US orders federal govt agencies to patch critical Log4j bug
US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache…
CISA Issues Emergency Directive on Log4j
The Cybersecurity Infrastructure and Security Agency orders federal agencies to take actions to mitigate vulnerabilities to the Apache Log4j flaw…
Cities say vaccine mandates aren't forever, but don't have plans on when they'll lift them
Big cities across the country are instituting vaccine mandates for most public places, like restaurants and gyms. But they don't…
Why Log4j Mitigation Is Fraught With Challenges
The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an…
FDA loosens restrictions on telemedicine abortions as the Supreme Court considers rolling back Roe v. Wade
The Food and Drug Administration (FDA) finalized its decision to remove restrictions on telemedicine abortions.
Log4j attackers switch to injecting Monero miners via RMI
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both…
Tufin Introduces Security Policy Builder (SPB) App to Marketplace
Automates security policy design to ensure compliance and reduce likelihood of breach announcing significant updates to other marketplace apps.
Microsoft fixes Windows AppX Installer zero-day used by Emotet
Microsoft has patched a high severity Windows zero-day vulnerability exploited in the wild to deliver Emotet malware payloads. [...]
Tales from the Dark Web: Fingerprinting Access Brokers on Criminal Forums
Every high-profile breach leaves a trail of bread crumbs, and defenders who monitor access brokers can connect the dots and…
Dell driver fix still allows Windows Kernel-level attacks
Dell's driver fix of the CVE-2021-21551 vulnerability leaves margin for catastrophic BYOVD attacks resulting in Windows kernel driver code execution.…