Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Oreo Giant Mondelez Settles NotPetya 'Act of War' Insurance Suit

The settlement muddies the waters even further for the viability of war exclusion clauses when it comes to cyber insurance.

DARKReading
Open in Source
#web#mac#microsoft#git#intel#samba#zero_day
Researchers Find Links b/w Black Basta Ransomware and FIN7 Hackers

A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak) group. This link "could suggest either that Black Basta and FIN7 maintain a special relationship or that one or more individuals belong to both groups," cybersecurity firm SentinelOne said in a technical write-up shared with The Hacker News. Black

Security Leaders Share 5 Steps to Strengthen Cyber Resilience

These aren't quick fixes, but by prioritizing needs based on risk, organizations can incrementally apply these steps to become more resilient.

Mimecast Unveils Email Security, Cloud Integrated for Optimized Flexibility and Speed

Award-winning email security leader expands best-in-class offerings with gateway-less deployment solution that streamlines security, increases visibility, and enhances efficacy for IT teams.

Awareness and guidance related to OpenSSL 3.0 – 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602)

Summary   Microsoft is aware and actively addressing the impact associated with the recent OpenSSL vulnerabilities announced on October 25th 2022, fixed in version 3.0.7. As part of our standard processes, we are rolling out fixes for impacted services.  Any customer action that is required will be highlighted in this blog and our associated Security Update … Awareness and guidance related to OpenSSL 3.0 – 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602) Read More »

The Rise of Rust, the ‘Viral’ Secure Programming Language That’s Taking Over Tech

Rust makes it impossible to introduce some of the most common security vulnerabilities. And its adoption can’t come soon enough.

How to Narrow the Talent Gap in Cybersecurity

We can bridge that gap by spreading the word about the opportunities, the requirements, and the many tools available to help applicants break into the field.

Red Hat Security Advisory 2022-7273-01

Red Hat Security Advisory 2022-7273-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.0 serves as a replacement for Red Hat JBoss Web Server 5.6.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include denial of service and privilege escalation vulnerabilities.

Netskope Threat Research: Next Generation of Phishing Attacks Uses Unexpected Delivery Methods to Steal Data

Report reveals new top sources of fake login page referrals, rise of fake third-party cloud apps used to trick users.