RSS Reader for Computer Security Articles
Credit to Author: BrianKrebs| Date: Thu, 15 Jun 2023 15:40:09 +0000
The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.
Read More
Credit to Author: BrianKrebs| Date: Tue, 13 Jun 2023 20:44:28 +0000
Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month’s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn’t marred by the active exploitation of a zero-day vulnerability in Microsoft’s products.
Read More
Credit to Author: BrianKrebs| Date: Thu, 08 Jun 2023 20:17:06 +0000
It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.
Read More
Credit to Author: BrianKrebs| Date: Wed, 10 May 2023 01:19:58 +0000
Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks.
Read More
Credit to Author: BrianKrebs| Date: Fri, 28 Apr 2023 02:09:56 +0000
A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in.
Read More
Credit to Author: BrianKrebs| Date: Wed, 12 Apr 2023 00:06:51 +0000
Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being used to attack iPhones, iPads and Macs.
Read More
Credit to Author: BrianKrebs| Date: Wed, 15 Mar 2023 15:19:32 +0000
Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction.
Read More
Credit to Author: BrianKrebs| Date: Tue, 14 Feb 2023 21:01:41 +0000
Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different “zero-day” vulnerabilities that are already being used in active attacks.
Read More