December Patch Tuesday arrives bearing 71 gifts
Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins
Similar Posts
HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
Bys s
In October 2023, Deer Oaks Behavioral Health in Texas disclosed a ransomware attack that affected 171,871 patients, which they discovered on September 1, 2023. LockBit3.0 claimed responsibility at the time and leaked data from the incident. Today, HHS OCR announced a settlement with Deer Oaks following an expanded investigation that had been opened after an…
AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case
Bys s
Cybersecurity researchers have found that it’s possible to use large language models (LLMs) to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection. “Although LLMs struggle to create malware from scratch, criminals can easily use them to rewrite or obfuscate existing malware, making it harder to detect,”…
Gujarat ATS arrests 18-year-old for cyberattacks during Operation Sindoor
Bys s
Maulik Pathak reports: The Gujarat Anti-Terrorism Squad (ATS) has arrested 18-year-old Jasim Shahnawaz Ansari from Nadiad who, along with other juvenile accomplices, orchestrated multiple cyberattacks against several Indian government websites, especially amid Operation Sindoor, India’s military response following the Pahalgam terror attack. “The accused, a 12th-grade dropout, gained expertise in various programming languages, but his…
Takeaways from our investigation on AI-powered school surveillance
Bys s
Sharon Lurye of The Associated Press and Claire Bryan of The Seattle Times report: Thousands of American schools are turning to AI-powered surveillance technology for 24/7 monitoring of student accounts and school-issued devices like laptops and tablets. The goal is to keep children safe, especially amid a mental health crisis and the threat of school shootings. Machine-learning algorithms detect potential indicators of problems…
Why CTEM is the Winning Bet for CISOs in 2025
Bys s
Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a theoretical framework, CTEM now anchors today’s cybersecurity programs by continuously aligning security efforts with real-world risk. At the heart of CTEM is the integration of Adversarial Exposure Validation (AEV), an advanced, offensive
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
Bys s
Cybersecurity researchers have disclosed a surge in “mass scanning, credential brute-forcing, and exploitation attempts” originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity, detected since January 8, 2025, targeted organizations worldwide, according to a two-part analysis published by Trustwave SpiderLabs last week. “Net