Patch/Configuration Management

Related Videos

Actively exploited Apple zero-days patched

SC StaffApril 17, 2025

Updates have been issued by Apple to address a pair of zero-day vulnerabilities affecting iOS, macOS, iPadOS, tvOS, and visionOS, which was leveraged in a highly advanced and targeted iPhone attack, according to BleepingComputer.

Vulnerability Management

Incomplete NVIDIA patch threatens containerized environments

SC StaffApril 15, 2025

Organizations leveraging containerized environments are at risk of significant container escape attack compromise stemming from an incomplete fix for an NVIDIA Container Toolkit vulnerability, tracked as CVE-2024-0132, Hackread reports.

Ransomware

Black Basta chat leaks reveal details on ransomware infrastructure

Shaun NicholsApril 15, 2025

In addition to the insight into the Black Basta, report shows Clop had nearly 400 victims in Q1.

Data exposed of more than 15K Fortinet FortiGate firewalls. (Adobe Stock)

Vulnerability Management

Fortinet FortiGate fixes circumvented by symlink exploit

SC StaffApril 14, 2025

Already patched Fortinet FortiGate devices impacted by the CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762, continued to provide read-only access to threat actors who established a symbolic link between the user file system and root file system in a file containing the SSL-VPN's language files, reports The Hacker News.

Vulnerability Management

Numerous Juniper Networks Junos vulnerabilities addressed

SC StaffApril 11, 2025

SecurityWeek reports that fixes have been issued by Juniper Networks for dozens of security issues impacting its Junos OS and Junos OS Evolved offerings, as well as Junos Space third-party dependencies.

Threat Intelligence

Flaws in Google Quick Share for Windows addressed via patch

SC StaffApril 9, 2025

Cybersecurity researchers have uncovered a vulnerability in Googles Quick Share utility for Windows, identified as CVE-2024-10668, that could be exploited to crash the application or send files to a recipients device without their approval, The Hacker News reports.

concept of leaky software, data with a tap sticking out.3d illustration

Data Security

Misconfigured NexOpt database prompts extensive vehicle data leak

SC StaffApril 9, 2025

Cybernews reports that German multinational vehicle tracking service provider NexOpt had almost 1 TB of sensitive information from more than 300,000 passenger and commercial vehicles exposed as a result of an unprotected Kibana instance, which was already secured last month.

Ransomware

Addressed Windows CLFS zero-day exploited in ransomware intrusions

SC StaffApril 9, 2025

U.S. real estate and IT firms, Venezuelan financial organizations, and Saudi Arabian retail companies, as well as Spanish software provider have been subjected to Storm-0460 ransomware attacks exploiting the Windows Common Log File System Driver vulnerability, tracked as CVE-2025-29824, which Microsoft fixed as part of this month's Patch Tuesday, reports The Record, a news site by cybersecurity firm Recorded Future.

Patch/Configuration Management

Related Videos

A couple simple steps companies can take to protect their systems from ransomware

Actively exploited Apple zero-days patched

Incomplete NVIDIA patch threatens containerized environments

Black Basta chat leaks reveal details on ransomware infrastructure

Fortinet FortiGate fixes circumvented by symlink exploit

Numerous Juniper Networks Junos vulnerabilities addressed

Flaws in Google Quick Share for Windows addressed via patch

Misconfigured NexOpt database prompts extensive vehicle data leak

Addressed Windows CLFS zero-day exploited in ransomware intrusions

Fast Five

Selected by the SC Media Editorial team every Tuesday.