Trend Micro
A “light” February 2022 Patch Tuesday that should not be ignored
February 2022 Patch Tuesday is here and it’s all-around “light” – light in fixed CVE-numbered vulnerabilities (51), extremely light in critical fixes …
Samba bug may allow code execution as root on Linux machines, NAS devices (CVE-2021-44142)
A critical vulnerability (CVE-2021-44142) in Samba, a widely used open source implementation of the Server Message Block (SMB) networking protocol, could allow attackers to …
Microsoft fixes wormable RCE in Windows Server and Windows (CVE-2022-21907)
The first Patch Tuesday of 2022 is upon us, and Microsoft has delivered patches for 96 CVE-numbered vulnerabilities, including a wormable RCE flaw in Windows Server …
The cyber risk future doesn’t look good, but organizations are ready
A Trend Micro report predicts global organizations will emerge more alert and better prepared in 2022 thanks to a comprehensive, proactive, cloud-first approach to mitigating …
Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890)
It’s the final Patch Tuesday of 2021 and Microsoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability (CVE-2021-43890) actively exploited to …
Cybercrime supply chain: Fueling the rise in ransomware
Trend Micro released a research detailing the murky cybercrime supply chain behind much of the recent surge in ransomware attacks. Demand has increased so much over the past …
After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)
A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its …
Businesses compromise on cybersecurity in favor of other goals
90% of IT decision makers claim their business would be willing to compromise on cybersecurity in favor of digital transformation, productivity, or other goals. Additionally, …
Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321, CVE-2021-42292)
It’s a light November 2021 Patch Tuesday from Microsoft: 55 fixed CVEs, of which two are zero-days under active exploitation: CVE-2021-42321, a Microsoft Exchange RCE, …
BEC attacks: Scammers’ latest tricks
BEC attacks are generally low-volume but, according to a recent survey by GreatHorn, 71% of organizations experienced at least one in the past year. Trend Micro’s latest …
Tom Kellermann joins Attivo Networks Advisory Board
Attivo Networks announced that Tom Kellermann has joined the company’s Advisory Board. Mr. Kellermann joins Attivo’s Advisory board as a highly respected cybersecurity expert …
Microsoft patches actively exploited Windows zero-day (CVE-2021-40449)
On October 2021 Patch Tuesday, Microsoft has fixed 71 CVE-numbered vulnerabilities. Of those, only one was a zero-day exploited in attacks in the wild (CVE-2021-40449) and …
Featured news
Resources
Don't miss
- Building cyber resilience in always-on industrial environments
- Breaking the cycle of attack playbook reuse
- Kanister: Open-source data protection workflow management tool
- Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144)
- Windows 10: How to get security updates for free until 2026