Head news this week is of course MS15-034, which we’ve also covered in our own blog. Those who still haven’t patched are advised to do so as soon as possible to avoid falling victim to this attack. There’s also been Patch Tuesday for April 2015 this month, with patches from Microsoft, Oracle and Adobe.
In other news, Majority of Orgs Anticipate Attacks, But One-Third Can’t Find Security Talent, and security companies have also started releasing their yearly threat reports; amongst them Verizon’s which states how Phishing, RAM scrapers and web app insecurity were the main sources of data breaches during 2014.
Top 5 Security links
MS15-034: HTTP.sys (IIS) DoS And Possible Remote Code Execution. PATCH NOW
Don’t Be Fodder for China’s ‘Great Cannon’
Police operation disrupts Beebone botnet used for malware distribution
Coordinated Takedown Puts End to Simda Botnet
Russia pulls alleged ‘Svpeng’ kingpin
Top 5 Business Intelligence links
Majority of Orgs Anticipate Attacks, But One-Third Can’t Find Security Talent
FireEye Uncovers Decade-Long Cyber Espionage Campaign Targeting South East Asia
Symantec 2015 Internet Security Threat Report
Verizon 2015 Data Breach Investigation Report
Microsoft MS15-034 (HTTP.sys DoS, Memory Disclosure and potential Remote Code Execution)
Patch Tuesday April 2015