Patches News, Articles and Updates
Cisco Talos researchers spotted a vulnerability in ESnet iPerf3 that could allow remote code execution.
Comodo default configuration installs a VNC server using an insecure default password.
Adobe on Tuesday released a security update for Shockwave Player that addresses a critical memory corruption vulnerability.
Adobe's Flash Player and AIR updates fix 35 bugs, the majority of which could lead to code execution.
The March 31 release of Firefox 37 introduced the opportunistic encryption feature to the browser, by April 3 it had been disabled.
The use-after-free vulnerability was being exploited in drive-by-download attacks, Adobe warned.
One bulletin is deemed critical and addresses 37 vulnerabilities in Internet Explorer that enable remote code execution.
The sole critical patch this month will address remote code execution issues in Internet Explorer.
Mozilla enabled public key pinning support in Firefox 32 primarily as a way to defend against man-in-the-middle attacks.
The MS14-045 update caused some users' systems to crash, and in response, Microsoft pulled the update.
The vulnerability comes into play when Instagram users search for Facebook friends to "follow."
On Tuesday, Adobe released fixes for seven critical bugs in its Flash Player plug-in.
The tech giant's monthly security update includes two critical patches for IE and Windows.
Two critical fixes from the tech giant will plug RCE bugs impacting Windows and IE users.
In total, Firefox 31 brings 11 patches for several flaws affecting the web browser.
An RCE vulnerability existing in several Cisco Wireless Residential Gateway products can be exploited to serve up fraudulent advertisements and deliver malware.
Oracle, the maker of the popular Java plug-in, recently confirmed the details.
The most critical flaws were in Java and Oracle Database Server.
Adobe's patches address three vulnerabilities, including a critical bug in Flash Player that could be exploited to steal sensitive information.
In its monthly Patch Tuesday update, Microsoft plugged a slew of critical bugs in Internet Explorer that could allow remote code execution.
Remote code execution (RCE) flaws in Windows and IE will receive top priority this month.
Apple addressed various vulnerabilities in Mavericks, Safari, iOS and Apple TV, several of which can enable arbitrary code execution.
The serious buffer overflow vulnerability affects Android 4.3, or devices running Jelly Bean.
A vulnerability exists that allows anyone with legitimate account credentials to bypass two-factor authentication on some of PayPal's mobile applications.
A patch was issued for CVE-2012-0158 in April 2012, but Trend Micro found that it is the most commonly exploited vulnerability related to targeted attacks in the second half of 2013.
Microsoft issued an update to its Malware Protection Engine in order to fix a vulnerability that could enable a denial-of-service.
A cumulative security update for Internet Explorer, addressing 59 bugs, was pegged as the top priority patch in the bunch.
Adobe is urging users running Windows and Macintosh operating systems to download the critical Flash Player update.
The critical patches will remediate remote code execute (RCE) bugs in Windows, IE, Office and Microsoft Lync.
SC Magazine Articles
- Cerber ransomware strain now targeting Office 365 users
- Critical infrastructure in Europe exposed to hackers
- Deal with the devil: Ransomware experiment proves you can negotiate price down
- WordPress Summer of Pwnage: 64 holes in 21 days
- Cerber ransomware C&C server shut down by research firm and CERT-Netherlands
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- Ransomware attack almost sends NASCAR team to the garage