security update
December 2019 Patch Tuesday forecast: Make sure to deploy year-end updates
Can you believe another year has passed and we’re approaching the last Patch Tuesday of the year? While I get ready to make another online gift purchase with my credit card, I …
WhatsApp RCE flaw can be exploited by sending malicious MP4 files
Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as …
Attack tools and techniques used by major ransomware families
Ransomware tries to slip unnoticed past security controls by abusing trusted and legitimate processes, and then harnesses internal systems to encrypt the maximum number of …
Intel releases updates to plug TPM-FAIL flaws, foil ZombieLoad v2 attacks
Intel’s Patch Tuesday releases are rarely so salient as those pushed out this month: the semiconductor chip manufacturer has patched a slew of high-profile …
November 2019 Patch Tuesday: Actively exploited IE zero-day fixed
November 2019 Patch Tuesday comes with patches for an IE zero-day exploited by attackers in the wild and four Hyper-V escapes. Microsoft updates Microsoft has delivered fixes …
Cisco fixes small business routers, kills eavesdropping vulnerability in conferencing devices
Cisco has released security updates for a variety of its products – owners of Small Business RV Series Routers, Web Security Appliances and TelePresence devices should …
Apple releases fresh security updates for macOS, iOS
In the last few days, Apple has staggered security updates for many of its products, including the recently unveiled macOS Catalina. Safari, tvOS, iPadOS, iOS, iCloud, iTunes …
Majority of 2019 breaches were the result of unapplied security patches
Despite a 24% average increase in annual spending on prevention, detection and remediation in 2019 compared with 2018, patching is delayed an average of 12 days due to data …
Cisco fixes serious flaws in enterprise-grade Catalyst and Aironet access points
Cisco has released another batch of security updates, the most critical of which fixes a vulnerability that could allow unauthenticated, remote attackers to gain access to …
Adobe splats bucketful of bugs in Acrobat and Reader
If you thought that Adobe skipped this month’s Patch Tuesday because there were no immediate vulnerabilities to fix, you were wrong: a week later the company dropped …
Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!
A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of …
October 2019 Patch Tuesday: A small batch of updates from Microsoft, none from Adobe
As predicted by Ivanti’s Chris Goettl, October 2019 Patch Tuesday came with a relatively small number of Microsoft updates and, curiously enough, with no security …
Featured news
Resources
Don't miss
- Social data puts user passwords at risk in unexpected ways
- New observational auditing framework takes aim at machine learning privacy leaks
- Why password management defines PCI DSS success
- Hottest cybersecurity open-source tools of the month: November 2025
- Gainsight breach: Salesforce details attack window, issues investigation guidance