Two Patch Tuesday flaws you should fix right now
Vulnerabilities affecting both Outlook for Windows and Microsoft SmartScreen were patched recently — both could have wide-ranging impact.
Stories by Lucian Constantin
-
-
DNS data shows one in 10 organisations have malware traffic on their networks
Akamai report highlights how widespread malware threats remain, noting the dangers of threats specific to DNS infrastructure.
-
Stolen credentials increasingly empower the cybercrime underground
New research shows that criminal gangs are focusing more on acquiring stolen credentials to bypass security measures.
-
Attack campaign uses PHP-based infostealer to target Facebook business accounts
The threat actor uses the malware to target critical government infrastructure employees, manufacturing companies, and others.
-
Gitpod flaw shows cloud-based development environments need security assessments
The quickly fixed flaw could have allowed attackers to take over accounts in the CDE and perform remote code execution.
-
Booking.com account takeover flaw shows possible pitfalls in OAuth implementations
Avoid these simple mistakes when setting up OAuth for third-party authentication to block unauthorised account access.
-
Malicious package flood on PyPI might be sign of new attacks to come
The PyPI package flood is just the latest in a string of attacks on public repositories with the intent to plant malicious code.
-
Microsoft tells Exchange admins to revert previously recommended antivirus exclusions
The antivirus exclusion might cause Exchange Server failures or prevent the detection of backdoors planted by attackers.
-
5 top threats from 2022 most likely to strike in 2023
Study and prepare for these five threats and you will be well on your way to protecting your network, assets, and employees.
-
Malware authors leverage more attack techniques that enable lateral movement
Malware authors and cybercriminal groups are making sophisticated techniques practical for threat actors to use more widely, changing threat models.
-
PLC vulnerabilities can enable deep lateral movement inside OT networks
Researchers demonstrate how attackers can target PLCs to bypass authentication and perform remote code execution on industrial networks.
-
Flaws in industrial wireless IoT solutions can give attackers deep access into OT networks
Greater use of industrial cellular gateways and routers expose IIoT devices to attackers and increase the attack surface of OT networks.
-
Attackers can use ChatGPT to significantly enhance phishing and BEC scams
Researchers demonstrate how attackers can use the GPT-3 natural language model to launch more effective, harder-to-detect phishing and business email compromise campaigns.
-
Atlassian patches critical vulnerability in Jira software
Atlassian has issued fixed versions of the software and described a workaround to the flaw that could make access tokens available to attackers.
-
APT groups use ransomware TTPs as cover for intelligence gathering and sabotage
Changing tactics by North Korean, Russian, and Chinese APT groups suggest that Western companies are at greater risk.
Events
EDGE 2023
EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.
WIICTA 2023
ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.
ARN Innovation Awards 2023
Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.
Brand Post
How a new generation of servers is driving sustainability and innovation
By Adam LePeilbet, Senior Director & General Manager, Data Centre Sales, Dell Technologies, ANZ
Sponsored By
