Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698)
It’s December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw (CVE-2022-44698) exploited by …
State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP! (CVE-2022-27518)
An unauthenticated remote code execution flaw (CVE-2022-27518) is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller (ADC) …
Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)
A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. “Fortinet …
24% of technology applications contain high-risk security flaws
With, arguably, a higher proportion of applications to contend with than other industries, tech firms would benefit from implementing improved secure coding training and …
Privacy concerns are limiting data usage abilities
Access to data is significantly limited by data privacy and protection regulations, according to a survey conducted by Bloor Research. The report reveals that 60% of the data …
eBook: 4 ways to secure passwords, avoid corporate account takeover
Enterprising cybercriminals don’t have to work very hard to gain access to your network and all the valuable information stored inside it. That’s because employee accounts are …
Vulnerability with public PoC affects Cisco IP phones, fix unavailable (CVE-2022-20968)
A high-risk stack overflow vulnerability (CVE-2022-20968) may allow attackers to DoS or possibly even execute code remotely on Cisco 7800 and 8800 Series IP phones, the …
Product showcase: The Intruder vulnerability management platform
Vulnerability scanning is a fundamental component of every good cyber security strategy – but it can be challenging to get right. Intruder created a vulnerability management …
Most startups have cyber insurance but are uncertain about how much risk is covered
Despite the significant economic headwinds startups currently face – from a challenging fundraising landscape to inflation woes and difficult operational decisions – company …
Security is no longer an internal affair
67% of respondents to a recent survey indicated their company had lost a business deal due to the customer’s lack of confidence in their security strategy. Dimensional …
Week in review: Rackspace outage, Kali Linux 2022.4 released, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Rackspace Hosted Exchange outage was caused by ransomware Rackspace has …
December 2022 Patch Tuesday forecast: Fine-tuning the connectivity
Microsoft wrapped up a lot of ‘loose ends’ last month with their November set of updates, but there is still some work to do before the end-of-year holiday season. The …