Security News > 2024 > July > Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach
Critical vulnerability in the RADIUS protocol leaves networking equipment open to attackA new critical security vulnerability in the RADIUS protocol, dubbed BlastRADIUS, leaves most networking equipment open to Man-in-the-Middle attacks.
Zero-day patched by Microsoft has been exploited by attackers for over a yearCVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li has revealed.
Microsoft's cybersecurity dilemma: An open letter to Satya NadellaMicrosoft is suffering cybersecurity failures due to systemic problems with strategic leadership.
Strengthening cybersecurity preparedness with defense in depthIn this Help Net Security interview, Chaim Mazal, Chief Security Officer at Gigamon, discusses cybersecurity preparedness measures for businesses, the impact of international inconsistencies on global operations, and the board's role in cybersecurity.
How companies increase risk exposure with rushed LLM deploymentsIn this Help Net Security interview, Jake King, Head of Threat & Security Intelligence at Elastic, discusses companies' exposure to new security risks and vulnerabilities as they rush to deploy LLMs. Exploring the root causes of the cybersecurity skills gapIn this Help Net Security interview, Koma Gandy, VP of Leadership and Business at Skillsoft, addresses the critical aspects of the cybersecurity skills gap, the need for diverse talent and continuous upskilling in areas like AI and cloud computing.
Cybersecurity jobs available right now: July 10, 2024We've scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field.
News URL
Related news
- Microsoft SharePoint RCE bug exploited to breach corporate network (source)
- Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)
- Week in review: Microsoft fixes exploited 0-day, top cybersecurity books for your holiday gift list (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-09 | CVE-2024-38112 | Unspecified vulnerability in Microsoft products Windows MSHTML Platform Spoofing Vulnerability | 0.0 |