As part of its March 2022 security updates, Microsoft on Tuesday patched a class spoofing vulnerability in Defender for Endpoint and warned of its impact on all platforms.
Microsoft Warns of Spoofing Vulnerability in Defender for Endpoint
16 Vulnerabilities Found in Firmware of HP Enterprise Devices
Firmware security company Binarly has discovered more than a dozen potentially serious vulnerabilities affecting UEFI firmware present on devices from HP and possibly other vendors.
The Psychology of Ransomware Response
SAP Patches Critical Security Flaws in Monitoring Solutions
German software maker SAP this week announced the release of 12 new and four updated security notes as part of its March 2022 Patch Day.
Patch Tuesday: Microsoft Fixes Multiple Code Execution Flaws
Microsoft’s Patch Tuesday bundle for this month is a big one: 74 documented vulnerabilities in multiple Windows products and components, some serious enough to lead to remote code execution attacks.
Adobe Patches ‘Critical’ Security Flaws in Illustrator, After Effects
Software maker Adobe on Tuesday shipped urgent security updates to fix code execution vulnerabilities in the widely deployed Illustrator and After Effects products.
FBI Warns of RagnarLocker Ransomware Attacks on Critical Infrastructure
The Federal Bureau of Investigation (FBI) this week published an alert to provide additional information on the RagnarLocker ransomware, along with indicators of compromise (IoCs) associated with the malware.
Medical, IoT Devices From Many Manufacturers Affected by ‘Access:7’ Vulnerabilities
Many IoT and medical devices are affected by seven potentially serious vulnerabilities discovered in widely used remote management software, according to enterprise security company Forescout.
Webinar Today: Protect the Software Supply Chain, Eliminate Risks in Code
U.S. State Governments Targeted by Chinese Hackers via Zero-Day in Agriculture Tool
A threat group believed to be sponsored by the Chinese government has breached the networks of U.S. state governments, including through the exploitation of a zero-day vulnerability.
