September Patch Tuesday handles 81 CVEs
The last round of fixes before Win 10’s final shout touches 15 product families, including Xbox
The last round of fixes before Win 10’s final shout touches 15 product families, including Xbox
Related
China-Linked Threat Group Exploits Ivanti Bug
The vendor had originally assessed the flaw as low risk but now says it is a critical issue that enables remote code execution.
How to Spot Malicious AI Agents Before They Strike
The rise of agentic AI means the battle of the machines is just beginning. To win, we’ll need our own agents — human and machine — working together.
Why Take9 Won’t Improve Cybersecurity
The latest cybersecurity awareness campaign asks users to pause for nine seconds before clicking — but this approach misplaces responsibility and ignores the real problems of system design.
Proof of Concept for Microsoft Word RTF Font Table Heap Corruption (CVE-2023-21716) Released
Update 3/14 – Coverage section updated with available IPS signature.FortiGuard Labs is aware of a new proof of concept released over the weekend for CVE-2023-21716 (Microsoft Word Remote Code Execution Vulnerability).Patched in the February Microsoft Monthly Security Release, CVE-2023-21716 is a vulnerability within Microsoft Office’s wwlib which allows attackers to achieve remote code execution on…
New FileFix Variant Delivers StealC Malware Through Multilingual Phishing Site
Cybersecurity researchers have warned of a new campaign that’s leveraging a variant of the FileFix social engineering tactic to deliver the StealC information stealer malware. “The observed campaign uses a highly convincing, multilingual phishing site (e.g., fake Facebook Security page), with anti-analysis techniques and advanced obfuscation to evade detection,” Acronis security researcher Eliad
CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught
The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices.