Microsoft: Happy 2025. Here’s 161 Security Updates
Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three "zero-day" weaknesses…
Cleo MFT Zero-Day Exploits Are About Escalate, Analysts Warn
Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other…
CISA confirms critical Cleo bug exploitation in ransomware attacks
CISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited…
Cleo patches critical zero-day exploited in data theft attacks
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft…
Patch Tuesday, December 2024 Edition
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that…
Ransomware Gangs Seek Pen Testers to Boost Quality
Qualified applicants must be able to test ransomware encryption and find bugs that might enable defenders to jailbreak the malware.
Microsoft SharePoint RCE bug exploited to breach corporate network
A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access…
Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees…
It’s Time to Sound the Alarm on SMB Cyber Threats
There’s an unnerving secret many of us in cybersecurity have noticed. And if you think your company is “too small”…
SOAR Is Dead, Long Live SOAR
Business intelligence firm Gartner labels security orchestration, automation, and response as "obsolete," but the fight to automate and simplify security…