Patch Tuesday December 2021 – Microsoft Fixes 67 Flaws, Including 6 Zero-Day Vulnerabilities

December’s Patch Tuesday comes with numerous security fixes and improvements, including two actively exploited zero-day vulnerabilities. The list features spoofing, denial of service, remote code execution, elevation of privilege, and…

Khonsari ransomware, Iranian group Nemesis Kitten seen exploiting Log4j vulnerability

Security researchers have found evidence that the group behind the Khonsari ransomware is exploiting the Log4j vulnerability to deliver it. Other state-sponsored groups are also looking into the vulnerability, according…

Microsoft December 2021 Patch Tuesday: Zero-day exploited to spread Emotet malware

Microsoft has released 67 security fixes for software including seven critical issues and a zero-day flaw being actively exploited by cybercriminals.  In the Redmond giant’s latest round of patches, usually released…

AWS Among 12 Cloud Services Affected by Flaws in Eltima SDK

Researchers have found a number of high-security vulnerabilities in third-party driver software – bugs that originated in a library created by network virtualization firm Eltima – that leave about a…

Ransomware gangs are now rich enough to buy zero-day flaws, say researchers

Cyber criminals are becoming more advanced as they continue to find new ways to deliver attacks, and some are now willing to buy zero-day vulnerabilities, something more traditionally associated with…

Rust-proofing the internet with ISRG's Prossimo

You know the non-profit Internet Security Research Group (ISRG) for its Let’s Encrypt certificate authority, the most popular way of securing websites with TLS certificates. The group wants to do…

Microsoft November 2021 Patch Tuesday: 55 bugs squashed, two under active exploit

Microsoft has released 55 security fixes for software including patches that resolve zero-day vulnerabilities actively exploited in the wild. The Redmond giant’s latest round of patches, usually released on the second…

Cybersecurity firms provide threat intel for Clop ransomware group arrests

[embedded content] Further details have been revealed concerning a 30-month investigation designed to disrupt the operations of the Clop ransomware group.  In June, Ukrainian police arrested six suspects in 20…

Machine Learning in Cybersecurity 101

Machine learning is a term usually mentioned in contexts that actually refer to artificial intelligence or is used as a synonym. Let us have a closer look at what the…

Cybersecurity Trends & Predictions for CISOs

Trend Micro – Trend Micro – Staying one step ahead of the bad guys is the best way to stop cyberattacks. Trend Micro’s VP of Threat Research, Jon Clay, provides…