February 2024 Patch Tuesday: Microsoft Patches 73 Flaws; 2 0Days

Feb14

0

February 2024 Patch Tuesday: Microsoft Patches 73 Flaws; 2 0Days

Posted by Richard Anderson on Feb 14, 2024

February 2024 Patch Tuesday: Microsoft Patches 73 Flaws; 2 0Days

Microsoft has released patches to fix 73 flaws across its product suite on February 2024 Patch Tuesday, including 2 zero-day bugs that are being actively exploited in the wild. 5 of the vulnerabilities are rated critical, 65 are rated important, and three are rated moderate severity. Microsoft releases patches for its Chromium-based Edge browser separately and has issued 24 patches to fix vulnerabilities since January 2024 Patch Tuesday. The two zero-day vulnerabilities are both security feature bypass flaws. CVE-2024-21412 is an Internet Shortcut File issue that is rated important with a CVSS score...

Read more

Critical FortiOS SSL VPN Vulnerability Likely Being Exploited in Attacks

Feb09

0

Critical FortiOS SSL VPN Vulnerability Likely Being Exploited in Attacks

Posted by Richard Anderson on Feb 9, 2024

Critical FortiOS SSL VPN Vulnerability Likely Being Exploited in Attacks

Fortinet has disclosed a new critical flaw in the FortiOS SSL VPN which is most likely already being exploited in the wild. The out-of-bounds write vulnerability – CVE-2024-21762 – in FortiOS can be exploited to execute arbitrary commands and...

Read more

PRC Hackers Inside U.S. Critical Infrastructure Systems in Preparation for Devastating Cyberattacks

Feb08

0

PRC Hackers Inside U.S. Critical Infrastructure Systems in Preparation for Devastating Cyberattacks

Posted by Richard Anderson on Feb 8, 2024

PRC Hackers Inside U.S. Critical Infrastructure Systems in Preparation for Devastating Cyberattacks

The Cybersecurity and Infrastructure Security Agency (CISA), the National...

Read more

Ivanti Connect Secure and Policy Secure Vulnerability Under Mass Exploitation

Feb06

0

Ivanti Connect Secure and Policy Secure Vulnerability Under Mass Exploitation

Posted by Richard Anderson on Feb 6, 2024

Ivanti Connect Secure and Policy Secure Vulnerability Under Mass Exploitation

A zero day vulnerability affecting Ivanti Connect Secure and Ivanti...

Read more

Recent News

Value of Strong Cybersecurity Programs and Guidance on Informed Consent Requirements

Apr 15Posted by Daniel Lopez in HIPAA Compliance

Companies with Strong Cybersecurity Programs Get Higher Returns for...

Cyberattacks and Data Breaches Reported by Ernest Health Hospitals, Wyndemere Senior Care, Baylor College of Medicine and Harvard Pilgrim Health Care

Apr 10Posted by Daniel Lopez in HIPAA Compliance

Patient Data Theft from Several Ernest Health Hospitals Ernest Health...

Is WhatsApp HIPAA Compliant?

Is WhatsApp HIPAA Compliant?

Apr 8Posted by Daniel Lopez in HIPAA Compliance

WhatsApp is not HIPAA compliant and cannot be used to send and receive...

$7.5M Theft of Grant Fund Explained by HHS

$7.5M Theft of Grant Fund Explained by HHS

Apr 3Posted by Daniel Lopez in HIPAA Compliance

Senator Bill Cassidy, M.D. (R-LA), ranking member of the Senate Health,...

Is it Possible to Have HIPAA Compliant Gmail?

Is it Possible to Have HIPAA Compliant Gmail?

Apr 3Posted by Elizabeth Hernandez in HIPAA Compliance

It is possible to have HIPAA compliant Gmail if you subscribe to a Google...

