November’s Patch Tuesday brought dozens of fixes to Windows, Office and SQL server, with four vulnerabilities deemed “critical” by Microsoft, according to an SCWorld report.
Most were classified as “important” flaws – generally requiring that the threat actor already have local access to the vulnerable system. Five of the vulnerabilities are currently being exploited in the wild and it is recommended to make patches and remediation of these a top priority.
SCWorld provides a rundown of the patches and remediations that should be done as soon as possible to protect against active exploitation. Read the complete article here.
Got news or tips to share with us? Please send them to [email protected].
Today’s MSSP Update
1. API threats - Akamai’s new report finds that while API attacks are increasing, visibility into the risks that allow attackers to breach their defenses is declining. The company says that the disconnect signals that API security will be a major issue across all industries for the foreseeable future. What’s more, the average cost to remediate an API security incident in the U.S. is $591,404. In fact, Akamai observed 108 billion API attacksfrom January 2023 through June 2024, an average of 2,289.38 attacks per second.
2. Critical vulnerability actively exploited - Sophos X-Ops reports that threat actors are exploiting CVE-2024-40711, a vulnerability in Veeam’s Backup and Replication, as a part of a threat activity cluster.
3. Holiday retail cybersecurity vulnerabilities - MSSP Viking Cloud has warned that retailers could face unprecedented cyber risks this holiday season.Eighty percent of retailers have already been attacked this year, and 52% report being more at risk during the 2024 holiday season than any other time of the year. Forty-six percent of retailers are onboarding seasonal workers with minimal cyber training. 78% receive no social engineering training, 56% no internet safety training, and 56% no mock phishing practice.
4. Data for detection of cyberattacks - DeepTempo today announced its emergence from stealth mode with the launch of Tempo, a deep learning-based Snowflake Native App available now on the Snowflake Marketplace. Tempo leverages collective deep learning to improve the detection of potential cyberattacks while increasing the productivity of security teams.
5. Working with CISOs on budgets - A new Enterprise Security Weekly podcast features Theresa Lanowitz, cybersecurity evangelist at LevelBlue talking about the budget struggle for CISOs. These execs are more likely to face reactive budgets than CIOs or CTOs, and it can hurt proactive cybersecurity measures. This podcast covers the causes behind this and strategies for breaking out of this loop.
