Security News > 2022 > December > Week in review: Citrix and Fortinet RCEs, Microsoft fixes exploited zero-day
State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP!An unauthenticated remote code execution flaw is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller deployments, the US National Security Agency has warned.
Microsoft fixes exploited zero-day, revokes certificate used to sign malicious driversIt's December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw exploited by attackers to deliver a variety of malware.
Security measures to protect Kubernetes workloadsIn this Help Net Security video, Deepak Goel, CTO of D2iQ, provides insight into which security measures can help organizations that use Kubernetes better protect their workloads - and the implications of what can happen if they don't.
Security is no longer an internal affair67% of respondents to a recent survey indicated their company had lost a business deal due to the customer's lack of confidence in their security strategy.
How companies can avoid costly data breachesIn this Help Net Security video, Balaji Ganesan, CEO at Privacera, talks about how organizations are moving to a zero-trust framework and beyond, meaning they have security frameworks that span from perimeter apps to their data at a granular level.
Lack of key domain security measures leaves organizations at riskIn this Help Net Security video, Ihab Shraim, CTO at CSC, talks about how 75% of the Forbes Global 2000 are exposing themselves to significant enterprise risks as third parties maliciously register their brands, and they fail to implement key domain security measures.
News URL
Related news
- CISA tags Microsoft SharePoint RCE bug as actively exploited (source)
- Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs (source)
- Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234) (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included (source)
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
- Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) (source)
- PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers (source)