security update
Microsoft patches flaw exploited by Stuxnet – again
Among the vulnerabilities patched by Microsoft in this month’s Patch Tuesday is one that was supposedly patched back in 2010. The Windows Shell Shortcut Icon Loading …
Microsoft patches Windows, IE, Office, SharePoint
This month Microsoft has released 14 new bulletins, 5 of which are rated as Critical, 9 as Important. As a déjà vu from last month, a critical remote code execution …
Apple issued update for FREAK flaw in OS X and iOS
Apple has released security updates for OS X and iOS which, among other things, fix the FREAK flaw that may allow an attacker to decrypt secure communications between …
Seagate acknowledges NAS 0-day, announces patch
After security researcher OJ Reeves publicly revealed the existence of a remote code execution zero-day flaw affecting Seagate’s Business Storage 2-Bay NAS line of …
D-Link fixes critical router flaws
D-Link has released new firmware for its DIR-820L Wi-Fi dual band cloud router, which fixes a number of security vulnerabilities. One of these can apparently be exploited by …
Over a million WP sites at risk of hijacking due to plugin bug
Users who run their websites on the popular WordPress CMS and are also using the WP-Slimstat web analytics plugin should update as soon as possible, warns Sucuri vulnerability …
Critical Samba flaw allows unauthorized remote code execution
Samba, the popular free software that allows file and print sharing between computers running Windows and those running Unix or Linux, has been found sporting a critical flaw …
Flaw makes Cisco routing hardware vulnerable to DoS attacks
A serious vulnerability affecting the software of some of Cisco’s routing hardware systems for telecommunications and Internet service providers could be exploited to …
Microsoft fixes critical remotely exploitable Windows root-level design bug
In this month’s Patch Tuesday, Microsoft has released nine security bulletins to address 56 unique vulnerabilities in Microsoft Windows, Microsoft Office, Internet …
Adobe patches latest Flash Player zero-day
Adobe has released Flash Player 16.0.0.305, a new version that fixes the latest zero-day flaw (CVE-2015-0313) that is currently exploited in mass malvertising campaigns. An …
New OS X Yosemite version fixes critical security issues, including Thunderstrike
Apple has released the latest version of OS X Yosemite (v10.10.2) and the first security update (2015-001) for this year, and among the problems fixed is one affecting the CPU …
Why Google won’t be updating pre-KitKat WebKit anymore
Two weeks ago, Rapid 7 researchers discovered that Google will no longer be providing security patches for WebView used in pre-KitKat (v4.4) Android versions, meaning that …
Featured news
Resources
Don't miss
- Why app modernization can leave you less secure
- How AI agents reshape industrial automation and risk management
- How well do you know your remote IT worker?
- LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks
- NIST proposes new metric to gauge exploited vulnerabilities