Collaborate Disseminate
Several cybersecurity firms have warned Microsoft that cybercriminals have been using signed malicious drivers to kill processes associated with antivirus (AV) and endpoint detection and response (EDR) products.
read more Continue reading Security Firms Warn Microsoft of Signed Drivers Used to Kill EDR, AV Processes
Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.
The operating system update, released as part of Microsoft’s scheduled Patch Tuesday, addresses a flaw that lets mal… Continue reading Patch Tuesday: Microsoft Plugs Windows Hole Exploited in Ransomware Attacks
After skipping last month, Adobe returned to its scheduled Patch Tuesday cadence with the release of fixes for at least 38 vulnerabilities in multiple enterprise-facing products.
The San Jose, California software maker said the flaws could expose users… Continue reading Adobe Patches 38 Flaws in Enterprise Software Products
Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine escape bug exploited at the GeekPwn 2022 hacking challenge.
read more Continue reading VMware Patches VM Escape Flaw Exploited at Geekpwn Event
Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that a Chinese hacking group has already been caught exploiting the vulnerability.
read more Continue reading NSA Outs Chinese Hackers Exploiting Citrix Zero-Day
Security researchers with Juniper Networks’ Threat Labs warn of a new Python-based backdoor targeting VMware ESXi virtualization servers.
read more Continue reading New Python-Based Backdoor Targeting VMware ESXi Servers
Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the flaw in the wild.
read more Continue reading Fortinet Ships Emergency Patch for Already-Exploited VPN Flaw
Enterprise security vendor Proofpoint on Monday announced plans to acquire Illusive Networks, a startup that helped pioneer deception technology to help detect data breaches. Financial terms of the planned acquisition were not disclosed.
read more Continue reading Proofpoint Buys Deception Tech Startup Illusive Networks
Fortinet’s security researchers have shared information on three new ransomware families named Aerst, ScareCrow, and Vohuk.
read more Continue reading Users Warned of New Aerst, ScareCrow, and Vohuk Ransomware Families
Phylum security researchers warn of a new software supply chain attack relying on typosquatting to target Python and JavaScript developers.
read more Continue reading Python, JavaScript Developers Targeted With Fake Packages Delivering Ransomware