Security News > 2021 > May > Week in review: Patch Tuesday forecast, how to select a DLP solution, is it OK to publish PoC exploits?
Apple fixes four zero-days under attackA week after Apple patched a macOS zero-day exploited by Shlayer malware for months for months, the company has released new security updates for macOS, iOS, iPadOS and watch OS that plug four additional zero-days that "May have been actively exploited".
Users increasingly putting password security best practices into playWhile there is awareness of password security best practices, there is still work to be done to put that awareness to full use, a Bitwarden survey reveals.
How modern workflows can benefit from pentestingPentesting can fortify organizations' general security posture and is a critical measure organizations should put in place proactively to prevent security breaches.
Kubestriker: A security auditing tool for Kubernetes clustersKubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters.
These domains are like the real thing and are often visited by users who have mistyped the genuine domain URL. Acting on a security risk assessment of your organization's use of SalesforceSalesforce is responsible for the security of its platform, and the organization has done a tremendous job of repelling a constant barrage of external threats.
Is it OK to publish PoC exploits for vulnerabilities and patches?While publishing PoC exploits for patched vulnerabilities is common practice, this one came with an increased risk of threat actors using them to attack the thousands of servers not yet protected.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/8lPmJIG99M8/
Related news
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Mitel MiCollab zero-day and PoC exploit unveiled (source)
- December 2024 Patch Tuesday forecast: The secure future initiative impact (source)
- PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files (source)