Trustwave

Trustwave's Action Response: Microsoft zero-day CVE-2022-30190 (aka Follina)

Jun 3, 2022 By Trustwave In Trustwave

Trustwave SpiderLabs is tracking the critical-rated zero-day vulnerability CVE-2022-30190. Threat actors are reported to be actively exploiting this vulnerability in the wild. Microsoft disclosed and issued guidance for CVE-2022-30190 on May 30. Trustwave is diligently watching over our clients for exposure and associated attacks and working closely with our clients to ensure that mitigations are in place.

Read Post
CrowdStrike

Detecting Poisoned Python Packages: CTX and PHPass

Jun 3, 2022 By Manoj Ahuje In CrowdStrike

The software supply chain remains a weak link for an attacker to exploit and gain access to an organization. According to a report in 2021, supply chain attacks increased by 650%, and some of the attacks have received a lot of limelight, such as SUNBURST in 2020 and Dependency Confusion in 2021.

Read Post

PCI DSS 4 0 Requirements Explained

Jun 3, 2022 By VISTA InfoSec In VISTA InfoSec
PCI DSS 4.0 update has made a huge buzz in the industry post its release. Organizations are still scrambling to understand the changes introduced and learn about the requirements of PCI DSS. So, explaining the updates and the PCI requirements in detail VISTA InfoSec conducted an informative webinar on ”PCI DSS 4.0 Requirements Explained”. Watch the video and gain insight into the key updates introduced by the PCI Council.
View Video
netskope

Addressing the Security Leader Mental Health Crisis: Time to Take the Next Step

Jun 3, 2022 By Shamla Naidoo In Netskope

It’s no secret that the security leaders, especially chief information security officers (CISOs), have one of the most stressful jobs in the C-suite. They are bumping up against high demand, high risk, and often unrealistic expectations for their work.

Read Post
SecureAge

How much money is spent on cybersecurity?

Jun 3, 2022 By Nigel Thorpe In SecureAge

Businesses have never been more vulnerable than they are today. While cybercrime cost companies an already whopping US$300 billion in 2013, damages have since skyrocketed to US$945 billion in 2020. That’s 300% growth in just a short span of seven years. The worst part is, that we can expect this number to continue rising exponentially in the coming decade.

Read Post
splunk

Truth in Malvertising?

Jun 3, 2022 By Shannon Davis In Splunk

Splunk SURGe recently released a whitepaper, blog, and video that outline the encryption speeds of 10 different ransomware families. Early in our research, during the literature review phase, we came across another group that conducted a similar study on ransomware encryption speeds. Who was this group you ask? Well, it was actually one of the ransomware crews themselves.

Read Post
manageengine

Microsoft zero-day vulnerability, Follina (CVE-2022-30190), exploited in the wild: Here's all you need to know

Jun 2, 2022 By General In ManageEngine

Follina—while we’re sure this commune in Italy is lovely, the same can’t be said about this new vulnerability by the same name for InfoSec folks. Thanks to a zero-day bug in the Microsoft Support Diagnostic Tool, Follina is now making the headlines but for all the wrong reasons. This blog talks in detail about the zero-day vulnerability in Microsoft Support Diagnostic Tool (MSDT), popularly known as Follina.

Read Post
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.