Month: October 2024
Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, and Apple has addressed a bug in its new macOS 15 “Sequoia” update that broke many cybersecurity…
Read MoreTD Synnex, ConnectWise, Critical Start, ThoughtSpot, Microsoft, CrowdStrike and Capgemini were among the tech companies making key executive hires and moves in September 2024. New CEOs at TD Synnex, ConnectWise, ThoughtSpot and Critical Start were among the biggest executive moves in September. Taking those top spots, respectively, were Patrick Zammit, previously with Avnet; Manny Rivelo,…
Read MoreAn automated scanner has been released to help security professionals scan environments for devices vulnerable to the Common Unix Printing System (CUPS) RCE flaw tracked as CVE-2024-47176. The flaw, which enables attackers to perform arbitrary remote code execution if certain conditions are met, was disclosed late last month by the person who discovered it, Simone…
Read MoreMicrosoft reminded customers today that multiple editions of Windows 11 22H2 and 21H2 have reached their end of servicing. This announcement applies to Windows 11 22H2 Home, Pro, Pro Education, Pro for Workstations, and SE editions released on September 20, 2022. One year after the Home and Pro editions, Windows 11 21H2 Enterprise, Education, and IoT…
Read MoreCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43047 Qualcomm Multiple Chipsets Use-After-Free Vulnerability CVE-2024-43572 Microsoft Windows Management Console Remote Code Execution Vulnerability CVE-2024-43573 Microsoft Windows MSHTML Platform Spoofing Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks…
Read MoreAdobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates: Security update available for Adobe Substance 3D Printer| APSB24-52 Security…
Read MoreAn emerging phishing-as-a-service (PhaaS) platform called Mamba 2FA has been observed targeting Microsoft 365 accounts in AiTM attacks using well-crafted login pages. Additionally, Mamba 2FA offers threat actors an adversary-in-the-middle (AiTM) mechanism to capture the victim’s authentication tokens and bypass multi-factor authentication (MFA) protections on their accounts. Mamba 2FA is currently sold to cybercriminals for…
Read MoreIt’s the third time in 2024 that has seen Microsoft’s monthly patch release consist of fixes for more than 100 vulnerabilities, according to Trend Micro’s Dustin Childs. For the third time in 2024, Microsoft’s monthly patch release has included fixes for more than 100 vulnerabilities, according to a Trend Micro researcher. The tech giant disclosed…
Read MoreHolding its TechEd Virtual event this week, the software giant is also significantly expanding its SAP Build development tools offerings and debuting new Knowledge Graph software for Joule to provide data context for AI tasks. Software giant SAP is expanding the capabilities of its Joule generative AI copilot, adding collaborative AI agents that the company…
Read MoreMicrosoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Source link lol
Read MoreRecent Posts
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict