Microsoft Revokes Many Signed Drivers Used by Chinese Cybercriminals
After being notified by several security firms, Microsoft has revoked many signed drivers that had been leveraged by threat actors, in many cases by Chinese…
Category: SecurityWeek
Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution
Fortinet on Tuesday announced security updates that address a critical-severity vulnerability in FortiOS and FortiProxy that could be exploited for remote code execution (RCE). Tracked…
SAP Patches Critical Vulnerability in ECC and S/4HANA Products
German enterprise software maker SAP on Tuesday announced the release of 16 new security notes as part of its July 2023 Security Patch Day. In…
Former Security Engineer Arrested for $9 Million Crypto Exchange Hack
The US today announced the arrest of Shakeeb Ahmed on charges related to the defrauding of a decentralized cryptocurrency exchange in 2022. Ahmed, 34, of…
Microsoft Warns of Office Zero-Day Attacks, No Patch Available
Russian spies and cybercriminals are actively exploiting still-unpatched security flaws in Microsoft Windows and Office products, according to an urgent warning from the world’s largest…
Apple’s Rapid Security Response Patches Are Breaking Websites
Apple has pulled its latest Rapid Security Response updates for iOS and macOS after users complained that they could no longer access some websites. The…
Adobe Patch Tuesday: Critical Flaws Haunt InDesign, ColdFusion
Software maker Adobe on Tuesday called attention to critical security flaws in its InDesign and ColdFusion products, warning that the defects expose users to malicious…
SaaS Application Security Firm Savvy Exits Stealth Mode With $30 Million in Funding
On a path to eliminate security incidents involving software-as-a-service (SaaS) applications, Israeli startup Savvy announced today that it has exited stealth mode with $30 million…
ICS Patch Tuesday: Siemens, Schneider Electric Fix 50 Vulnerabilities
Siemens and Schneider Electric on Tuesday released a total of nine new security advisories addressing a total of 50 vulnerabilities affecting their industrial products. Siemens…
Verifying Software Integrity With Sigstore
Software Supply Chain: Part 3 As part of my software supply chain series, I want to move on to the area of code signing and…
Personal Information of 11 Million Patients Stolen in Data Breach at HCA Healthcare
HCA Healthcare on Monday announced that the personal information of roughly 11 million patients was stolen in a data breach. The incident, the healthcare services…
Russia-Linked RomCom Hackers Targeting NATO Summit Guests
As part of a recently identified cyber operation, a Russia-linked threat actor known as RomCom has been targeting entities supporting Ukraine, including guests at the…