Microsoft Patch Tuesday for October 2022 — Snort rules and prominent vulnerabilities
Microsoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across the company’s hardware and software line.
Vulnerability Spotlight: Data deserialization in VMware vCenter could lead to remote code execution
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable data deserialization vulnerability in the VMware vCenter server platform. VMware is one of the most popular virtual machine solutions currently available, and its
Threat Roundup for September 30 to October 7
Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 30 and Oct. 7.
Threat Source newsletter (Oct. 6, 2022) — Continuing down the Privacy Policy rabbit hole
Any time we welcome this software and hardware into our homes and on our devices, it’s worth considering what sacrifices we might be making elsewhere.
Developer account body snatchers pose risks to the software supply chain
Cisco Talos examined several frequently used code repositories. We looked specifically at the security afforded to developer accounts, and how difficult it would be for an attacker to take over a developer account.
Researcher Spotlight: Globetrotting with Yuri Kramarz
“You have completely different angles in preparing different customers for defense during major global events depending on their role, technology and function,” Kramarz said.
Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server
Even organizations that use Exchange Online may still be affected if they run a hybrid server.
Threat Roundup for September 23 to September 30
Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 23 and Sept. 30.
Threat Source newsletter (Sept. 29, 2022) — Personal health apps are currently under a spotlight, but their warning signs have always been there
A report from the Washington Post also released last week found that this app, as well as popular health sites like WebMD, “gave advertisers the information they’d need to market to people, or groups of consumers based on their health concerns.”