Security News > 2021 > May > Week in review: Patch Tuesday forecast, how to select a DLP solution, is it OK to publish PoC exploits?
Apple fixes four zero-days under attackA week after Apple patched a macOS zero-day exploited by Shlayer malware for months for months, the company has released new security updates for macOS, iOS, iPadOS and watch OS that plug four additional zero-days that "May have been actively exploited".
Users increasingly putting password security best practices into playWhile there is awareness of password security best practices, there is still work to be done to put that awareness to full use, a Bitwarden survey reveals.
How modern workflows can benefit from pentestingPentesting can fortify organizations' general security posture and is a critical measure organizations should put in place proactively to prevent security breaches.
Kubestriker: A security auditing tool for Kubernetes clustersKubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters.
These domains are like the real thing and are often visited by users who have mistyped the genuine domain URL. Acting on a security risk assessment of your organization's use of SalesforceSalesforce is responsible for the security of its platform, and the organization has done a tremendous job of repelling a constant barrage of external threats.
Is it OK to publish PoC exploits for vulnerabilities and patches?While publishing PoC exploits for patched vulnerabilities is common practice, this one came with an increased risk of threat actors using them to attack the thousands of servers not yet protected.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/8lPmJIG99M8/
Related news
- October 2024 Patch Tuesday forecast: Recall can be recalled (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft cleans up hot mess of Patch Tuesday preview (source)
- Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- Emergency patch: Cisco fixes bug under exploit in brute-force attacks (source)
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)