security update
8 RCE, DoS holes in Microsoft Malware Protection Engine plugged
After the discovery and the fixing of a “crazy bad” remote code execution flaw in the Microsoft Malware Protection Engine earlier this month, now comes another …
Vulnerability opens FreeRADIUS servers to unauthenticated attackers
A vulnerability in the free, open source FreeRADIUS server could be exploited by remote attackers to bypass authentication via PEAP or TTLS. There is currently no indication …
Critical Samba code execution hole plugged, patch ASAP!
The developers of Samba have plugged a critical remote code execution flaw that could allow a malicious client to upload a shared library to a writable share, and then cause …
Joomla users: Update immediately to kill severe SQLi vulnerability
Version 3.7 of Joomla, pushed out less than a month ago, opens websites to SQL injection attacks, Sucury Security researchers have found. As explained by researcher …
WannaCry is a painful reminder of why enterprises must stay current on software updates
WannaCry is a wake-up call for the excessive numbers of companies needlessly dragging their feet over Windows 10 migrations. Certainly since Friday, we’ve seen an upswing in …
WannaCry and IoT: Vendors react
Among the organizations most gravely affected by the WannaCry ransomware was the UK National Health Service. According to The Sunday Times, 48 NHS organisations were hit, …
Apple issues security updates for macOS, iDevices
It’s time to patch your Mac, iDevices and software again: Apple has released security updates for MacOS (all the way back to Yosemite), iOS, watchOS, tvOS, iTunes, …
Are you ready for a second wave of WannaCry ransomware?
WannaCry is a name that made many cry in frustration this weekend, and the danger is still not over. The first onslaught According to Europol director Rob Wainwright, over …
HP pushes out fix for keylogging audio driver in its laptops
Swiss security consultancy Modzero revealed on Thursday that a number of HP laptops contain an audio driver that logs users’ keystrokes and stores them in an unencrypted …
40 Asus RT routers open to attack through web interface vulnerabilities
If you own an Asus RT wireless router, and you haven’t updated its firmware for a while, now is the time to do it. Researchers from Nightwatch Cybersecurity have …
Google’s plan to foil screen-hijacking malware in Android O
74% of ransomware, 57% of adware, and 14% of banker malware abuse a specific app permission to target nearly 40 percent of all Android users – by overlaying screens, …
Microsoft plugs crazy bad bug with emergency patch
On Monday night, Microsoft released a critical out-of-band security update for the Microsoft Malware Protection Engine, to plug an easily exploitable bug that could allow …
Featured news
Resources
Don't miss
- Gainsight breach: Salesforce details attack window, issues investigation guidance
- New “HashJack” attack can hijack AI browsers and assistants
- Heineken CISO champions a new risk mindset to unlock innovation
- Small language models step into the fight against phishing sites
- Black Friday 2025 for InfoSec: How to spot real value and avoid the noise