A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated remote code execution on the Exim Server. The Mitre Corporation has released the ninth version of its ATT&CK knowledge base of adversary tactics and techniques. Healthcare organizations are increasingly turning to zero trust architecture, which does away with the traditional security perimeter. DoD’s Cybersecurity Maturity Model Certification (CMMC) standardizes cybersecurity best practices for vendors and contractors working with the DoD.
Source: https://www.helpnetsecurity.com/2021/05/09/week-in-review-patch-tuesday-forecast-how-to-select-a-dlp-solution-is-it-ok-to-publish-poc-exploits/