The effectiveness of vulnerability disclosure and exploit development
New research into what happens after a new software vulnerability is discovered provides an unprecedented window into the outcomes and effectiveness of responsible …
Critical flaw gives attackers control of vulnerable SAP business applications
SAP has issued patches to fix a critical vulnerability (CVE-2020-6287) that can lead to total compromise of vulnerable SAP installations by a remote, unauthenticated attacker. …
July 2020 Patch Tuesday forecast: Will the CVE trend continue?
Microsoft has averaged roughly 90 common vulnerabilities and exposures (CVE) fixes per month over the past five months. With everyone working from home and apparently focused …
June 2020 Patch Tuesday: Microsoft fixes record monthly number of CVEs
On this June 2020 Patch Tuesday, Microsoft has plugged 11 critical and 118 high-severity security holes, while Adobe has delivered security updates for Flash, Framemaker and …
Have you patched these top 10 routinely exploited vulnerabilities?
The US Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations to patch a slew of old and new software vulnerabilities that are routinely exploited by …
Attackers exploiting a zero-day in Sophos firewalls, have yours been hit?
Sophos has released an emergency hotfix for an actively exploited zero-day SQL injection vulnerability in its XG Firewalls, and has rolled it out to all units with the …
Update MS Office, Paint 3D to plug RCE vulnerabilities
A week after the April 2020 Patch Tuesday, Microsoft has released out-of-band security updates for its Office suite, to fix a handful of vulnerabilities that attackers could …
Seven key cybersecurity trends for 2020 by world-leading professionals
The developments in the area of cybersecurity are alarming. As the number of smart devices in private households increase, so do the opportunities for cybercriminals to …
Microsoft releases patch for leaked SMBv3 RCE flaw
After the inadvertent leaking of details about a wormable Windows SMBv3 RCE flaw (CVE-2020-0796) on Tuesday, Microsoft has rushed to release a patch (i.e., security updates). …
Scientists expose another security flaw in Intel processors
Computer scientists at KU Leuven have once again exposed a security flaw in Intel processors. Jo Van Bulck, Frank Piessens, and their colleagues in Austria, the United States, …
February 2020 Patch Tuesday: Microsoft fixes 99 vulnerabilities, Adobe 42
February 2020 Patch Tuesday is here. To mark the occasion, Microsoft has released fixes for 99 vulnerabilities – 12 critical, one of which is being exploited in the wild …
Which vulnerabilities were most exploited by cybercriminals in 2019?
Which ten software vulnerabilities should you patch as soon as possible (if you haven’t already)? Table of top exploited CVEs between 2016 and 2019 (repeats are noted by …
