Here are which Microsoft patches to prioritize among the June Patch Tuesday batch.
| LATEST SECURITY NEWS & COMMENTARY | Microsoft Patches 'Follina' Zero-Day Flaw in Monthly Security Update Here are which Microsoft patches to prioritize among the June Patch Tuesday batch. 24+ Billion Credentials Circulating on the Dark Web in 2022 — So Far Username and password combinations offered for sale on the Dark Web by criminals has increased 65% since 2020. Design Weakness Discovered in Apple M1 Kernel Protections The proof-of-concept attack from MIT CSAIL researchers undermines the pointer authentication feature used to defend the Apple chip's OS kernel. Emotet Banking Trojan Resurfaces, Skating Past Email Security The malware is using spreadsheets, documents, and other types of Microsoft Office attachments in a new and improved version that is often able to bypass email gateway-security scanners. 'Hertzbleed' Side-Channel Attack Threatens Cryptographic Keys for Servers A novel timing attack allows remote attackers with low privileges to infer sensitive information by observing power-throttling changes in the CPU. Google: SBOMs Effective Only if They Map to Known Vulns SBOMs should be connected with vulnerability databases to fulfill their promise of reducing risk, Google security team says. Beware the 'Secret Agent' Cloud Middleware New open source database details the software that cloud service providers typically silently install on enterprises' virtual machines — often unbeknownst to customers. Symbiote Malware Poses Stealthy, Linux-Based Threat to Financial Industry A Linux-based banking Trojan is a master at staying under the radar. How Information Security Teams Can Help Reduce Stress and Burnout Work across the organization and take practical steps to ease user stress — prioritize user productivity by offering the right tools to avoid shadow IT and cultivate a transparent security culture. Remember the security team, too, and automate as many processes as possible. Artificial Intelligence and Security: What You Should Know Next-generation AI products learn proactively and identify changes in the networks, users, and databases using "data drift" to adapt to specific threats as they evolve. 3 Big Takeaways From the Verizon DBIR 2022 The annual report is always filled with useful security information. Here are several of the most important lessons from this year's edition. Critical Citrix Bugs Impact All ADM Servers, Agents Citrix ADM vulnerabilities could lead to admin password reset and disruption of ADM license service, company warns. MORE NEWS / MORE COMMENTARY | | |
|
Dark Reading Weekly -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | We take your privacy very seriously. Please review our Privacy Statement. |
|
|