security update
XSS flaw in D-Link NAS devices allows attackers to mess with your data
Security researcher Benjamin Daniel Mussler has unearthed an XSS flaw affecting seven D-Link NAS devices – a flaw which could allow attackers to access the devices and …
18-year-old random number generator flaw fixed in Libgcrypt, GnuPG
Researchers have discovered a “critical security problem” that affects all versions of the Libgcrypt cryptographic library and, therefore, all versions of the …
Windows users will no longer be able to apply individual patches
Since Microsoft began pushing Windows 10 on consumers and enterprise users, it has consistently worked towards minimizing the choices they can make about the installation. One …
Microsoft releases five critical updates
Microsoft continued a trend of fewer updates than we are used to with only 9 bulletins (5 critical and 4 important) released this month. It stands to reason that Microsoft may …
Critical holes in Micro Focus Filr found, plugged
Popular enterprise file management and collaborative file sharing solution Micro Focus Filr sports half a dozen security flaws, most of which can be exploited – either …
Cisco plugs critical flaw in data center operations management solution
Cisco has patched another critical vulnerability in its Unified Computing System Performance Manager software. Cisco UCS Performance Manager is a data center operations …
Google fixes 108 bugs in July Android security update
Google has released an unusually hefty Android Security Bulletin for July. In fact, so many vulnerabilities have been fixed – 108 in all – that the patches come in …
Symantec, Norton AV products are riddled with serious flaws
Google security researcher Tavis Ormandy has unearthed a slew of critical vulnerabilities, including many remote code execution flaws, in Symantec and Norton enterprise and …
Severe flaws patched in libarchive, dependent projects urged to follow
Three severe bugs that could be easily exploited to perform arbitrary code execution have been patched with version 3.2.1 of the libarchive open source multi-format archive …
Fix for actively exploited Flash Player 0day is out, patch ASAP!
Adobe has issued a patch for the Plash Player zero-day vulnerability (CVE-2016-4171) that is actively exploited by the ScarCruft APT group. The bug, discovered by Anton Ivanov …
Netgear removes crypto keys hard-coded in routers
Qualys security researcher Mandar Jadhav has discovered two serious vulnerabilities in Netgear D6000 and D3600 modem routers, which can be exploited to gain access to the …
Google Chrome update includes 15 security fixes
Google has released Chrome 51.0.2704.79 to address multiple vulnerabilities for Windows, Linux, and OS X. Exploitation of some of these vulnerabilities may allow a remote …
Featured news
Resources
Don't miss
- A new way to think about zero trust for workloads
- Heisenberg: Open-source software supply chain health check tool
- Securing real-time payments without slowing them down
- Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
- CISA and partners take action as Microsoft Exchange security risks mount