Microsoft March 2020 Security Updates, fix for SMBv3 RCE vulnerability (updated)

Microsoft released the March 2020 Security Updates that include 115 unique vulnerability fixes, 26 of those rated critical. This is the largest patch release in Microsoft's history. Microsoft also issued guidance and a new security update to fix an SMBv3 RCE vulnerability dubbed SMBGhost.

Continue Reading Microsoft March 2020 Security Updates, fix for SMBv3 RCE vulnerability (updated)

Cisco patches vulnerabilities in multiple products

Cisco has released security patches for Email Security Appliance, Webex, Prime Network Registrar, Intelligent Proximity and other products. Four of the vulnerabilities are High risk and another eight are rated Medium severity.

Continue Reading Cisco patches vulnerabilities in multiple products

Guidelines for securing Content Management Systems

The Australian Cyber Security Centre (ACSC) has released new guidelines to assist organizations in securing Content Management Systems (CMS). The guidelines include good mitigation advice in areas of patching, account management, hardening and monitoring to name a few.

Continue Reading Guidelines for securing Content Management Systems

Hidden mobile app malware threats

Security experts are warning of a rapidly growing threat where cybercriminals are targeting mobile phones to manipulate and quickly profit from them. To make matters worse, their malicious activities are becoming harder to uncover.

Continue Reading Hidden mobile app malware threats

‘Shark Tank’ star loses (and recovers) almost $400K in BEC scam

"Shark Tank" star Barbara Corcoran lost nearly $400,000 to a phishing scam late last month after scammers tricked people in her office into wiring funds to a bank in Germany. The good news is Corcoran ended up recovering the funds before the money could be transferred to the fraudster's bank account in China.

Continue Reading ‘Shark Tank’ star loses (and recovers) almost $400K in BEC scam

Walgreens discloses mobile app data breach

Walgreens has disclosed that a flaw in the personal secure messaging feature of its mobile app allowed unauthorized access to personal data stored in a Walgreens database. The company also said the issue did not impact financial data and affected a small number of customers.

Continue Reading Walgreens discloses mobile app data breach