fixed by releasing Log4j …
Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890)
It’s the final Patch Tuesday of 2021 and Microsoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability (CVE-2021-43890) actively exploited to …
New infosec products of the week: December 10, 2021
Here’s a look at the most interesting products from the past week, featuring releases from Action1, Cloudflare, Code42, F5 Networks, NetQuest, Oxeye, SentinelOne and Tenable. …
Tenable.cs prevents cloud security risk and improves developer productivity
Tenable released Tenable.cs, adding new cloud-native security capabilities to its platform. Coming on the heels of its acquisition of Accurics, Tenable.cs enables …
Attackers exploit another zero-day in ManageEngine software (CVE-2021-44515)
A vulnerability (CVE-2021-44515) in ManageEngine Desktop Central is being leveraged in attacks in the wild to gain access to server running the vulnerable software. About …
New infosec products of the week: December 3, 2021
Here’s a look at the most interesting products from the past week, featuring releases from Castellan Solutions, Cossack Labs, Immuta, IriusRisk, Tenable, ThreatConnect, …
Open source cloud native security analyzer Terrascan embeds security into native DevOps tooling
Tenable enhanced Terrascan, an open source cloud native security analyzer that helps developers secure Infrastructure as Code (IaC). The new capabilities enable organizations …
Infosec products of the month: November 2021
Here’s a look at the most interesting products from the past month, featuring releases from 1Password, Avast, Boxcryptor, Code42, ColorTokens, Cynamics, Fortanix, Hiya, …
Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321, CVE-2021-42292)
It’s a light November 2021 Patch Tuesday from Microsoft: 55 fixed CVEs, of which two are zero-days under active exploitation: CVE-2021-42321, a Microsoft Exchange RCE, …
New infosec products of the week: November 5, 2021
Here’s a look at the most interesting product releases from the past week, featuring releases from Cynamics, Imperva, Linux Foundation, Netscout and Tenable. Nessus 10 is out, …
Featured news
Resources
Don't miss
- Coinbase suffers data breach, gets extorted (but won’t pay)
- Samsung patches MagicINFO 9 Server vulnerability exploited by attackers
- Building cybersecurity culture in science-driven organizations
- How Kim Crawley challenges big tech in “Digital Safety in a Dangerous World”
- Google strengthens secure enterprise access from BYOD Android devices