Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) If …
Windows Recall will be opt-in and the data more secure, Microsoft says
The insistent public complaints and proof-of-concept tools have have borne fruit: Microsoft has realized that the security of its recently previewed Windows Recall feature …
SolarWinds fixes severe Serv-U vulnerability (CVE-2024-28995)
SolarWinds has fixed a high-severity vulnerability (CVE-2024-28995) affecting its Serv-U managed file transfer (MFT) server solution, which could be exploited by …
June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft
May 2024 Patch Tuesday was unusual because we had security updates from Adobe, Apple, Google, Mozilla, and Microsoft on the same day. While individually from each vendor, the …
Cyber insurance isn’t the answer for ransom payments
Ransomware remains an ongoing threat for organizations and is the largest single cause of IT outages and downtime as 41% of data is compromised during a cyberattack, according …
26% of organizations lack any form of IT security training
26% of organizations don’t provide IT security training to end-users, according to Hornetsecurity. The Hornetsecurity survey, which compiled feedback from industry …
New infosec products of the week: June 7, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Appdome, SailPoint, Tines, Trend Micro, Verimatrix, and Zyxel Networks. Zyxel …
Zyxel patches critical flaws in EOL NAS devices
Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that …
Webinar: Exposure management and your attack surface
Your business, attack surface, and threat landscape are not static—they are constantly changing. New vulnerabilities are disclosed hourly, new exploits for old vulnerabilities …
Sniffnet: Free, open-source network monitoring
Sniffnet is a free, open-source network monitoring tool to help you easily track your Internet traffic. What sets it apart is its strong focus on user experience. Unlike most …
78% of SMBs fear cyberattacks could shut down their business
94% of SMBs have experienced at least one cyberattack, a dramatic rise from 64% in 2019, according to ConnectWise. This increase in cyberattacks is exacerbated by the fact …
Chinese attackers leverage previously unseen malware for espionage
Sophos released its report, “Operation Crimson Palace: Threat Hunting Unveils Multiple Clusters of Chinese State-Sponsored Activity Targeting Southeast Asia,” which details a …