Security
Headlines
HeadlinesLatestCVEs

Source

Malwarebytes

How IT teams can conduct a vulnerability assessment for third-party applications

A quick IT guide for conducting a vulnerability assessment.

Malwarebytes
#vulnerability#google#chrome
Windows 10 gets its own extended security updates program

Microsoft announced it will offer a similar extended security updates program for Windows 10 as it did for Windows 7

Adobe Coldfusion vulnerability used in attacks on government servers

CISA has published an advisory about a vulnerability in Adobe Coldfusion used in two attacks against federal agencies.

Roblox and Twitch provider Tipalti breached by ransomware

Accounting software provider Tivalti is investigating ALPHV/BlackCat claims it was breached. In a typical supply-chain attack ALPHV is threatening some of their customers like Roblox and Twitch

23andMe says, er, actually some genetic and health data might have been accessed in recent breach

23andMe has released new details about the credential stuffing attack that took place in October.

Why a ransomware gang tattled on its victim, with Allan Liska: Lock and Code S04E24

This week on the Lock and Code podcast, we speak with Allan Liska about why a ransomware group tattled on its own victim, and what to expect next year.

Update your iPhones! Apple fixes two zero-days in iOS

Apple has released an emergency security update for two zero-day vulnerabilities which may have already been exploited.

Social media giants to testify over failing to protect kids

US senators issued subpoenas for the CEO’s of five social media giants to testify about their "failure to protect children online".

A week in security (November 27 – December 3)

A list of topics we covered in the week of November 27 to December 3 of 2023

Explained: Domain fronting

Domain fronting is a technique to hide the true origin of HTTPS requests by hiding the real domain name encrypted inside a legitimate TLS request.