Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)
The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation …
Researchers defeat facial recognition systems with universal face mask
Can attackers create a face mask that would defeat modern facial recognition (FR) systems? A group of researchers from from Ben-Gurion University of the Negev and Tel Aviv …
Are your site’s tracking technologies breaking the law?
Two irresistible yet conflicting forces are creating a real risk for businesses that operate on the web, which is every business that exists in 2022. Those forces are tracking …
Product showcase: ImmuniWeb Neuron, DAST with a zero false positives SLA
Few organizations can afford regular penetration testing of their numerous web applications, APIs and microservices. Instead, they usually leverage a fully automated web …
Linode + Kali Linux: Added security for cloud instances
Kali Linux, the popular open source Linux distribution specialized for penetration testing, ethical hacking and security auditing, can now be used by Linode customers. Getting …
BlackCat (aka ALPHV) ransomware is increasing stakes up to $2.5 million in demands
The notorious cybercriminal syndicate competes with Conti and Lockbit 3.0. They introduced an advanced search by stolen victim’s passwords, and confidential documents leaked …
Dealing with threats and preventing sensitive data loss
Recently, Normalyze, a data-first cloud security platform, came out of stealth with $22.2M in Series A funding. This was the perfect time to catch up with co-founder and CEO …
Nearly all governmental websites serve cookies or third-party trackers
In some countries up to 90% of governmental websites add third-party tracker cookies without users’ consent. This occurs even in countries with strict user privacy laws, …
Week in review: Quantum-resistant encryption, attackers using deepfakes, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Healthcare organizations targeted with Maui ransomware A less known …
Checkmate ransomware hits QNAP NAS devices
QNAP Systems is warning about Checkmate, a new piece of ransomware targeting users of its network-attached storage (NAS) appliances. “Preliminary investigation indicates …
July 2022 Patch Tuesday forecast: A summertime lull?
June 2022 Patch Tuesday wrapped up a few loose ends we were waiting on. The Follina remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT) …
New infosec products of the week: July 8, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Action1, Kingston Digital, LogRhythm, and Socura. Kingston IronKey Locker+ 50 …
Featured news
Resources
Don't miss
- Cybercriminals exploit RMM tools to steal real-world cargo
- Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware
- How nations build and defend their cyberspace capabilities
- Uncovering the risks of unmanaged identities
- Deepfakes, fraud, and the fight for trust online