Acros Security Archives - Help Net Security

(IN)SECUREMagazine

Windows

0patch releases micropatch for Windows Task Scheduler zero-day

August 31, 2018
0-day
0patch
Acros Security

Earlier this week a security researcher that goes by “SandboxEscaper” published details and a PoC exploit for a zero-day local privilege escalation vulnerability …

Patch

How to close the security update gap

Security patching is hard and patch fatigue is real. So what can be done to make the process more simple, less disruptive, and more likely to be performed in a timely manner? …

resurrection

Abandoned by Microsoft, Equation Editor gets “security-adopted” by micropatch pros

January 16, 2018
0patch
Acros Security
patching

Last week, Microsoft did away with Equation Editor, a tool that has been part of Microsoft Office for over 17 years. The reason behind the move? A remote code execution …

Microsoft

Microsoft plugs 56 vulns, including Office flaw exploited in attacks

As part of the January 2018 Patch Tuesday, Microsoft has released fixes for 56 CVE-listed vulnerabilities, including the Meltdown and Spectre flaws, and an Office bug actively …

stop

Microsoft offers mitigation advice for DDE attacks scenarios

Microsoft has published a security advisorty containing DDE attack mitigation instructions for both users and admins. What’s a DDE attack? For a while now, attackers …

patch

Reinventing software patching, curing big security holes

Today’s security updates are too big, too risky and too late. It is common for enterprises to thoroughly test security updates and install them several months after they have …

0patch

0patch: Microscopic cures for big security holes

Software vulnerabilities are one of today’s most significant information security issues. Disclosing high profile vulnerabilities has become tremendously rewarding, to the …

Don't miss

Anthem

Anthem will pay $16 million to settle HIPAA violation due to 2015 breach

USA flag

2018 US voter records offered for sale on hacking forum

tunnel

9 in 10 organizations have a cybersecurity culture gap

identity

You are who you say you are: Establishing digital trust with the blockchain

Facebook security

Facebook data breach: Victims will not be offered free identity theft protection

digital pentagon

Hackers steal Pentagon personnel’s PI and credit card data

Adobe Flash

Fake Flash updaters deliver cryptominers AND update Flash

industry

The future of OT security in modern industrial operations

connection

Scaling the IoT product security lifecycle with automation

password

Stringent password rules lower risk of personal data breaches

arrows

PoC exploit for Windows Shell RCE released

Arcserve

New infosec products of the week: October 12, 2018