Please turn on your JavaScript for this page to function normally.
patch
Why legacy system patching can’t wait

The persistent neglect of patching legacy systems is plaguing critical infrastructure and industries. The consequences of such neglect can be damaging to organizations, …

Curl
Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545)

Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older …

Curl
Be prepared to patch high-severity vulnerability in curl and libcurl

UPDATE (October 11, 2023, 07:15 a.m. ET): Curl v8.4.0 is out and fixes both CVE-2023-38545, a SOCKS5 heap buffer overflow vulnerability and CVE-2023-38546, a cookie injection …

danger
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

UPDATE (September 28, 2023, 03:15 a.m. ET): The CVE-2023-5129 ID has been either rejected or withdrawn by the CVE Numbering Authority (Google), since it’s a duplicate of …

BYOD
Baseline standards for BYOD access requirements

49% of enterprises across Europe currently have no formal Bring-Your-Own-Device (BYOD) policy in place, meaning they have no visibility into or control over if and how …

vulnerabilities
Old vulnerabilities are still a big problem

A recently flagged phishing campaign aimed at delivering the Agent Tesla RAT to unsuspecting users takes advantage of old vulnerabilities in Microsoft Office that allow remote …

Android
Android n-day bugs pose zero-day threat

In the Android ecosystem, n-day vulnerabilities are almost as dangerous as zero-days, according to Google’s review of zero-days exploited in the wild in 2022. N-days …

patch
A step-by-step guide for patching software vulnerabilities

Coalition’s recent Cyber Threat Index 2023 predicts the average Common Vulnerabilities and Exposures (CVEs) rate will rise by 13% over 2022 to more than 1,900 per month in …

micropatches
Micropatches: What they are and how they work

In this Help Net Security video, Mitja Kolsek, CEO at Acros Security, discusses micropatches, a solution to a huge security problem. With micropatches, there are no reboots or …

patch
April 2023 Patch Tuesday forecast: The vulnerability discovery race

The answer to the question “Why does software continue to have so many vulnerabilities?” is complex, because the software itself is so complex. There’ve been many articles …

bomb
Millions still exposed despite available fixes

Although KEV catalog vulnerabilities are frequent targets of APT Groups, a large and exploitable attack surface remains due to software vendors’ lack of awareness and …

patch
Virtual patching: Cut time to patch from 250 days to <1 day

Unpatched vulnerabilities are responsible for 60% of all data breaches. The Department of Homeland Security has estimated that the proportion of breaches stemming from …

Don't miss

Cybersecurity news