-
Windows PGM Accounts for Half of Patch Tuesday’s Critical Flaws
Microsoft’s Patch Tuesday for June 2023 addresses 78 vulnerabilities, a significant increase from last month’s total of 37. While six of the flaws are critical, Microsoft says none are currently being exploited in the wild. The six critical vulnerabilities are as follows: Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative, noted […]
-
5 Ways to Configure a SIEM for Accurate Threat Detection
A security information and event management (SIEM) system is about as complicated as a security tool can get, pulling in log and threat data from a wide range of sources to look for signs of a cyber attack. Not surprisingly, they can be challenging to manage. A recent Gurucul survey of over 230 security pros […]
-
New Apple RSR Flaw Blocks MDM Functionality on macOS Devices
Addigy, which provides management solutions for Apple devices, today warned that Apple’s new Rapid Security Response (RSR) updates aren’t being delivered to as many as 25 percent of macOS devices in managed environments, and that the failure to do so is also impacting mobile device management (MDM) stacks on those devices. RSR updates are new […]
-
A Threat to Passkeys? BrutePrint Attack Bypasses Fingerprint Authentication
Security researchers recently published a paper detailing an attack they say can be used to bypass smartphone fingerprint authentication. Yiling He of China’s Zhejiang University and Yu Chen of Tencent Security’s Xuanwu Lab are calling the attack BrutePrint, which they say can be used to hijack fingerprint images. An attack like BrutePrint could present a […]
-
Cisco Warns of Multiple Flaws in Small Business Series Switches
Cisco is warning that nine significant vulnerabilities in its Small Business Series Switches could enable unauthenticated remote attackers to cause a denial-of-service condition or execute arbitrary code with root privileges on affected devices. The vulnerabilities are caused by improper validation of requests sent to the switches’ web interfaces, the company said. While the Cisco Product […]
-
Microsoft Flaws Include Secure Boot Bypass, System-Level Takeovers
Microsoft’s Patch Tuesday for May 2023 fixes two actively exploited vulnerabilities, including a Secure Boot bypass and system-level takeover.
-
Google Launches Passkeys in Major Push for Passwordless Authentication
Passkeys are a promising technology for passwordless authentication, and Google is leading the way.
-
Misconfigured Registries: Security Researchers Find 250 Million Artifacts Exposed
Development teams are exposing critical data and secrets online. Here’s what to do about it.
-
Attackers Continue to Leverage Signed Microsoft Drivers
In December of last year, Microsoft worked with SentinelOne, Mandiant, and Sophos to respond to an issue in which drivers certified by Microsoft’s Windows Hardware Developer Program were being used to validate malware. Unfortunately, the problem hasn’t gone away. In a recent Mastodon post, security expert Kevin Beaumont observed, “Microsoft are still digitally signing malware […]
-
Windows CLFS Vulnerability Used for Ransomware Attacks
Microsoft’s Patch Tuesday for April 2023 targets 97 vulnerabilities, seven of them rated critical – as well as one that’s currently being exploited in the wild. The one flaw that’s currently being exploited, CVE-2023-28252, is an elevation of privilege vulnerability in the Windows Common Log File System (CLFS) Driver that could provide an attacker with […]
