Articles of interest from the week of April 4, 2022

Nearly 40% of Macs Left Exposed to 2 Zero-Day Exploits

Between 35% and 40% of all supported Macs might be at heightened risk of compromise from two zero-day vulnerabilities that Apple has said are being exploited in the wild, but for which the company has not yet issued a patch. (By Jai Vijayan, Dark Reading)

FBI Releases PIN on Phishing Campaign against U.S. Election Officials

The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) to warn U.S. election and other state and local government officials about invoice-themed phishing emails that could be used to harvest officials’ login credentials; recommended actions to mitigate the threat are provided. (By Cybersecurity & Infrastructure Security Agency)

Google Releases Security Updates for Chrome

Google has released Chrome version 100.0.4896.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. (By CISA)

Battling Cybersecurity Risk: How to Start Somewhere, Right Now

In the battle against cybercrime, some of the most effective and most sensible mitigations are sometimes neglected. In this article, we'll outline why cybersecurity risks have escalated so dramatically – and which easy wins your organization can make for a significant difference in your cybersecurity posture, right now. (By The Hacker News)

SpringShell Attacks Target About One in Six Vulnerable Orgs

Roughly one out of six organizations worldwide that are impacted by the Spring4Shell zero-day vulnerability have already been targeted by threat actors, according to statistics from one cybersecurity company. (By Bill Toulas, BleepingComputer)