With many companies enforcing freeze periods and reduced staffing over the holidays, critical security updates may have been delayed. While patching should never be postponed due to the associated risks, it’s imperative to apply the latest updates immediately if this has not already been done. "LDAP Nightmare" (CVE-2024-49113), was disclosed during Microsoft’s Patch Tuesday on 10th December, 2024.

In recent months, the cyber security landscape has seen a disturbing rise in phishing attacks that exploit DocuSign, a widely-used document-signing platform. Cyber criminals are increasingly trafficking in fake DocuSign assets, including templates and login credentials, creating new opportunities for extortion and business email compromise (BEC). These malicious activities have been thriving in underground marketplaces, where phishing emails mimicking legitimate DocuSign requests are readily available for purchase.

In its May 2024 Patch Tuesday update, Microsoft has addressed 61 new security vulnerabilities, including two zero-day flaws that have been actively exploited in the wild. These updates are critical for maintaining the security and integrity of Windows systems and other Microsoft software, as they address a wide range of threats that could potentially be exploited by attackers.

Apple and Google have officially launched a groundbreaking cross-platform feature designed to alert users if they are being tracked by unwanted Bluetooth devices. This collaborative initiative, dubbed "Detecting Unwanted Location Trackers" (DULT), aims to enhance user privacy and safety by notifying individuals on both iOS and Android platforms if a Bluetooth tracking device is being used to monitor their movements without their knowledge or consent.