Security News > 2023 > November > Week in review: Exploited Citrix Bleed vulnerability, Atlassian patches critical Confluence bug
From Windows 9x to 11: Tracing Microsoft's security evolutionIn this Help Net Security interview, we feature security researcher Alex Ionescu, the co-author of Windows Internals, one of the founding employees of CrowdStrike, now running his consulting company, Winsider Seminars & Solutions, where he continues to do security research focusing on platform security.
How human behavior research informs security strategiesIn this Help Net Security interview, Kai Roer, CEO at Praxis Security Labs, explores the theoretical underpinnings, practical implications, and the crucial role of human behavior in cybersecurity.
Atlassian patches critical Confluence bug, urges for immediate actionAtlassian is urging enterprise administrators to update their on-premises Confluence Data Center and Server installations quickly to plug a critical security vulnerability that could lead to "Significant data loss if exploited by an unauthenticated attacker."
Finding the right approach to security awarenessIn this Help Net Security video, Larry Zorio, CISO at Mark43, explains how security awareness and training is one of the most important controls you can focus on, and it's really good hygiene for your company.
How security observability can help you fight cyber attacksIn this Help Net Security video, Jack Coates, Senior Director of Product Management, Observe, discusses how security observability can give customers the power to identify attacks, the cost structure to afford security countermeasures, and the user experience to merge security use cases with operational use cases.
Why legacy system patching can't waitIn this Help Net Security video, Joao Correia, Technical Evangelist of TuxCare, discusses a false sense of security, fear of change, and the complexity of outdated software can be daunting to well-meaning security professionals.
News URL
Related news
- Apache fixes critical OFBiz remote code execution vulnerability (source)
- Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) (source)
- GitLab warns of critical pipeline execution vulnerability (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks (source)
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)