Morning Bowl – 2023-01-11

MorningBowl

Welcome to another Morning Bowl breakout:

Popular JWT cloud security library patches “remote” code execution hole
It’s remotely triggerable, but attackers would already have pretty deep network access if they could “prime” your server for compromise.
Read more….

Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches
Get ’em while they’re hot. And get ’em for the very last time, if you still have Windows 7 or 8.1…
Read more….

Microsoft Issues January 2023 Patch Tuesday Updates, Warns of Zero-Day Exploit
The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that the company said is being actively exploited in the wild.
11 of the 98 issues are rated Critical and 87 are rated Important in severity, with the vulnerabilities also listed as publicly known at the time of release. Separately, the Windows maker is expected to release
Read more….

New Dark Pink APT group targets govt and military with custom malware
Attacks targeting government agencies and military bodies in multiple countries in the APAC region have been attributed to what appears to be a new advanced threat actor that leverages custom malware to steal confidential information. […]
Read more….

Follow for more…

Advertisement

Create a website or blog at WordPress.com

%d bloggers like this: