Category Archives: week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability allows Yubico security keys to be cloned Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security… Continue reading Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen f… Continue reading Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. Vulner… Continue reading Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by at… Continue reading Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: August 2024 Patch Tuesday forecast: Looking for a calm August release August 2024 July ended up being more ‘exciting’ than many of us wanted; we’re suppos… Continue reading Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Why a strong patch management strategy is essential for reducing business risk In this Help Net Security interview, Eran Livne, Senior Director of Product… Continue reading Week in review: VMware ESXi zero-day exploited, SMS Stealer malware targeting Android users→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update By now, most people are aware of – or have been personally affected b… Continue reading Week in review: CrowdStrike-triggered outage insights, recovery, and measuring cybersecurity ROI→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Faulty CrowdStrike update takes out Windows machines worldwide Thousands and possibly millions of Windows computers and servers worldwide have been made i… Continue reading Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers stole call, text records of “nearly all” of AT&T’s cellular customers Hackers leveraging stolen Snowflake account credentials have stolen rec… Continue reading Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 4 key steps to building an incident response plan In this Help Net Security interview, Mike Toole, head of security and IT at Blumira, discusses the compo… Continue reading Week in review: A need for a DDoS response plan, human oversight in AI-enhanced software development→