Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017. Rapid7‘s Adam Barnett says January marks the fourth consecutive month … Read more
In a landmark move, the U.S. Department of Health and Human Services (HHS) has issued a new proposal to strengthen the HIPAA Security Rule, calling for stringent cybersecurity measures to protect electronic protected health information (ePHI). Why? According to the HHS’ proposal, there has been a “rampant escalation of cyberattacks using hacking and ransomware” in … Read more
Dec 11, 2024Ravie LakshmananVulnerability / Network Security Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows – CVE-2024-11639 (CVSS score: 10.0) – An authentication bypass vulnerability in the … Read more
Oct 05, 2024Ravie LakshmananData Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords … Read more
Getty Pictures Microsoft has up to date a key cryptographic library with two new encryption algorithms designed to face up to assaults from quantum computer systems. The updates had been made final week to SymCrypt, a core cryptographic code library for handing cryptographic capabilities in Home windows and Linux. The library, began in 2006, gives … Read more
