Dropbox Sign Breach Exposes Customer Data
Cloud storage giant Dropbox has recently disclosed a data breach affecting its eSignature service, Dropbox Sign (formerly HelloSign). The incident highlights the ongoing risks businesses…
On February 2024, Microsoft’s Patch Tuesday saw the release of updates addressing 73 vulnerabilities, including two critical zero-day flaws that were actively exploited. Among these vulnerabilities, five were rated as critical, 66 as important, and two as moderate, spanning a wide range of Microsoft products from Windows and Azure to Microsoft Office and Exchange Server.
The critical issues included a notable elevation of privilege vulnerability in Microsoft Exchange Server and remote code execution vulnerabilities in various components. Two zero-day vulnerabilities, CVE-2024-21351 and CVE-2024-21412, were particularly concerning due to their active exploitation, involving a security feature bypass in Windows SmartScreen and Internet Shortcut Files, respectively.
These updates underscore the importance of timely patch management as a cornerstone of cyber security hygiene to mitigate potential attacks and safeguard systems against exploitation.
For more detailed insights and technical analysis, you can read more at the following sites: The Hacker News, BleepingComputer, and Tenable’s blog.