Microsoft has recently highlighted a significant security vulnerability in Windows, known as CVE-2024-43461, which affects the retired Internet Explorer browser. Although Internet Explorer is no longer actively used, the underlying platform it utilized remains part of Windows and can still pose risks. This vulnerability allows attackers to run malicious code if a user inadvertently visits a harmful webpage or opens a tainted file. The flaw, which can mislead users about the true nature of a downloaded file, was exploited in the wild prior to its patching in September 2024.

This Month in Cybersecurity - August Edition

Anthony Mannino August 15, 2024

Bugs Found in OpenVPN by Microsoft

Microsoft recently discovered four security flaws in OpenVPN, a popular tool used for creating secure virtual private network (VPN) connections. These flaws could be combined to allow hackers to take full control of a targeted computer, leading to serious risks like data breaches and unauthorized access to sensitive information.

This Month in Cybersecurity - July Edition

Anthony Mannino July 18, 2024

Microsoft Connects Scattered Spider to Qilin Ransomware

Microsoft has reported that the Scattered Spider cybercrime gang has started using a new type of ransomware called Qilin in their attacks. This group, also known as Octo Tempest, gained attention for targeting over 130 major companies, including Microsoft and AT&T.

This Month in Cybersecurity - June Edition

Anthony Mannino June 20, 2024

VMWare Gives Warning of Two Critical Flaws

VMware, managed by Broadcom, has identified two critical security flaws in its vCenter Server software, which is crucial for managing virtual machines and hosts in its Cloud Foundation and vSphere suites. These flaws, CVE-2024-37079 and CVE-2024-37080, have been rated 9.8 out of 10 in severity.

Orion Secure

Cyber Security Consulting Cyber Defense