security update
OS X zero day bug allows hackers to bypass system integrity protection
An OS X zero day vulnerability could allow attackers to bypass System Integrity Protection, Apple’s newest protection feature, and to escalate their privileges, simplifying …
Apple updates its products, fixes iMessages zero-day
On Monday Apple has pushed out updates for its many products: iOS, OS X, OS X Server, Safari, watchOS, tvOS, and Xcode. Of these, the most eagerly awaited was that for iOS, as …
How a digital pathology solution secures patient data
Dutch tech company Philips recently announced that its digital pathology solutions have been certified for compliance with the U.S. Department of Defense (DoD) security …
Google plugs 19 holes in newest Android security update
In the March 2016 security update for the Android Open Source Project (AOSP), Google has fixed 19 security issues, seven of which are considered to be critical. Among these, …
Cisco removes weak default static credentials from its switches
Cisco has released on Wednesday a bucketload of software updates for a wide variety of its products, fixing vulnerabilities of different types and severity. But one is deemed …
Weak default credentials, command injection bug found in building operation software
A vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software can be exploited by a low-skilled, remote attacker to gain access to …
Fighting malware monetization and application vulnerabilities
As the traditional network perimeter disappears and attack surfaces grow, security professionals are challenged with protecting users, applications and data – without …
Oracle pushes out emergency fix for Java SE
Oracle has patched a vulnerability (CVE-2016-0603) in Java SE (Standard Edition) 6, 7 or 8 on the Windows platform, which could be exploited by attackers looking for ways to …
Google plugs five critical Android vulnerabilities
Google has plugged nine Android security holes with its February Nexus security update. Of these, five are critical, four of high and one of moderate severity. Here’s …
OpenSSL bug that could allow traffic decryption has been fixed
The OpenSSL Project has pushed out new versions of the widely used OpenSSL cryptographic library, which incorporate patches for two distinct security bugs, and an update of …
Cisco plugs hole in firewall devices that could lead to device hijacking
Cisco has released a firmware update that plugs a critical, easy-to-exploit vulnerability that could allow a remote attacker to take control of the company’s RV220W …
Magento plugs XSS holes that can lead to e-store hijacking, patch immediately!
Last week, Magento released a very important bundle of patches for their eponymous e-commerce platform that should be implemented as soon as possible. The bundle plugs a …
Featured news
Resources
Don't miss
- Attackers hit MSP, use its RMM software to deliver ransomware to clients
- Why data provenance must anchor every CISO’s AI governance strategy
- Woodpecker: Open-source red teaming for AI, Kubernetes, APIs
- Hottest cybersecurity open-source tools of the month: May 2025
- Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group