))
Cybersecurity Digest for week of 12 July 2024
Manage episode 428528974 series 3584749
Content provided by The Cybersecurity Digest LLC. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by The Cybersecurity Digest LLC or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
This week we talk about
- Microsoft patches 140+ vulnerabilities including 2 zero days, in Patch Tuesday;
- Adobe patches critical issues in several of its products,
- 10 Billion Passwords leaked,
- 39,000 Ticket master tickets leaked,
- Chinese APT 40 hiijack routers
- Hackers are Targeting Wordpress plugins,
- A new attack bypasses RADIUS authentication
- CISA adds 3 new CVEs to its KEV
- and more in this episode
Articles Mentioned In Order they appear in the Show:
July 2024 Security Updates - Release Notes - Security Update Guide - Microsoft
Windows MSHTML zero-day used in malware attacks for over a year (bleepingcomputer.com)
Whispers of Atlantida: Safeguarding Your Digital Treasure | Rapid7 Blog
Adobe Product Security Incident Response Team (PSIRT)
RockYou2024: 10 billion passwords leaked in the largest compilation of all time | Cybernews
Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events (bleepingcomputer.com)
Advance Auto Parts data breach impacts 2.3 million people (bleepingcomputer.com)
APT40 Advisory | Cyber.gov.au
VU#456537 - RADIUS protocol susceptible to forgery attacks. (cert.org)
BLAST RADIUS
Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool (thehackernews.com)
GitLab Critical Patch Release: 17.1.2, 17.0.4, 16.11.6 | GitLab
Notable CISA KEV Additions:
NVD - CVE-2024-23692 (nist.gov)
NVD - CVE-2024-38080 (nist.gov)
NVD - CVE-2024-38112 (nist.gov)
12 episodes
Share
