Originally reported by Dark Reading, Infosecurity Magazine
TL;DR
Microsoft's March Patch Tuesday addressed 83 vulnerabilities including two publicly disclosed zero-days, while security researchers highlighted critical gaps in cloud configurations and identity recovery practices. Meanwhile, geopolitical tensions are driving both kinetic and cyber attacks against critical infrastructure.
Microsoft patched two publicly disclosed zero-day vulnerabilities alongside a broader pattern of escalating cloud attacks and geopolitical cyber threats. The combination of actively disclosed zero-days and sophisticated threat actor resurgence creates significant risk.
Microsoft released patches for 83 CVEs in its March Patch Tuesday, including two publicly disclosed zero-day vulnerabilities that required immediate attention. Security experts noted this month's release was less panic-inducing than previous cycles, though the zero-day fixes demanded priority deployment across enterprise environments.
The patches covered a broad range of Microsoft products and services, with organizations advised to prioritize the zero-day fixes in their deployment schedules.
Salesforce customers face exposure risks from overly permissive guest user configurations, according to recent security analysis. The misconfigurations allow unintended third-party access to sensitive client data through improperly configured guest access controls.
Meanwhile, Google Cloud's threat intelligence team reported a shift in attacker tactics, with cloud adversaries now preferring vulnerability exploitation over credential-based attacks. The report highlighted increased use of exploits like React2Shell, indicating a maturation in cloud-focused attack methodologies.
The ongoing Middle East conflict has exposed critical gaps in cloud resilience planning, with data centers becoming legitimate targets for both cyber and kinetic attacks. Government and military operations increasingly depend on cloud infrastructure that may lack adequate geographic distribution and resilience planning.
Russian threat actor Sednit has resurfaced with sophisticated new malware tools after years of using simpler implants. The group's return to advanced techniques signals a renewed focus on high-value targets and long-term persistence operations.
Check Point data reveals cyber attacks on UK organizations are increasing at four times the global average rate. The accelerated threat landscape in the UK suggests either targeted campaigns or particular vulnerabilities in British enterprise security postures.
Quest Software research found only 24% of organizations test identity disaster recovery plans every six months, highlighting critical gaps in identity security preparedness. This finding coincides with broader concerns about enterprise readiness for sophisticated identity-based attacks.
Ericsson disclosed a data breach affecting 15,000 employees and customers following a compromise at a third-party service provider, demonstrating ongoing supply chain security challenges in enterprise environments.
OpenAI's acquisition of Promptfoo addresses growing security concerns around agentic AI testing capabilities. The deal reflects increasing recognition that AI systems require specialized security testing frameworks as they become more autonomous and integrated into critical business processes.
Originally reported by Dark Reading, Infosecurity Magazine