Please turn on your JavaScript for this page to function normally.
patch tuesday
Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an …

law
Law firms under cyberattack

In April 2023, Australian law firm HWL Ebsworth was hit by a cyberattack that possibly resulted in data of hundreds of its clients and dozens of government agencies being …

patch tuesday
June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange

For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly …

cloud
Incorporating cloud security teams into the SOC enhances operational efficiencies

Security leaders are recognizing that cloud and the way cloud security teams work today are becoming increasingly critical to business and IT operations, according to Trend …

Patch Tuesday
Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)

For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass …

risk
Organizations brace for cyber attacks despite improved preparedness

Cyber-risk levels have improved from “elevated” to “moderate” for the first time, but insiders represent a persistent threat for global organizations, …

PaperCut
PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates

Clop and LockBit ransomware affiliates are behind the recent attacks exploiting vulnerabilities in PaperCut application servers, according to Microsoft and Trend Micro …

Papercut
PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)

An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application …

Patch Tuesday
Microsoft patches zero-day exploited by attackers (CVE-2023-28252)

It’s April 2023 Patch Tuesday, and Microsoft has released fixes for 97 CVE-numbered vulnerabilities, including one actively exploited zero-day (CVE-2023-28252). About …

identity
Criminal businesses adopt corporate behavior as they grow

As criminal groups increase in size, they adopt corporate-like behavior, but this shift brings about its own set of challenges and costs, according to Trend Micro. “The …

3CX
3CX supply chain attack: What do we know?

Five days have passed since the supply chain attack targeting 3CX customers gained wider public attention, but the software’s manufacturer is yet to confirm how the …

3CX
3CX customers targeted via trojanized desktop app

Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …

Don't miss

Cybersecurity news