<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 11/9/2022

Top News

Krebs on Security: Patch Tuesday, November 2022 Election Edition

Let's face it: Having "2022 election" in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are anxiously awaiting the results of how well we've patched our Democracy, it seems fitting that Microsoft Corp. today released gobs of security patches for its ubiquitous Windows operating systems. November's patch batch includes fixes for a whopping six zero-day security vulnerabilities. READ MORE...

Software Updates

Patches for 6 0-days under active exploit are now available from Microsoft

It's the second Tuesday of the month, and that means it's Update Tuesday, the monthly release of security patches available for nearly all software Microsoft supports. This time around, the software maker has fixed six zero-days under active exploit in the wild, along with a wide range of other vulnerabilities that pose a threat to end users. Two of the zero-days are high-severity vulnerabilities in Exchange that, when used together, allow hackers to execute malicious code on servers. READ MORE...

VMware fixes three critical auth bypass bugs in remote access tool

VMware has released security updates to address three critical severity vulnerabilities in the Workspace ONE Assist solution that enable remote attackers to bypass authentication and elevate privileges to admin. Workspace ONE Assist provides remote control, screen sharing, file system management, and remote command execution to help desk and IT staff remotely access and troubleshoot devices in real time from the Workspace ONE console. READ MORE...

Citrix urges admins to patch critical ADC, Gateway auth bypass

Citrix is urging customers to install security updates for a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway. Under specific configurations, the three vulnerabilities can enable attackers to gain unauthorized access to the device, perform remote desktop takeover, or bypass the login brute force protection. Citrix Gateway is an SSL VPN service providing secure remote access with identity and access management capabilities. READ MORE...

SAP Patches Critical Vulnerabilities in BusinessObjects, SAPUI5

German software maker SAP announced the release of nine new security notes on its November 2022 Security Patch Day, including two notes addressing critical bugs in BusinessObjects and SAPUI5. There were also updates to two previously released notes. Three other security notes were released between the second Tuesday of October and the second Tuesday of November. READ MORE...

ICS Patch Tuesday: Siemens Addresses Critical Vulnerabilities

Siemens and Schneider Electric have released their Patch Tuesday advisories for November 2022. Siemens has released nine new security advisories covering a total of 30 vulnerabilities, but Schneider has only published one new advisory. Of Siemens' nine advisories, three describe vulnerabilities that have been rated 'critical'. Four vulnerabilities - one high-severity and three critical flaws - have been found in Sicam Q100 power meter devices. READ MORE...

Information Security

Mastodon: What you need to know for your security and privacy

Mastodon is hot right now. After some years of only being used by geeks (yes, I've had an account for a while now) it's at the tipping point of becoming mainstream. Elon Musk's purchase of Twitter, his erratic pronouncements, and the layoff of many of the site's staff, has sent shockwaves through the Twitter community who are concerned about how the service might change. READ MORE...

On This Date

  • ...in 1914, actress and inventor Hedy Lamarr is born. She was both a Hollywood leading lady and also devised the radio technology now used in Wi-Fi, GPS, and cell phones.
  • ...in 1934, astronomer, cosmologist, and author Carl Sagan is born. His 1980 television series "Cosmos" is among the most popular PBS documentaries of all time.
  • ...in 1967, the first issue of "Rolling Stone" magazine is published.
  • ...in 1985, 22-year-old Garry Kasparov defeats Anatoly Karpov to become the youngest World Chess Champion.
  • ...in 1989, Communist East Germany opens checkpoints in the Berlin Wall to West Germany, leading to German reunification and the fall of communism in Eastern Europe.