The zero-day attacks against Microsoft’s software products are showing no signs of slowing down.
Microsoft Scrambles to Thwart New Zero-Day Attacks
Microsoft: China Flaw Disclosure Law Part of Zero-Day Exploit Surge
The world’s largest software maker is warning that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks.
Over 250 US News Websites Deliver Malware via Supply Chain Attack
Hundreds of regional and national news websites in the United States are delivering malware as a result of a supply chain attack involving one of their service providers.
Industrial Ransomware Attacks: New Groups Emerge, Manufacturing Pays Highest Ransom
Industrial organizations continue to be a top target for ransomware attacks, and reports published by cybersecurity companies this week reveal some recent trends.
Apple Fixes Exploited Zero-Day With iOS 16.1 Patch
Apple on Monday shipped a major iOS update with fixes at least 20 documented security defects, including a kernel flaw that’s already being actively exploited in the wild.
CISA Tells Organizations to Patch Linux Kernel Vulnerability Exploited by Malware
The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a Linux kernel flaw to its Known Exploited Vulnerabilities Catalog and instructed federal agencies to address it within three weeks.
New PowerShell Backdoor Poses as Part of Windows Update Process
Cybersecurity firm SafeBreach has issued a warning about a new PowerShell backdoor that disguises itself as part of the Windows update process to remain fully undetected.
Bolsters Raises $15M to Tackle Fakes and Frauds
California startup Bolster, Inc. has raised $15 million in venture capital funding to build a fraud prevention platform for businesses.
The early-stage funding round was led by Cervin, Liberty Global Ventures, and Cheyenne Ventures with participation from previous investors Thomvest Ventures and Crosslink Capital.
IDA Pro Owner Hex-Rays Acquired by European VC Firm
European venture capital and private equity firm Smartfin on Tuesday announced a deal to acquire Hex-Rays, the Belgian company behind the widely deployed IDA Pro software disassembler.
Zimbra Patches Under-Attack Code Execution Bug
Messaging and collaboration software maker Zimbra has rushed out patches to provide cover for a code execution flaw that has already been exploited to plant malware on target machines.
