Little fires everywhere for March Patch Tuesday
Just 57 CVEs to contend with (plus advisories), but six are already under exploit in the wild
Similar Posts
No need to hack when it’s leaking: Atrium Health edition
Bys s
Researcher Jeremiah Fowler recently discovered an unsecured database with protected health information (PHI) linked to Atrium Health in North Carolina. As reported at WebsitePlanet, there were 21,344 records with a total size of 6.99 GB. The database appeared to be an FTP storage database. Fowler reports: The PDF documents’ metadata indicated that these were “Software…
[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats
Bys s
How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore. Today’s attackers don’t need to “hack” in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip through unnoticed. Once inside, they can take over accounts, move laterally, and cause…
TikTok Restores Service for US Users Based on Trump’s Promised Executive Order
Bys s
TikTok restored service to users in the United States on Sunday just hours after the popular video-sharing platform went dark in response to a federal ban. The post TikTok Restores Service for US Users Based on Trump’s Promised Executive Order appeared first on SecurityWeek.
8Base Ransomware Data Leak Sites Seized in International Law Enforcement Operation
Bys s
Source: The Nation A coordinated law enforcement operation has taken down the dark web data leak and negotiation sites associated with the 8Base ransomware gang. Visitors to the data leak site are now greeted with a seizure banner that says: “This hidden site and the criminal content have been seized by the Bavarian State Criminal…
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
Bys s
A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. “The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite,” the international…
The Fine Line Between Ideology and Crime: Understanding the True Purpose of Dragon Ransomware – The Interview
Bys s
Over on SuspectFile, Marco A. De Felice writes: This interview provides a detailed look at Dragon Ransomware, a group active in the cybercrime landscape that combines a defined organizational structure with advanced technological expertise. Their statements shed light on operational elements and motivations that help to better understand the internal dynamics of these illicit activities….