April showers Windows updates on sysadmins
Credit to Author: Angela Gunn| Date: Tue, 11 Apr 2023 18:34:37 +0000
A 98-CVE Patch Tuesday marks another big haul for the OS
Read MoreComputer Security Articles
RSS Reader for Computer Security Articles
windows
Zero-day vulnerability in CLFS | Kaspersky official blog
Credit to Author: Editorial Team| Date: Tue, 11 Apr 2023 17:57:20 +0000
Update Windows: Nokoyawa ransomware operators exploiting CVE-2023-28252 zero-day vulnerability in the Common Log File System (CLFS).
Read MoreStill using Windows 10 21H2? Time to upgrade
So you have a Windows 10 computer — or a fleet of them. But which exact version of Windows 10? If you are on Windows 10, version 21H2, its end of servicing is coming up on June 13, 2023. For Windows 10 Home, Windows 10 Pro, Windows 10 Pro Education, and Windows 10 Pro for Workstations, version 21H2 will stop being offered updates — including security updates — after June. (For Windows 10 Enterprise and Windows 10 Education customers, support for 21H2 lasts another year.)
Why should you upgrade to a new feature release if your existing machines are working just fine? As Windows 10 comes into its final years of support (through to 2025), it’s key to keep machines on supported versions so you can receive security updates. Take the time to review the machines under your control and ensure that they are ready for the end of 21H2 support.
Ransomware as a service? Windows users can still fight back.
Ransomware.
It’s one word that can strike a chill in anyone from a corporate C-suite to a home user. It’s sometimes hard to get a feel for the overall ransomware industry (and yes, it’s now an industry). But based on anecdotal reviews of forums and social media, it appears as though attacks against individuals are slowing. I no longer see people report they’ve been hit by ransomware on their PCs.
But it may be that attackers have realized that going after “one-off” targets isn’t the best business plan. In fact, in a recent Microsoft Secure online seminar (registration required), Jessica Payne and Geoff McDonald discuss how ransomware is now a big business, offered as a service by those who sell access to compromised networks to others.
Supply chain attack on 3CX customers | Kaspersky official blog
Credit to Author: Editorial Team| Date: Thu, 30 Mar 2023 14:51:00 +0000
SmoothOperator: attack via the supply chain on clients of the 3CX VoIP telephony system.
Read MoreDeep Dive into Royal Ransomware
Credit to Author: Vaibhav Billade| Date: Wed, 29 Mar 2023 12:04:53 +0000
The rise of ransomware and malware variants has been a growing concern for individuals and organizations alike. With…
The post Deep Dive into Royal Ransomware appeared first on Quick Heal Blog.
Read MorePatch Office and Windows now to resolve two zero-days
Microsoft has resolved 80 new CVEs this month in addition to four earlier CVEs, bringing the number of security issues addressed in this month’s Patch Tuesday release to 84.
Unfortunately, we have two zero-day flaws in Outlook (CVE-2023-23397) and Windows (CVE-2023-24880) that require a “Patch Now” release requirement for both Windows and Microsoft Office updates. As it was last month, there were no further updates for Microsoft Exchange Server or Adobe Reader. This month the team at Application Readiness has provided a helpful infographic that outlines the risks associated with each of the updates for this cycle.
Why you shouldn’t use desktop messengers | Kaspersky official blog
Credit to Author: Alanna Titterington| Date: Tue, 07 Mar 2023 13:54:53 +0000
Desktop versions of WhatsApp, Telegram, Signal and the like have much less protection than mobile apps.
Read More