Threats & Malware, Vulnerabilities
March 3, 2021
Via: Hot for SecurityA new zero-day vulnerability has been discovered in the popular web browser Chrome, with Google noting that the flaw is being exploited by malicious actors. Users should install the updated version of the browser containing the patch as soon as […]
November 20, 2019
Via: Security WeekA fake Windows Update spam campaign has been dropping the Cyborg ransomware. The mail delivery mechanism claims to come from Microsoft. It directs the potential victim to an attachment described as the ‘latest critical update’. “The fake update attachment,” writes […]
November 13, 2019
Via: Threat PostThe popular e-commerce platform Magento is urging web administrators to install its latest security update in order to defend against malicious attacks in the wild that could exploit a critical remote code-execution vulnerability. While the company didn’t specify what kinds […]
September 23, 2019
Via: The HillMicrosoft announced Friday that it will provide free security updates for federally certified voting systems that run Windows 7 through the 2020 elections, delaying the threat of voting taking place on unpatched equipment. Microsoft launched Windows 7 in 2009, and […]
September 2, 2019
Via: TechRadarUsers looking to reinstall Windows 10 will soon be able to do so just by going online, Microsoft has revealed The latest Windows 10 Insider Preview Build includes a new option when resetting your PC that will tie to a […]
Network security, Threats & Malware, Vulnerabilities
August 20, 2019
Via: Help Net SecurityVLC, the popular cross-platform media player, has reached version 3.0.8, which fixes over a dozen security vulnerabilities, some of which could be exploited by attackers to achieve code execution on victims’ machines. About VLC VLC is an extremely popular piece […]
July 11, 2019
Via: Threat PostApple has pushed a silent update to Mac users that removes a hidden web server from Zoom users’ machines. The Zoom web- and video-conferencing service has come under scrutiny for its handling of a zero-day bug (CVE-2019–13450) found by researcher […]
Cloud security, Mobile, Mobile security, Vulnerabilities, Wireless security
May 27, 2019
Via: Threat PostMicrosoft has begun pushing out its May 2019 Windows 10 update, which will flag Wi-Fi networks that are using the outdated and insecure Wired Equivalent Privacy (WEP) and Temporal Key Integrity Protocol (TKIP) authentication mechanisms. WEP was introduced in 1997 […]
April 17, 2019
Via: Threat PostOracle is urging customers to patch critical vulnerabilities in its products as part of its massive April update, which fixes a whopping 297 flaws. Of those flaws, 53 vulnerabilities in Oracle products had a CVSS score of 9.0 or higher, […]
Application security, Network security
April 9, 2019
Via: TechRadarThe Windows 10 May 2019 Update has entered the final stage of testing, with the upgrade expected to be rolled out starting the end of May. In other words, Microsoft has pushed the May 2019 Update to the Release Preview […]
December 6, 2018
Via: Help Net SecurityAnother month, another set of Apple security updates: if you’re using macOS, iOS, Shortcuts for iOS, tvOS, Safari, and iCloud and iTunes for Windows, it’s time to get patching. The updates The Safari, iCloud and iTunes updates have a lot […]
October 12, 2018
Via: Security WeekAn audit commissioned by Mozilla for the Firefox update system revealed no critical vulnerabilities and the flaws rated “high severity” were not easy to exploit. Experts at Germany-based X41 spent 27 days analyzing the Firefox Application Update Service (AUS), including […]
October 3, 2018
Via: Help Net SecurityWireless routers are the most often attacked and exploited type of IoT device. They are also one of the rare IoT devices that most of us can’t do without. We need them to be as secure as can be, but […]
Mobile security, Network security
October 3, 2018
Via: Hot for SecurityOnce again, a way of bypassing the iPhone’s passcode lock to expose users’ photos and contacts has been discovered. Jose Rodriguez, who has uncovered vulnerabilities in iOS’s lock screen security on a number of occasions in the past, has produced […]
Cloud security, Network security
July 3, 2018
Via: Dark ReadingMicrosoft rolls out its cloud-based IoT service to the general public, while upping data protection with new categories including device management and security. Microsoft has made Azure IoT Edge publicly available around the world with several updates intended to bolster […]
April 27, 2018
Via: Security AffairsThe IT giant has rolled out a new batch of software and microcode security updates to address the Spectre flaw (Variant 2). The Spectre Variant 2, aka CVE-2017-5715, is a branch target injection vulnerability, while the Meltdown and Variant 1 […]
April 4, 2018
Via: Security WeekGoogle this week has released its April 2018 set of Android security patches which address more than two dozen Critical and High severity vulnerabilities. 19 vulnerabilities were found to affect components such as Android runtime, Framework, Media framework, and System. […]
Application security, Vulnerabilities
March 26, 2018
Via: Security WeekDrupal announced plans to release a security update for Drupal 7.x, 8.3.x, 8.4.x, and 8.5.x on March 28, 2018, aimed at addressing a highly critical vulnerability. The Drupal security team hasn’t provided information on the vulnerability and says it won’t […]
February 28, 2018
Via: Threat PostIntel has issued updated microcode to help safeguard its Broadwell and Haswell chips from the Spectre Variant 2 security exploits. According to Intel documents, an array of its older processors, including the Broadwell Xeon E3, Broadwell U/Y, Haswell H,S and […]
Application security, Security, Threats & Malware, Vulnerabilities
January 29, 2018
Via: Security AffairsOn Saturday Malwarebytes issued a buggy update to its home and enterprise products that caused serious problems for the users, including excessive memory usage, connectivity issues, and in some cases system crashes. A buggy update rolled out over the weekend […]