Security News > 2021 > May > Week in review: Patch Tuesday forecast, how to select a DLP solution, is it OK to publish PoC exploits?
Apple fixes four zero-days under attackA week after Apple patched a macOS zero-day exploited by Shlayer malware for months for months, the company has released new security updates for macOS, iOS, iPadOS and watch OS that plug four additional zero-days that "May have been actively exploited".
Users increasingly putting password security best practices into playWhile there is awareness of password security best practices, there is still work to be done to put that awareness to full use, a Bitwarden survey reveals.
How modern workflows can benefit from pentestingPentesting can fortify organizations' general security posture and is a critical measure organizations should put in place proactively to prevent security breaches.
Kubestriker: A security auditing tool for Kubernetes clustersKubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters.
These domains are like the real thing and are often visited by users who have mistyped the genuine domain URL. Acting on a security risk assessment of your organization's use of SalesforceSalesforce is responsible for the security of its platform, and the organization has done a tremendous job of repelling a constant barrage of external threats.
Is it OK to publish PoC exploits for vulnerabilities and patches?While publishing PoC exploits for patched vulnerabilities is common practice, this one came with an increased risk of threat actors using them to attack the thousands of servers not yet protected.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/8lPmJIG99M8/
Related news
- February 2024 Patch Tuesday forecast: Zero days are back and a new server too (source)
- Week in review: 10 must-read cybersecurity books, AnyDesk hack, Patch Tuesday forecast (source)
- Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 74 flaws (source)
- Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flaws (source)
- Exploit available for new critical TeamCity auth bypass bug, patch now (source)
- March 2024 Patch Tuesday forecast: A popular framework updated (source)
- Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast (source)
- Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs (source)
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- March Patch Tuesday sees Hyper-V join the guest-host escape club (source)