Patch Tuesday: Microsoft patches a zero-day bug under active attack computing.co.uk - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from computing.co.uk Daily Mail and Mail on Sunday newspapers.
A screenshot of a negotiating portal set up by the REvil ransomware group (Source: SecurityScorecard)
Threat intelligence researchers are looking closely at REvil, the ransomware gang that infected up to 1,500 companies in a single swoop. A look at part of the group s online infrastructure shows clear lines to Russian and U.K. service providers that, in theory, could help law enforcement agencies but don t appear eager to help.
On July 2, affiliates of REvil exploited several vulnerabilities in remote management software called the Virtual System Administrator from Miami-based Kaseya.
The U.S. is pressing Russia for more cooperation in cracking down on ransomware criminals the U.S. alleges the country harbors. Pulling the threads around the decoder[dot]re domain might be a good place for the two countries to start.
TechRadar Pro spoke to pointed out that many of the vulnerabilities that were being exploited in the wild had a pretty low Common Vulnerability Scoring System (CVSS) score.
“Sure, there are CVEs listed with a score of 9.4 – but a CVE with a score of 5.2 that is being actively exploited must take center stage and be patched as a matter of priority above the rest,” said Immersive Labs’ Director of Cyber Threat Research, Kevin Breen.
Meanwhile, software vendor Ivanti’s Senior Director of Product Management, Chris Goettl, believes the fact that many of the exploited vulnerabilities have lower CVSS scores, can lead to some organizations simply gleaning over them.
Take a Walk on the DarkSide: A Pipeline Cyber Crisis Simulation
Register today for Threatpost’s upcoming FREE live webinar, in partnership with Immersive Labs, on Wednesday, June 9 at 2 PM EDT, to see, first-hand, the impact of a major cyber breach in an emerging ransomware attack simulation.
GoToWebinar
Share:
The recent DarkSide cyberattack on Colonial Pipeline truly brought to light the risk ransomware can pose to a national industrial infrastructure. High-profile attacks like this have become increasingly common and can not only cost an organization dearly in corporate reputation, regulatory scrutiny, and financial loss, but can also impact the well-being of an entire nation.
May 2021 Patch Tuesday: Adobe fixes exploited Reader 0-day, Microsoft patches 55 holes
May 12, 2021
On this May 2021 Patch Tuesday:
Adobe has fixed a Reader flaw exploited in attacks in the wild, as well as delivered security updates for eleven other products, including Magento, Adobe InDesign, Adobe After Effects, Adobe Creative Cloud Desktop Application, and others
Microsoft has plugged 55 security holes, none actively exploited
SAP has released 14 new and updated security patches
Adobe updates
Adobe has released security updates for 12 of its products, fixing a total of 44 CVE-numbered flaws.
The updates that should be prioritized are those for Adobe Acrobat and Reader for Windows and macOS, because they fix a number of critical and important vulnerabilities in a widely used product that has often been targeted by attackers. Another good reason is that one of these – CVE-2021-28550 – “has been exploited in the wild in limited attacks targeting Adobe Reader users on