Security News

As a Cloud Security Operations and Compliance Professional, you will support the availability, integrity, and security of ongoing Security Services operations. Have knowledge of and be able to define and recommend security policy changes to security devices such as firewalls, proxies, email gateways, Intrusion Detection/Prevention Systems, end-point application whitelisting and anti-virus solutions, and Data Loss Prevention solutions.

In this Help Net Security video, Mark Millender, Senior Advisor of Global Executive Engagement at Tanium, discusses the overall sentiment from CISOs of large, public companies on the effectiveness and understanding of SEC's cyber disclosure rules and common misconceptions and gray areas to watch for. Learn what C-suite leaders can expect from the cyber disclosure rules in the next 6-12 months based on feedback, effectiveness, and guidance from industry peers.

Unplanned downtime is costing the world's largest companies $400 billion a year, or roughly 9% of their profits, a new report has found. The Hidden Costs of Downtime report surveyed 2,000 executives, including CFOs, CMOs, engineers, and IT and security professionals, from Global 2000 companies in 53 countries and a range of industries.

Patch Tuesday Microsoft kicked off our summer season with a relatively light June Patch Tuesday, releasing updates for 49 CVE-tagged security flaws in its products - including one bug deemed critical, a fairly terrifying one in wireless networking, and one listed as publicly disclosed. It could allow a remote, unauthenticated attacker to execute arbitrary code by sending a specially crafted malicious MSMQ packet to a vulnerable Windows system, such as a Windows Server box.

June 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw and a RCE vulnerability in Microsoft Outlook. CVE-2024-30080 is a use after free flaw affecting Microsoft Message Queuing and can be exploited by unauthenticated attackers by sending a specially crafted malicious MSMQ packet to a MSMQ server.

Microsoft has released the Windows Server 2022 KB5039227 and Windows Server 2019 KB5039217 cumulative updates with security fixes and fixes for a variety of bugs. These updates are mandatory as they are part of Microsoft's June 2024 Patch Tuesday and contain security updates for 51 vulnerabilities.

JetBrains warned customers to patch a critical vulnerability that impacts users of its IntelliJ integrated development environment apps and exposes GitHub access tokens. "In particular, malicious content as part of a pull request to a GitHub project which would be handled by IntelliJ-based IDEs, would expose access tokens to a third-party host."

Microsoft is rolling out the KB5039212 cumulative update for Windows 11 version 23H3 with thirty-seven improvements and changes, including better drag-and-drop support in the File Explorer address bar. You can go to Start > Settings > Windows Update and click 'Check for Updates' to download the update.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Microsoft has released the KB5039211 cumulative update for Windows 10 21H2 and Windows 10 22H2 with 12 changes, including a Snipping Tool feature that allows you to edit Android photos in Windows. The Windows 10 KB5039211 update is mandatory as it contains containing Microsoft's June 2024 Patch Tuesday security updates.