Display More News

Popular News All Time

Previous Next

Value of Strong Cybersecurity Programs and Guidance on Informed Consent Requirements
Apr 15, 2024
Top 5 Healthcare Data Breaches in 2011
Sep 29, 2011
Navigating Privacy Laws for Patient Data Sharing
Sep 30, 2011
Preparation for HIPAA Audits Essential
Dec 6, 2011
2012 Ponemon Institute Data Security Study Released
Dec 14, 2012

Data Breaches
HIPAA Compliance
Cybersecurity Alerts
Vendor News

Half the Population of France Affected by Data Breaches at Healthcare Payment Processors

Half the Population of France Affected by Data Breaches at Healthcare Payment Processors

Feb 14Posted by Richard Anderson in Data Breaches

The French Data Protection Agency, CNIL, is investigating two data breaches...

The Mother of All Breaches: Exposed Database Contains 26 Billion Records

The Mother of All Breaches: Exposed Database Contains 26 Billion Records

Jan 23Posted by Richard Anderson in Data Breaches, Data Security News, Password Management

Cybersecurity researcher Bob Diachenko of Security Discovery and the team at...

23andMe Confirms Hacker Stole Data of 6.9 Million Users

23andMe Confirms Hacker Stole Data of 6.9 Million Users

Dec 5Posted by Richard Anderson in Data Breaches, Data Security News

On Friday, the direct-to-consumer genetic testing company, 23andMe,...

Display More News

Value of Strong Cybersecurity Programs and Guidance on Informed Consent Requirements

Apr 15Posted by Daniel Lopez in HIPAA Compliance

Companies with Strong Cybersecurity Programs Get Higher Returns for...

Cyberattacks and Data Breaches Reported by Ernest Health Hospitals, Wyndemere Senior Care, Baylor College of Medicine and Harvard Pilgrim Health Care

Apr 10Posted by Daniel Lopez in HIPAA Compliance

Patient Data Theft from Several Ernest Health Hospitals Ernest Health...

Is WhatsApp HIPAA Compliant?

Is WhatsApp HIPAA Compliant?

Apr 8Posted by Daniel Lopez in HIPAA Compliance

WhatsApp is not HIPAA compliant and cannot be used to send and receive...

Display More News

February 2024 Patch Tuesday: Microsoft Patches 73 Flaws; 2 0Days

February 2024 Patch Tuesday: Microsoft Patches 73 Flaws; 2 0Days

Feb 14Posted by Richard Anderson in Cybersecurity Alerts

Microsoft has released patches to fix 73 flaws across its product suite on...

Critical FortiOS SSL VPN Vulnerability Likely Being Exploited in Attacks

Critical FortiOS SSL VPN Vulnerability Likely Being Exploited in Attacks

Feb 9Posted by Richard Anderson in Cybersecurity Alerts

Fortinet has disclosed a new critical flaw in the FortiOS SSL VPN which is...

PRC Hackers Inside U.S. Critical Infrastructure Systems in Preparation for Devastating Cyberattacks

PRC Hackers Inside U.S. Critical Infrastructure Systems in Preparation for Devastating Cyberattacks

Feb 8Posted by Richard Anderson in Cybersecurity Alerts

The Cybersecurity and Infrastructure Security Agency (CISA), the National...

Display More News

Bulletproof Hosting Service Utilized by Ransomware Gangs Seized by Authorities

Bulletproof Hosting Service Utilized by Ransomware Gangs Seized by Authorities

Aug 14Posted by Richard Anderson in Vendor News

A ‘Bulletproof’ hosting service that was utilized by ransomware gangs...

TitanHQ Announces Security Awareness Training, Web Filtering and Email Security Product Updates

TitanHQ Announces Security Awareness Training, Web Filtering and Email Security Product Updates

Jul 23Posted by Richard Anderson in Vendor News

The Irish cybersecurity company, TitanHQ, has recently improved its...

U.S. State Department Offers $10 Million Reward for Information on Clop Ransomware Group

U.S. State Department Offers $10 Million Reward for Information on Clop Ransomware Group

Jun 19Posted by Richard Anderson in Vendor News

The U.S. Department of State is offering a reward of up to $10 million for...

Display More News