Google fixes Chrome zero‑day bug exploited in the wild

The latest update patches a total of five vulnerabilities affecting the browser’s desktop versions. Google has rolled out an update for its Chrome web browser that fixes five security flaws, including a zero-day vulnerability that is known to be actively exploited by malicious actors. The bugs affect the Windows, macOS, and Linux versions of the … More Google fixes Chrome zero‑day bug exploited in the wild

Exchange servers under siege from at least 10 APT groups

ESET Research has found LuckyMouse, Tick, Winnti Group, and Calypso, among others, are likely using the recent Microsoft Exchange vulnerabilities to compromise email servers all around the world. ESET Research has discovered that more than ten different advanced persistent threat (APT) groups are exploiting the recent Microsoft Exchange vulnerabilities to compromise email servers. ESET has … More Exchange servers under siege from at least 10 APT groups

Cybersecurity risks and challenges facing the financial industry

A primer on various threats looming over financial companies and the steps that these organizations can take to counter them. Companies operating in the financial services industry aren’t by any means strangers to being targeted by various forms of financial crimes and fraud. However, over time, the playing field has changed and threat actors have … More Cybersecurity risks and challenges facing the financial industry

Microsoft patches actively exploited Windows kernel flaw

This month’s relatively humble bundle of security updates fixes 56 vulnerabilities, including a zero-day bug and 11 flaws rated as critical. Yesterday was the second Tuesday of the month, which means that Microsoft is rolling out patches for security vulnerabilities found in Windows and its other products. This year’s second batch of security updates brings … More Microsoft patches actively exploited Windows kernel flaw

Google: Better patching could have prevented 1 in 4 zero‑days last year

Vendors should fix the root cause of a vulnerability, rather than block just one path to triggering it, says Google. Google’s Project Zero team revealed that a quarter of zero-day exploits detected in 2020 could have been prevented had the vendors issued proper patches for the underlying security flaws. In its Year in Review bloggpost, the … More Google: Better patching could have prevented 1 in 4 zero‑days last year