Security News > 2024 > October

Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense...

ESET researchers have discovered a series of attacks that took place in Europe from May 2022 to March 2024, where the attackers used a toolset capable of targeting air-gapped systems, in a...

70% of customer-facing APIs are secured using HTTPS, leaving nearly one-third of these APIs completely unprotected, according to F5. This is a stark contrast to the 90% of web pages that are now...

Cloud Cybersecurity Analyst III Texas Health and Human Services | USA | Hybrid – View job details As a Cloud CSAIII, you will be responsible for designing, implementing, and managing security...

Plus: SAP re-patches a failed patch for critical-rated flaw Patch Tuesday It's the second Tuesday of the month, which means Patch Tuesday, bringing with it fixes for numerous flaws, bugs and...

An automated scanner has been released to help security professionals scan environments for devices vulnerable to the Common Unix Printing System (CUPS) RCE flaw tracked as CVE-2024-47176. [...]

Given Amnesty's involvement, it's a safe bet spyware is in play Qualcomm has issued 20 patches for its chipsets' firmware, including one Digital Signal Processor (DSP) software flaw that has been...

Microsoft reminded customers today that multiple editions of Windows 11 22H2 and 21H2 have reached their end of servicing. [...]

An emerging phishing-as-a-service (PhaaS) platform called Mamba 2FA has been observed targeting Microsoft 365 accounts in AiTM attacks using well-crafted login pages. [...]

For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML...