December 12, 2023 at 03:36PM Microsoft released critical security fixes for 33 vulnerabilities, including remote code execution bugs and flaws in its Edge browser. The company urged special attention to the CVE-2023-36019 spoofing bug and CVE-2023-35628 code execution defect. Additionally, the patches address issues in Office, Azure, Windows Defender, and the Windows DNS and DHCP … Read more
December 11, 2023 at 06:03PM Fortress and CodeSecure have partnered to enhance software security by mapping open-source components and identifying vulnerabilities. The partnership aims to fortify national security and critical infrastructure from cyber threats. CodeSecure’s capabilities will expand Fortress’ Software Bill of Materials (SBOM) database, providing risk data to critical industries via NAESAD. A webinar … Read more
December 6, 2023 at 04:54AM Atlassian patched four critical vulnerabilities in its software, addressing remote code execution risks. CVEs 2022-1471, 2023-22522, 2023-22523, and 2023-22524, with CVSS scores up to 9.8, affect various products including Confluence and Jira. Prior critical flaw in Bamboo also mentioned. Urgent updates recommended. Meeting Takeaways from Dec 06, 2023 – Software … Read more
October 27, 2023 at 12:52PM The North Korean Lazarus hacking group repeatedly targeted a software vendor, breaching their system multiple times despite patches and warnings. Kaspersky discovered the attack, which was part of a broader campaign that involved Lazarus targeting various software vendors. The hackers used the SIGNBT malware and LPEClient info-stealer to gain access … Read more