Security News
Microsoft on Tuesday kicked off its first set of updates for 2022 by plugging 96 security holes across its software ecosystem, while urging customers to prioritize patching for what it calls a critical "Wormable" vulnerability. The patches cover a swath of the computing giant's portfolio, including Microsoft Windows and Windows Components, Exchange Server, Microsoft Office and Office Components, SharePoint Server,.
Microsoft's first Patch Tuesday of 2022 has, for some folk, broken Hyper-V and sent domain controllers into boot loops. As well as the broken Hyper-V, popular tech blog Born City noted problems with boot loops on domain controllers, with other versions of Windows Server affected.
Today is Microsoft's January 2022 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 97 flaws. [...]
Ransomware attacks decrease, operators started rebrandingPositive Technologies experts have analyzed the Q3 2021 cybersecurity threatscape and found a decrease in the number of unique cyberattacks. How can SMBs extend their SecOps capabilities without adding headcount?While cybersecurity budgets are rising, most small and some midsize organizations looking to employ skilled cybersecurity professionals are often unable to match salaries offered by big enterprises in a job market where demand outstrips supply.
Even though Apache released the zero-day fix for CVE-2021-44228, it takes a while for companies who use this library to update, test, and release a new version. January 2022 Patch Tuesday forecast I mentioned Microsoft has been busy addressing several issues already this year, so we may see more than the 29 and 30 vulnerabilities addressed in Windows 11 and 10 respectively.
Today is Microsoft's December 2021 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 67 flaws. Microsoft has fixed 55 vulnerabilities with today's update, with seven classified as Critical and 60 as Important.
Critical RCE 0day in Apache Log4j library exploited in the wildA critical zero-day vulnerability in Apache Log4j, a widely used Java logging library, is being leveraged by attackers in the wild.Kali Linux 2021.4 released: Wider Samba compatibility, The Social-Engineer Toolkit, new tools, and more!Offensive Security released Kali Linux 2021.4, which comes with a number of improvements: wider Samba compatibility, switching package manager mirrors, enhanced Apple M1 support, Kaboxer theming, updates to Xfce, GNOME and KDE, Raspberry Pi Zero 2 W + USBArmory MkII ARM images, as well as new tools.
While there are older vulnerabilities dating back to 2014, most of these vulnerabilities are from 2020-2021 and updating an entire organization can take months of planning and execution if you don't have an efficient patch management infrastructure in place. Assuming we have a few quiet weeks following Patch Tuesday, take a moment to compare your program to these and see how you stack up.
The November 2021 Patch Tuesday updates from Microsoft and Adobe are out. The a critical patch to the Windows Servicing Stack, which is how Windows delivers and installs updates, especially to machines that are running versions of Windows no longer receiving regular support.
Microsoft reported a total of 55 vulnerabilities, six of which are rated critical, with the remaining 49 being rated important. Still, as always, this Patch Tuesday delivers high-priority fixes, the most urgent of which being the duo that are under attack.