Microsoft Kicks Off 2022 With 96 Security Patches
Microsoft today released its first Patch Tuesday rollout of 2022, which brought fixes for 96 CVEs. Nine of the vulnerabilities are called Critical and six are publicly known, though...
Microsoft: macOS ‘Powerdir’ Flaw Could Enable Access to User Data
Microsoft today disclosed a vulnerability in Apple's macOS that could enable an attacker to gain unauthorized access to protected user data through bypassing the Transparency, Consent, and Control (TCC)...
5 Things to Know About Next-Generation SIEM
The market for traditional security information and event management (SIEM) solutions is dying, and not a moment too soon. When examining the success of enterprise cybersecurity product segments during...
FBI, NSA & CISA Issue Advisory on Russian Cyber Threat to US Critical Infrastructure
At a time when US-Russian diplomatic tensions are high amid another round of talks on security concerns between the nations recently concluding, the US Cybersecurity and Infrastructure Security Agency (CISA), FBI,...
Details Released on SonicWall Flaws in SMA Devices
Details have been released on multiple vulnerabilities affecting the SonicWall Secure Mobile Access (SMA) 100 series of devices, which include the SMA 200, 210, 400, 410, and 500v.Rapid7 lead...
Microsoft: macOS ‘Powerdir’ Flaw Could Let Attackers Gain Access to User Data
Microsoft today disclosed a vulnerability in Apple's macOS that could enable an attacker to gain unauthorized access to protected user data through bypassing the Transparency, Consent, and Control (TCC)...
No Significant Intrusions Related to Log4j Flaw Yet, CISA Says
In the one month since news broke of a critical remote code execution vulnerability in the Log4j logging framework, there have been no major intrusions tied to the flaw...
FBI Warns FIN7 Campaign Delivers Ransomware via BadUSB
The FBI has warned of a FIN7 cybercrime campaign in which attackers mail USB thumb drives to US organizations with the goal of delivering ransomware into their environments.In an...
NHS Warns of Attackers Targeting Log4j Flaws in VMware Horizon
The UK's National Health Service (NHS) Digital has issued an advisory warning of attackers actively targeting Log4j vulnerability CVE-2021-44228 in VMware Horizon servers to establish persistence.Officials say the threat group...
How to Proactively Limit Damage From BlackMatter Ransomware
The BlackMatter ransomware strain that's been used in numerous attacks against US critical infrastructure entities and other large organizations in recent months has a serious logic flaw in its...