Microsoft Patch Tuesday, June 2020 Edition

Credit to Author: BrianKrebs| Date: Wed, 10 Jun 2020 02:43:20 +0000

Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed prior to today, but there are a few vulnerabilities that deserve special attention — particularly for enterprises and employees working remotely.

Read more

Microsoft Patch Tuesday, May 2020 Edition

Credit to Author: BrianKrebs| Date: Tue, 12 May 2020 21:16:38 +0000

Microsoft today issued software updates to plug at least 111 security holes in Windows and Windows-based programs. None of the vulnerabilities were labeled as being publicly exploited or detailed prior to today, but as always if you’re running Windows on any of your machines it’s time once again to prepare to get your patches on.

Read more

Microsoft Patch Tuesday, April 2020 Edition

Credit to Author: BrianKrebs| Date: Tue, 14 Apr 2020 22:24:10 +0000

Microsoft today released updates to fix 113 security vulnerabilities in its various Windows operating systems and related software. Those include at least three flaws that are actively being exploited, as well as two others which were publicly detailed prior to today, potentially giving attackers a head start in figuring out how to exploit the bugs.

Read more

‘War Dialing’ Tool Exposes Zoom’s Password Problems

Credit to Author: BrianKrebs| Date: Thu, 02 Apr 2020 14:43:04 +0000

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there’s a decent chance your next Zoom meeting could be “Zoom bombed” — attended or disrupted by someone who doesn’t belong. And according to data gathered by a new automated Zoom meeting discovery tool dubbed “zWarDial,” a crazy number major corporations are setting up meetings without passwords enabled.

Read more

Zyxel Flaw Powers New Mirai IoT Botnet Strain

Credit to Author: BrianKrebs| Date: Fri, 20 Mar 2020 14:46:15 +0000

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. This week, security researchers said they spotted that same vulnerability being exploited by a new variant of Mirai, a malware strain that targets vulnerable Internet of Things (IoT) devices for use in large-scale attacks and as proxies for other cybercrime activity.

Read more

Zxyel Flaw Powers New Mirai IoT Botnet Strain

Credit to Author: BrianKrebs| Date: Fri, 20 Mar 2020 14:46:15 +0000

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. This week, security researchers said they spotted that same vulnerability being exploited by a new variant of Mirai, a malware strain that targets vulnerable Internet of Things (IoT) devices for use in large-scale attacks and as proxies for other cybercrime activity.

Read more

Microsoft Patch Tuesday, March 2020 Edition

Credit to Author: BrianKrebs| Date: Tue, 10 Mar 2020 23:44:29 +0000

Microsoft Corp. today released updates to plug more than 100 security holes in its various Windows operating systems and associated software. If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch your PCs.

Read more

Zyxel 0day Affects its Firewall Products, Too

Credit to Author: BrianKrebs| Date: Wed, 26 Feb 2020 14:43:31 +0000

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products.

Read more