Credit to Author: Paul Ducklin| Date: Fri, 20 May 2022 22:35:09 +0000
Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway?
Read moreCredit to Author: Katie McCafferty| Date: Thu, 19 May 2022 16:00:00 +0000
Observing a 254% increase in activity over the last six months from a versatile Linux trojan called XorDdos, the Microsoft 365 Defender research team provides in-depth analysis into this stealthy malware’s capabilities and key infection signs.
The post Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices appeared first on Microsoft Security Blog.
Read moreCredit to Author: Jovi Umawing| Date: Tue, 17 May 2022 14:41:32 +0000
A little-used feature of web addresses is being used to obfuscate malicious phishing URLs.
The post Long lost @ symbol gets new life obscuring malicious URLs appeared first on Malwarebytes Labs.
Read more
Credit to Author: Susan Bradley| Date: Mon, 16 May 2022 09:00:00 -0700
It’s the third week of the month — the week we find out whether Microsoft acknowledges any side effects it’s investigating as part of the monthly patch-release process.
First, a bit of background. Microsoft has released patches for years. But they haven’t always been released on a schedule. In the early days, Microsoft would release updates any day of the week. Then in October 2003, Microsoft formalized the release of normal security updates on the second Tuesday of the month. Thus was born Patch Tuesday. (Note: depending on where you are in the world, Patch Tuesday may be a Patch Wednesday.) The following day, or in some cases, over the next week, users and admins report issues with updates — and Microsoft finally acknowledges that, yes, there are issues.
Credit to Author: Malwarebytes Labs| Date: Mon, 16 May 2022 10:01:04 +0000
The most important and interesting computer security stories from the last seven days.
The post A week in security (May 9 – 15) appeared first on Malwarebytes Labs.
Read more
Credit to Author: Greg Lambert| Date: Sat, 14 May 2022 05:51:00 -0700
This past week’s Patch Tuesday started with 73 updates, but ended up (so far) with three revisions and a late addition (CVE-2022-30138) for a total of 77 vulnerabilities addressed this month. Compared with the broad set of updates released in April, we see a greater urgency in patching Windows — especially wiith three zero-days and several very serious flaws in key server and authentication areas. Exchange will require attention, too, due to new server update technology.
Credit to Author: Christopher Budd| Date: Tue, 10 May 2022 17:47:43 +0000
Organizations should look at last month’s and this month’s bulletins and put their Hyper-V and Active Directory servers and infrastructure at the top of the priority list.
Read moreCredit to Author: Malwarebytes Labs| Date: Mon, 09 May 2022 10:20:30 +0000
The most important and interesting stories in security from the last seven days.
The post A week in security (May 2 – 8) appeared first on Malwarebytes Labs.
Read moreCredit to Author: Pieter Arntz| Date: Sun, 08 May 2022 11:51:58 +0000
Three tech giants used World Password Day to announce their commitment to a passwordless future using FIDO Alliance standards.
The post Google, Apple, and Microsoft step hand in hand into a passwordless future appeared first on Malwarebytes Labs.
Read moreCredit to Author: Pieter Arntz| Date: Sun, 08 May 2022 11:51:58 +0000
Three tech giants used World Password Day to announce their commitment to a passwordless future using FIDO Alliance standards.
The post Google, Apple, and Microsoft walk hand-in-hand into a passwordless future appeared first on Malwarebytes Labs.
Read more