July 2023 – Page 11 – PossibleThreat Articles

Update now! Microsoft patches a whopping 130 vulnerabilities

July 12, 2023 0 Comments Adobe, Android, Apple, Cisco, cve-2023-32046, cve-2023-32049, cve-2023-35311, cve-2023-36844, cve-2023-36874, Exploits and vulnerabilities, fortinet, Microsoft, moveit, Mozilla, news, sap, vmware

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Adobe

Tags: Apple

Tags: Android

Tags: Cisco

Tags: Fortinet

Tags: MOVEit

Tags: Mozilla

Tags: SAP

Tags: VMware

Tags: CVE-2023-32049

Tags: CVE-2023-35311

Tags: CVE-2023-32046

Tags: CVE-2023-36874

Tags: CVE-2023-36844

For the July 2023 Patch Tuesday, Microsoft has issued security updates for 130 vulnerabilities, four of which are known to have been actively exploited.

MalwareBytes Security

Proposed Massachusetts law to ban sale of your mobile location data

July 12, 2023 0 Comments anonymous, broker, cellphone, data, location, locational, Mobile, news, personal, sale, selling, Tracking

Categories: News

Categories: Personal

Tags: mobile

Tags: cellphone

Tags: location

Tags: locational

Tags: sale

Tags: selling

Tags: broker

Tags: data

Tags: tracking

Tags: anonymous

A proposed law would ban brokers from selling mobile location data in Massachusetts.

MalwareBytes Security

Criminals target businesses with malicious extension for Meta’s Ads Manager and accidentally leak stolen accounts

July 12, 2023 0 Comments ads manager, chrome, extension, facebook, malware, meta, threat intelligence

Categories: Threat Intelligence

Tags: Meta

Tags: Facebook

Tags: malware

Tags: ads manager

Tags: chrome

Tags: extension

A group of criminals is actively targeting Facebook business users to gain access to their advertising accounts via malicious Chrome extensions. But we spotted that they made a mistake…

Security Sophos

Microsoft patches four zero-days, finally takes action against crimeware kernel drivers

July 12, 2023 0 Comments elevation of privilege, eop, Microsoft, Patch Tuesday, security bypass, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 12 Jul 2023 18:57:00 +0000

Here’s a brief reminder to do two things. The first is to patch. The second is to read up why it’s a good idea to patch…

Security TrendMicro

AWS Security Pillar: A Well-Architected Cloud Environment

July 12, 2023 0 Comments trend micro devops : article, trend micro devops : compliance, trend micro devops : conformity, trend micro devops : how to, trend micro devops : multi cloud

Credit to Author: Melissa Clow| Date: Wed, 12 Jul 2023 00:00:00 +0000

Explore the Security pillar of the AWS Well-Architected Framework and be guided through the fundamental security controls that should be addressed when designing, transitioning to, and operating in a cloud environment.

Security TrendMicro

The AWS Well-Architected Framework Guide

July 12, 2023 0 Comments trend micro devops : article, trend micro devops : compliance, trend micro devops : conformity, trend micro devops : how to, trend micro devops : multi cloud

Credit to Author: Melissa Clow| Date: Wed, 12 Jul 2023 00:00:00 +0000

Discover the six Amazon Web Services (AWS) Well-Architected Framework pillars by examining best practices and design principles to leverage the cloud in a more efficient, secure, and cost-effective manner.

ComputerWorld Independent

EU-US Data Privacy Framework to face serious legal challenges, experts say

July 12, 2023 0 Comments Data privacy, regulation

Nine months after US President Joe Biden signed an executive order that updated rules for the transfer of data between the US and the EU, the European Commission this week ratified the EU-US Data Privacy Framework. Industry experts, however, say it will be challenged at the European Court of Justice (CJEU), and stands a good chance of being struck down.

The move comes two years after the CJEU shut down the previous EU-US data sharing agreement, known as Privacy Shield, on grounds that the US doesn’t provide adequate protection for personal data, particularly in relation to state surveillance. In 2015, a previous attempt to forge a data sharing pact, dubbed Safe Harbor, was also struck down by the CJEU.

To read this article in full, please click here

Security Wired

Ransomware Attacks Are on the Rise, Again

July 12, 2023 0 Comments Security, Security / Cyberattacks and Hacks

Credit to Author: Lily Hay Newman, Matt Burgess| Date: Wed, 12 Jul 2023 13:00:00 +0000

Ransomware attacks tumbled in 2022, offering hope that the tide was turning against the criminal gangs behind them. Then things got a whole lot worse.

Security Wired

Silk Road’s Second-in-Command, Variety Jones, Gets 20 Years in Prison

July 12, 2023 0 Comments Security, Security / Cyberattacks and Hacks

Credit to Author: Andy Greenberg| Date: Tue, 11 Jul 2023 18:31:54 +0000

Roger Thomas Clark, also known as Variety Jones, will spend much of the rest of his life in prison for his key role in building the world’s first dark-web drug market.

Microsoft Security

Storm-0978 attacks reveal financial and espionage motives

July 12, 2023 0 Comments

Credit to Author: Microsoft Threat Intelligence| Date: Tue, 11 Jul 2023 17:30:00 +0000

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a zero-day remote code execution vulnerability exploited via Microsoft Word documents.

The post Storm-0978 attacks reveal financial and espionage motives appeared first on Microsoft Security Blog.