Here’s an overview of some of last week’s most interesting news, articles and interviews:
Attackers are exploiting zero-day RCE flaw to target Windows users (CVE-2021-40444)
Attackers are exploiting CVE-2021-40444, a zero-day remote code execution vulnerability in MSHTML (the main HTML component of the Internet Explorer browser), to compromise Windows/Office users in “a limited number of targeted attacks,” Microsoft has warned.
September 2021 Patch Tuesday forecast: It’s new operating system season
Microsoft has released Server 2022 and Windows 11 is coming in October. Apple also has the beta available for the next version of macOS. But let’s start by focusing on a new Office vulnerability before next week’s Patch Tuesday.
Researchers pinpoint ransomware gangs’ ideal enterprise victims
Researchers with threat intelligence company KELA have recently analyzed 48 active threads on underground (dark web) marketplaces made by threat actors looking to buy access to organizations’ systems, assets and networks, and have found that at least 40% of the postings were by active participants in the ransomware-as-a-service (RaaS) supply chain (operators, or affiliates, or middlemen).
The healthcare cybersecurity market to grow steadily by 2026
The healthcare cybersecurity market registered a CAGR of 15.6% over the forecast period 2021 – 2026, according to ResearchAndMarkets.
OpenSSL 3.0: A new FIPS module, new algorithms, support for Linux Kernel TLS, and more
The OpenSSL Project has released OpenSSL 3.0, a major new stable version of the popular and widely used cryptography library.
Protecting your company from fourth-party risk
In a world that is becoming ever more interconnected, organizations are learning firsthand that they are not only vulnerable to the adverse events that their vendors experience but also to the incidents that happen to those vendors’ vendors.
Healthcare cybersecurity under attack: How the pandemic affected rural hospitals
In this interview with Help Net Security, Baha Zeidan, CEO at Azalea Health, talks about how rural hospitals have been affected by the pandemic and what steps they should take to boost their cybersecurity posture.