Microsoft February 2020 Security Updates (includes IE zero-day fix)

Microsoft issued the February 2020 Security Updates that include 101 unique vulnerability fixes, 13 of those rated critical. The update also includes a patch for an IE zero-day scripting engine vulnerability CVE-2020-0674 disclosed in January.

Continue ReadingMicrosoft February 2020 Security Updates (includes IE zero-day fix)

Threat actors are launching web shell attacks

Security experts from Microsoft have revealed threat actors are increasingly using web shell attacks in their campaigns. Microsoft's investigation revealed actors such as ZINC, KRYPTON, and GALLIUM, exploit known vulnerabilities to implant web shells on internet-facing web servers.

Continue ReadingThreat actors are launching web shell attacks

The top 20 vulnerabilities to patch now (that are most under attack)

Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization's patch management efforts.

Continue ReadingThe top 20 vulnerabilities to patch now (that are most under attack)