Microsoft ends Tuesday patches
Yesterday was a big day for Patch Tuesday. It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches …
Cisco starts publishing fixes for EXTRABACON exploit
Starting last Wednesday, Cisco has begun publishing fixes for the SNMP RCE flaw in the software of its Adaptive Security Appliances (ASA), which can be triggered through the …
Bug in Chrome’s PDF reader allows arbitrary code execution
Vulnerabilities in software often arise from faulty implementations of elements developed by other code writers. Take for example CVE-2016-1681, the heap-based buffer overflow …
Researchers release PoC exploit for broken IBM Java patch
Polish firm Security Explorations has had enough of broken patches for security vulnerabilities it has reported to vendors. On Monday, the company’s CEO Adam Gowdiak has …
Critical gaps in IT departments’ approach to enterprise security
A new study by conducted by Ultimate Windows Security, released at RSA Conference, provides visibility into the uses, concerns and challenges that IT departments face in …
Year-old critical Magento flaw still exploited, payment info stolen
A whole year has passed since a critical e-shop hijacking flaw in the Magento CMS has been patched, but the vulnerability is still being exploited in attacks in the wild, …
Critical RCE bug in FireEye’s security appliances exploitable via email
Last week, FireEye has silently pushed out a patch for an extremely easy-to-exploit remote code execution bug affecting its NX, EX, FX and AX Series security appliances in …
Critical Joomla RCE bug actively exploited, patch immediately!
An eight-year-old Joomla critical remote code execution vulnerability, which is being actively exploited in attacks in the wild, has been patched by the developers of the …