Security News > 2024 > March > Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast
What organizations need to know about the Digital Operational Resilience ActIn this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, discusses the impact of the Digital Operational Resilience Act on organizations across the EU, particularly in ICT risk management and cybersecurity.
Cisco patches Secure Client VPN flaw that could reveal authentication tokensCisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which could be exploited by unauthenticated, remote attackers to grab users' valid SAML authentication token.
Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly!JetBrains has fixed two critical security vulnerabilities affecting TeamCity On-Premises and is urging customers to patch them immediately.
Immediate AI risks and tomorrow's dangers"At the most basic level, AI has given malicious attackers superpowers," Mackenzie Jackson, developer and security advocate at GitGuardian, told the audience last week at Bsides Zagreb.
Integrating software supply chain security in DevSecOps CI/CD pipelinesIn this Help Net Security video, Henrik Plate, Security Researcher at Endor Labs, talks about this report, which provides actionable measures to integrate the various building blocks of software supply chain security assurance into CI/CD pipelines to enhance the preparedness of organizations to address supply chain security in the development and deployment of cloud-native applications.
95% believe LLMs making phishing detection more challengingMore than 95% of responding IT and security professionals believe social engineering attacks have become more sophisticated in the last year, according to LastPass.
News URL
Related news
- What Is Patch Tuesday? Microsoft’s Monthly Update Explained (source)
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance (source)
- Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- Windows Patch Tuesday hits snag with Citrix software, workarounds published (source)
- Phishing Emails Targeting Australian Firms Rise by 30% in 2024 (source)
- February 2025 Patch Tuesday forecast: New directions for AI development (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)