Microsoft report highlights Mac ransomware threats and techniques
Microsoft has released new details on Mac ransomware threats, techniques and provided guidance on how to protect networks and systems from ransomware attacks.
Defender
CISA adds 6 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities)
The Cybersecurity and Infrastructure Security Agency (CISA) has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities.
Microsoft April 2020 Security Updates (with fixes for 2 zero-days)
Microsoft released the April 2020 Security Updates that includes 113 unique vulnerability fixes, 18 of those rated critical. The updates also include patches for two Adobe Font Manager zero day vulnerabilities disclosed in March.
sLoad trojan uses BITS to steal data
A multi-stage downloader trojan dubbed sLoad uses BITS to steal data from compromised systems. Attackers use sLoad to evade anti-malware protections and security monitoring that may not detect activity using these unconventional protocols.
Microsoft issues out-of-band patches (Critical IE CVE-2019-1367 exploited in wild)
Microsoft has released out-of-band patches for Internet Explorer and Microsoft Defender products. The IE zero-day bug is marked critical and is actively exploited in the wild.