Microsoft Patch Tuesday, May 2021 Edition

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without any help from users. On deck this month are patches to quash a wormable flaw, a […]

Continue Reading

New infosec products of the week: May 7, 2021

Assessing third-party security controls with Panorays Smart Questionnaires Unlike manual security questionnaires, Smart Questionnaires include only the questions that are relevant for each supplier based on the business relationship context. Customers can easily track the progress of hundreds of third parties at once, and can also immediately identify if there are any policy gaps that […]

Continue Reading

How do I select a DLP solution for my business?

Data loss prevention (DLP) has become even more important in the last year. Since the pandemic has made companies shift to a remote workforce model, cybersecurity threats have become increasingly complex and data security even more fragile. Companies need to adapt their DLP strategies to the new normal and harden their defense. To select a […]

Continue Reading

Trend Micro Flaw Being Actively Exploited

  The cybersecurity firm Trend Micro disclosed that the threat actors are once again using security solutions as attack vectors and this time attackers are deliberately leveraging a vulnerability in its antivirus solutions, identified as CVE-2020-24557, to gain admin rights on Windows systems.  Apex One and OfficeScan XG enterprise security products are affected by the […]

Continue Reading

Trend Micro flaw actively exploited in the wild

Cybersecurity firm Trend Micro revealed that a threat actor is actively exploiting a flaw, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems. Security solutions one again are used as attack vectors by threat actors, this time cybersecurity company Trend Micro revealed that attackers are actively exploiting a vulnerability, tracked as CVE-2020-24557, […]

Continue Reading

March 2021 Patch Tuesday: Microsoft fixes yet another actively exploited IE zero-day

As system administrators and security teams around the world are working on ascertaining whether they’ve been breached and compromised via vulnerable Microsoft Exchange Server installations, on this March 2021 Patch Tuesday: Microsoft has fixed 89 CVEs. Among those are the seven Microsoft Exchange flaws fixed last week, one Internet Explorer memory corruption flaw that’s being […]

Continue Reading