Security News > 2024 > July > Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach

Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach
2024-07-14 08:00

Critical vulnerability in the RADIUS protocol leaves networking equipment open to attackA new critical security vulnerability in the RADIUS protocol, dubbed BlastRADIUS, leaves most networking equipment open to Man-in-the-Middle attacks.

Zero-day patched by Microsoft has been exploited by attackers for over a yearCVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li has revealed.

Microsoft's cybersecurity dilemma: An open letter to Satya NadellaMicrosoft is suffering cybersecurity failures due to systemic problems with strategic leadership.

Strengthening cybersecurity preparedness with defense in depthIn this Help Net Security interview, Chaim Mazal, Chief Security Officer at Gigamon, discusses cybersecurity preparedness measures for businesses, the impact of international inconsistencies on global operations, and the board's role in cybersecurity.

How companies increase risk exposure with rushed LLM deploymentsIn this Help Net Security interview, Jake King, Head of Threat & Security Intelligence at Elastic, discusses companies' exposure to new security risks and vulnerabilities as they rush to deploy LLMs. Exploring the root causes of the cybersecurity skills gapIn this Help Net Security interview, Koma Gandy, VP of Leadership and Business at Skillsoft, addresses the critical aspects of the cybersecurity skills gap, the need for diverse talent and continuous upskilling in areas like AI and cloud computing.

Cybersecurity jobs available right now: July 10, 2024We've scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field.


News URL

https://www.helpnetsecurity.com/2024/07/14/week-in-review-radius-protocol-critical-vuln-microsoft-0-day-exploited-for-a-year-att-breach/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-07-09 CVE-2024-38112 Unspecified vulnerability in Microsoft products
Windows MSHTML Platform Spoofing Vulnerability
0.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2820 161 4400
Protocol 12 0 1 15 1 17