Cybersecurity Briefing: September 7, 2021
# Lead Story: Microsoft Patch Tuesday and CVE-2021-40444 On September 7, 2021, Microsoft released a crucial security update addressing CVE-2021-40444, a critical vulnerability in the MSHTML component of Internet Explorer. This flaw could allow attackers to execute remote code on affected systems, presenting a significant risk to users and organizations. The patch underscores the importance of timely updates and vigilance in the face of evolving threats. Organizations are urged to prioritize this update to mitigate potential exploitation, which has been a growing concern given the increase in targeted attacks aimed at unpatched systems. Security Boulevard
Secondary Items
1. Surge in Ransomware Attacks: Reports indicate a troubling increase in ransomware incidents as attackers target sectors like healthcare and education. The rise in social engineering tactics has made breaches easier, emphasizing the need for improved security awareness and training within organizations. Security.com2. Data Breach Statistics: The Identity Theft Resource Center revealed that by early September 2021, the number of data breaches had exceeded the total for all of 2020, with a staggering 1,291 incidents recorded. This represents a 17% increase, with manufacturing and healthcare sectors suffering the most, indicating systemic vulnerabilities in data protection measures. Security Magazine
3. Exploitation of Vulnerabilities: A concerning trend noted in a recent report is the rapid exploitation of vulnerabilities post-disclosure. More than half of known exploited vulnerabilities were targeted within a week of being made public, highlighting the urgency for organizations to act quickly on patching and strengthening their defenses. Rapid7