🌐 Сводка новостей по кибербезопасности и софту за 14 ноября 2024 года Отечественный Стор от REChain ®️ 🪐! › 2024 12 23 декабрь понедельник

9 мин (время прочтения) 📢 Microsoft Patch Tuesday: 87 уязвимостей, 4 из них критические Microsoft опубликовала ноябрьское обновление, устраняющее 87 уязвимостей, включая 4 критических и 4 уязвимости нулевого дня, которые активно использовались. Среди них особо опасной является CVE-2024-43451, позволяющая удаленное выполнение кода. Также устранены уязвимости в Azure и Exchange, которые могут быть использованы злоумышленниками для распространения вредоносного ПО​ ноябрь 14, 2024 11:31 🌐 Сводка новостей по кибербезопасности и софту за 14 ноября 2024 года Cybersecurity & Software News - November 14, 2024

Cybersecurity & Software News

November 14, 2024

Microsoft Patch Tuesday: 87 Vulnerabilities Fixed, 4 Critical

This November, Microsoft released an update patching 87 vulnerabilities, including four critical ones and four zero-day vulnerabilities actively exploited in the wild. The update addresses CVE-2024-43451, which allows remote code execution, along with vulnerabilities in Azure and Exchange that could be leveraged to spread malware.

Windows Zero-Day Exploitation via File Handling

A newly discovered zero-day vulnerability in Windows, triggered by actions such as dragging-and-dropping files or deleting them, allows attackers to execute malicious commands remotely. Microsoft is investigating and preparing a patch to address this critical issue.

2024 Projections: Rise in AI and Investment Frauds

According to Tenable, 2024 will see increased attacks on AI platforms, leading to data leaks and "data poisoning." The year is also expected to witness a rise in investment frauds, including "pig butchering" scams and deepfake videos targeting potential investors around events like Bitcoin Halving.

Exploitation of Unpatched D-Link NAS Devices

A new exploit targeting CVE-2024-10914 in outdated D-Link NAS devices has been reported. This vulnerability will not be fixed by the manufacturer, so security experts advise replacing the devices to mitigate potential risks.

CrowdStrike Acquires Adaptive Shield for $300 Million

CrowdStrike announced a $300 million acquisition of Adaptive Shield to enhance its capabilities in data leak prevention and cloud rights management. October also saw 37 cybersecurity M&A deals, reflecting growing investment in security technologies.

Комментарии пользователей (0)

Добавить комментарий
Мы никогда не передадим вашу электронную почту кому-либо еще.