security update
Windows Kerberos bug: How to detect signs of exploitation before the update?
Microsoft has shared more details about the critical elevation of privilege bug found in Microsoft Windows Kerberos Key Distribution Center (CVE-2014-6324) which is being …
SAP finally patches critical, remotely exploitable bugs in GRC solution
More than a year and a half after they have been reported to SAP AG, the company has issued a patch for a number of critical exploitable security vulnerabilities in its …
Microsoft patches Windows, IE, Word, SharePoint and IIS
This month Microsoft is publishing 14 bulletins with new versions and patches for its software, operating systems and applications. This is one fewer bulletin than Microsoft …
Linksys SOHO router owners urged to patch multiple vulnerabilities
Owners of a number of Linksys small office/home office routers have been urged last week to update their device’s firmware in order patch two vulnerabilities, one of …
Assume your Drupal 7 site has been compromised
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL …
Tor exit node found patching downloaded binaries with malware
A researcher has spotted a Tor exit node located in Russia which instead of delivering the software requested by users untouched, was adding malicious code to the binaries in …
OS X Yosemite comes with POODLE and Shellshock patches
Last week Apple released a new version of its operating system to consumers. What’s interesting to note is that OS X 10.10 (aka “Yosemite”) also came with a …
Tor Browser 4.0, Tails 1.2 are out
The Tor Project has released version 4.0 of its popular eponymous browser that allows users to use the Internet anonymously and privately, and to circumvent online censorship …
Easily exploitable Drupal bug can lead to total site compromise
Admins of sites that run Drupal 7 are advised to update to the latest version of the platform – version 7.32 – because it fixes a critical SQL injection …
New OpenSSL updates fix POODLE, DoS bugs
The OpenSSL Project has pushed out new releases of the popular eponymous open-source cryptographic library, which fix four serious vulnerabilities, including the POODLE …
Microsoft patches two more 0-days actively used by attackers
With this month’s Patch Tuesday, Microsoft has provided patches for several critical vulnerabilities that allow remote code execution, some of which have been or are …
Microsoft patches SandWorm 0-day
Microsoft is back in fine form this month with eight upcoming advisories affecting Internet Explorer, the entire Microsoft range of supported operating systems, plus Office, …
Featured news
Resources
Don't miss
- Maximum severity Cisco ISE vulnerabilities exploited by attackers
- Phishing campaign targets U.S. Department of Education’s G5 portal
- Cervantes: Open-source, collaborative platform for pentesters and red teams
- Phishing simulations: What works and what doesn’t
- Ports are getting smarter and more hackable