Week In Review: Kali Linux 2021.3, How To Avoid Cloud Configuration Breaches, Hybrid digital

Right here’s an summary of a few of final week’s most fascinating information, articles and interviews:

Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)
Apple has launched safety updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) which might be being exploited in assaults within the wild. Kali Linux 2021.3 released: Kali NetHunter on a smartwatch, wider OpenSSL compatibility, new tools, and more!
Offensive Safety has launched Kali Linux 2021.3, the newest model of its well-liked open supply penetration testing platform. You may obtain it or improve to it. CVE-2021-40444 exploitation: Researchers find connections to previous attacks
The current focused assaults exploiting the (on the time) zero-day distant code execution vulnerability (CVE-2021-40444) in Home windows by way of booby-trapped Workplace paperwork have been delivering customized Cobalt Strike payloads, Microsoft and Microsoft-owned RiskIQ have shared. Microsoft announces passwordless authentication option for consumers
After providing the passwordless authentication choice to enterprise prospects in March 2021, Microsoft has now began rolling it out to its client phase of customers. Third-party cloud providers: Expanding the attack surface
On this interview with Assist Internet Safety, Fred Kneip, CEO at CyberGRX, talks concerning the lack of visibility into third-party threat, the right way to deal with this concern, and what corporations ought to think about when selecting the best cloud supplier.

Only 30% of enterprises use cloud services with E2E encryption for external file sharing
A current examine of enterprise IT safety determination makers performed by Tresorit reveals that majority of enterprises use extra encryption strategies to spice up the safety of cloud collaboration and file switch,

 » Read more from www.helpnetsecurity.com