Microsoft on Thursday released updates for three, free Security Development Lifecycle (SLD) tools designed to aid with the design and verification of applications. The updated tools – Threat Modeling Tool v3.1.8, MiniFuzz Tool v1.5.5 and RegExFuzz Tool v1.1.0 – include fixes for security and stability bugs, Microsoft said. In addition, the tools now add support for the 2010 versions of Microsoft's development environment, including Visual Studio and Team Foundation Server. Microsoft's SDL tools have been downloaded nearly 700,000 times since 2008, according to the Redmond, Wash.-based computing giant.
UnitedHealth Group’s CEO Andrew Witty set to testify before Congress tomorrow – security pros say there’s more to the story and it will take several more months of investigation before we know the full kill chain.
Threat actors could leverage a high-severity vulnerability impacting the R programming language, tracked as CVE-2024-27322, to enable arbitrary code execution during the deserialization of packages using the RDS format and potentially facilitate supply chain attacks, The Hacker News reports.
Major Canadian retail pharmacy chain London Drugs had all its stores across Alberta, British Columbia, Manitoba, and Saskatchewan temporarily closed down following a cybersecurity incident discovered on Sunday, reports The Register.