Microsoft’s Patch Tuesday train rumbled into Windows networks with fixes for 51 documented security vulnerabilities, some serious enough to cause full computer takeover attacks.
Microsoft Patches for 51 Windows Security Defects
Law Enforcement Blowback, Cyber Insurance Renewals Powering Anti-Ransomware Success
High-Severity Flaw in Argo CD is Information Leak Risk
A high-severity security vulnerability in Argo CD could allow an attacker to access sensitive information from target applications.
Microsoft Says Mac Trojan Becoming Stealthier, More Menacing
Malware hunters at Microsoft are calling attention to a nasty macOS malware family that has evolved quickly from a basic information-gathering trojan to a stealthy backdoor with more powerful capabilities.
Microsoft, Symantec Share Notes on Russian Hacks Hitting Ukraine
Threat hunters at Microsoft and Symantec are sharing notes on a barrage of new cyberespionage attacks from Russia’s spy agency hitting organizations in Ukraine.
Target Open Sources Web Skimmer Detection Tool
Retail giant Target this week announced the open source availability of an internal tool designed for the detection of web skimming attacks.
Volexity Warns of ‘Active Exploitation’ of Zimbra Zero-Day
Malware hunters at Volexity are raising the alarm for a Chinese threat actor seen exploiting a zero-day flaw in the Zimbra email platform to infect media and government targets in Europe.
1,300 Malicious Packages Found in Popular npm JavaScript Package Manager
Malicious actors are using the npm registry as the start point for open source software (OSS) supply chain attacks.
Open source software offers huge potential for criminals and nation states to deliver widespread supply chain attacks. OSS registries provide a major feeding ground with easy access.
Attack Surface Management Play Censys Scores $35M Investment
The jostling for space in the attack surface management space intensified this week with Michigan startup Censys banking a new $35 million funding round to fuel growth and expansion.
