article thumbnail

Microsoft Patch Tuesday, June 2023 Edition

Krebs on Security

” Top of the list on that front is CVE-2023-29357 , which is a “critical” bug in Microsoft SharePoint Server that can be exploited by an unauthenticated attacker on the same network. This SharePoint flaw earned a CVSS rating of 9.8 is the most dangerous).

Phishing 292
article thumbnail

Microsoft Patch Tuesday, May 2023 Edition

Krebs on Security

First up in May’s zero-day flaws is CVE-2023-29336 , which is an “elevation of privilege” weakness in Windows which has a low attack complexity, requires low privileges, and no user interaction. ” Adam Barnett , lead software engineer at Rapid7 , said CVE-2023-24932 deserves a considerably higher threat score.

Security 285
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Apple & Microsoft Patch Tuesday, July 2023 Edition

Krebs on Security

They include CVE-2023-32049 , which is a hole in Windows SmartScreen that lets malware bypass security warning prompts; and CVE-2023-35311 allows attackers to bypass security features in Microsoft Outlook. CVE-2023-36874 is an elevation of privilege bug in the Windows Error Reporting Service.

article thumbnail

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

Krebs on Security

On April 7, Apple issued emergency security updates to fix two weaknesses that are being actively exploited, including CVE-2023-28206 , which can be exploited by apps to seize control over a device. CVE-2023-28205 can be used by a malicious or hacked website to install code. Both vulnerabilities are addressed in iOS/iPadOS 16.4.1,

article thumbnail

How to Create Unique Customer Journeys to Optimize Business Outcomes

Speaker: Shawn Phillips, CCXP, Head of Growth and Innovation

August 9th, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST Save your seat and register today!

article thumbnail

Microsoft Patch Tuesday, March 2023 Edition

Krebs on Security

The Outlook vulnerability ( CVE-2023-23397 ) affects all versions of Microsoft Outlook from 2013 to the newest. While CVE-2023-23397 is labeled as an “Elevation of Privilege” vulnerability, that label doesn’t accurately reflect its severity, said Kevin Breen , director of cyber threat research at Immersive Labs. .”

Passwords 310
article thumbnail

Microsoft Patch Tuesday, January 2023 Edition

Krebs on Security

Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. Of particular concern for organizations running Microsoft SharePoint Server is CVE-2023-21743. Microsoft says this flaw is “more likely to be exploited” at some point.

article thumbnail

Customer Experience Management: Optimizing Your Strategy for Financial Success

Speaker: Diane Magers, Founder and Chief Experience Officer at Experience Catalysts

October 19th, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST Register today!

article thumbnail

The Anti-Money Laundering Act of 2020: Initial Catalysts, Current Implications, and Future Impacts

Speaker: Elizabeth "Paige" Baumann, Founder and CEO of Paige Baumann Advisory, LLC

March 22nd, 2023 at 9:30 am PDT, 12:30 pm EDT, 4:30 pm GMT Treasury’s Financial Crimes Enforcement Network (FinCEN) pursuant to the AMLA so far Anticipated impacts of the AMLA to financial institutions required to have AML programs and other entities Save your seat and register today!

article thumbnail

Exploring the Overlap: Cost Optimization and Digital Transformation

Speaker: Alex Jiménez, Managing Principal, Financial Service Consulting for EPAM

April 19th, 2023 at 9:30 am PDT, 12:30 pm EDT, 4:30 pm GMT

article thumbnail

The Power of Storytelling in Risk Management

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

July 13th, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

July 20th, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST This exclusive webinar with William Hord, Senior VP of Risk & Professional Services, will explore the answers to these questions and other foundational elements you need to start or validate your ERM program. Register today!

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

August 23, 2023 at 9:30am PDT, 12:30pm EDT, 5:30pm BST Bales, Esq. is here to teach you: How to break compliance and security down into discrete components Tips and strategies to establish a functional compliance and security protocol for your organization Why compliance and security are moving targets - your job is never “done” And more!

article thumbnail

Everything You Need to Know About Crypto

Speaker: Ryan McInerny, CAMS, FRM, MSBA - Principal, Product Strategy

May 18th, 2023 at 9:30 am PDT, 12:30 pm EDT, 5:30 pm BST