security update
Microsoft releases patch for leaked SMBv3 RCE flaw
After the inadvertent leaking of details about a wormable Windows SMBv3 RCE flaw (CVE-2020-0796) on Tuesday, Microsoft has rushed to release a patch (i.e., security updates). …
Scientists expose another security flaw in Intel processors
Computer scientists at KU Leuven have once again exposed a security flaw in Intel processors. Jo Van Bulck, Frank Piessens, and their colleagues in Austria, the United States, …
March 2020 Patch Tuesday: Microsoft fixes 115 vulnerabilities, Adobe none
It’s March 2020 Patch Tuesday and Microsoft has dropped fixes for 115 CVE-numbered flaws: 26 are critical, 88 important, and one of moderate severity. The good news is …
Hackers are compromising vulnerable ManageEngine Desktop Central instances
Is your organization using ManageEngine Desktop Central? If the answer is yes, make sure you’ve upgraded to version 10.0.474 or risk falling prey to attackers who are …
Google fixes another Chrome zero-day exploited in the wild
For the third time in a year, Google has fixed a Chrome zero-day (CVE-2020-6418) that is being actively exploited by attackers in the wild. About CVE-2020-6418 No details have …
Cisco drops security fixes for Smart Software Manager, security appliances
Cisco has released a new batch of security fixes for a number of its products, including its Smart Software Manager On-Prem solution and its Email Security and Content …
February 2020 Patch Tuesday: Microsoft fixes 99 vulnerabilities, Adobe 42
February 2020 Patch Tuesday is here. To mark the occasion, Microsoft has released fixes for 99 vulnerabilities – 12 critical, one of which is being exploited in the wild …
12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks
A vulnerability (CVE-2020-2100) in 12,000+ internet-facing Jenkins servers can be abused to mount and amplify reflective DDoS attacks against internet hosts, Radware …
February 2020 Patch Tuesday forecast: A lot of love coming our way
The January 2020 Patch Tuesday was a light one as predicted; everyone was still catching up from the end-of-year holidays. As we gain momentum into February and move towards …
Which vulnerabilities were most exploited by cybercriminals in 2019?
Which ten software vulnerabilities should you patch as soon as possible (if you haven’t already)? Table of top exploited CVEs between 2016 and 2019 (repeats are noted by …
CDPwn vulnerabilities open millions of Cisco enterprise devices to attack
If you have Cisco equipment in your enterprise network – and chances are good that you have – you should check immediately which feature the newly revealed CDPwn …
Touch panels deployed in critical infrastructure vulnerable to remote attacks
Manufacturing facilities and processing centers using AutomationDirect C-more Touch Panels are advised to upgrade their firmware ASAP, as older versions contain a high-risk …