The Cybersecurity and Infrastructure Security Agency has updated its Known Exploited Vulnerabilities catalog to include security issues impacting NextGen Healthcare Mirth Connect and Google Chrome instances, according to Security Affairs.
In this month’s release, Redmond patched 60 CVEs including two other zero-days and a SharePoint Server remote code execution vulnerability rated critical.
Apple has rolled out security updates to address a zero-day vulnerability in the Safari web browser that was exploited during the recent Pwn2Own Vancouver hacking competition, BleepingComputer reports.
Security pros say the industry can expect to see this bug exploited soon, so patch, monitor and conduct other measures, like browser isolation and sandboxing.
A new Absolute Security report found that many organizations are failing to ensure that the endpoint protection platforms and network access security applications on their managed PCs are running in compliance with basic security policies, reports TechRepublic.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.