news
Security and Fake Security
-
Scoop News Group ☛ Microsoft’s Patch Tuesday closes 72 vulnerabilities, including 5 zero-days [Ed: New bug doors ready to install]
The company has addressed zero-day vulnerabilities for eight consecutive months without deeming any of them critical at the time of disclosure.
-
Security Week ☛ Zero-Day Attacks Highlight Another Busy Abusive Monopolist Microsoft Patch Tuesday [Ed: And meanwhile Microsoft's CEO boasts they try to use slop as code; devil in the details?]
Patch Tuesday: Abusive Monopolist Microsoft patches at least 70 security bugs and flagged five zero-days in the “exploitation detected” category.
-
Krebs On Security ☛ Patch Tuesday, May 2025 Edition [Ed: Microsoft's latest back or bug doors are ready]
Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month’s patch batch from Redmond are fixes for two other weaknesses that now have public proof-of-concept exploits available.
-
SANS ☛ Microsoft Patch Tuesday: May 2025, (Tue, May 13th)
Today, Abusive Monopolist Microsoft released its expected update for the May patch on Tuesday. This update fixes 78 vulnerabilities. 11 are rated as critical, and 66 as important. Five of the vulnerabilities have already been exploited and two were publicly known but not yet exploited. 70 of the vulnerabilities were patched today, 8 had patches delivered earlier this month.
-
Bruce Schneier ☛ Court Rules Against NSO Group
The case is over:
A jury has awarded WhatsApp $167 million in punitive damages in a case the company brought against Israel-based NSO Group for exploiting a software vulnerability that hijacked the phones of thousands of users.
I’m sure it’ll be appealed. Everything always is.
-
Scoop News Group ☛ Wide-ranging Fashion Company Apple security update addresses over 30 vulnerabilities [Ed: Apple does not value security]
Apple said there is no indication of active exploitation for the listed vulnerabilities.
-
Windows TCO / Windows Bot Nets
-
The Register UK ☛ Ransomware crims targeting systems between IT and operations
In the case of a petroleum pipeline, middle systems live in the facilities that store and distribute fuel, and separate home heating oil from gasoline, diesel, and jet fuel.
"It's the system in the middle, and the impact of ransomware [on in-between systems] affects the integrity of the product," Conway told The Register. Back to that petroleum pipeline, where if the wrong product comes down the line the system isn’t sound.
-
The Record ☛ Cybersecurity incident forces largest US steelmaker to take some operations offline
North Carolina-based steel company Nucor said it temporarily halted production operations at some locations because of a recent cybersecurity incident and is working to restart them.
In an 8-K filing with federal regulators, Nucor said the incident involved “unauthorized third party access to certain information technology systems” but did not explain further.
-
The Record ☛ British retailer M&S reportedly set to claim £100 million from insurers after cyberattack
The company, a constituent of the FTSE 100 Index, first announced it was managing a cyber incident following the Easter weekend in April. Its app and online shopping are still unavailable, customers have been warned their data may have been compromised, and shelves at stores are sporadically empty due to stocking challenges.
-