A web-based reporting tool that tracks radiation doses delivered by X-ray machines and related devices contains vulnerabilities that could impact patient confidentiality, system integrity, or system availability, Dutch tech company Philips reported.
The first half of 2017 has not exactly been a ride in the park for cybersecurity professionals.
A vulnerability discovered in a series of revision control tools for software developers, including GitLab, Mercurial, and Apache Subversion, can be exploited to launch malicious command executions, according to the researcher who discovered it.
Mozilla Foundation released 29 CVE patches to Firefox 55 including five crucial vulnerabilities.
Microsoft had a busy month patching flaws with nearly 50 security issues fixed, many of which have a severity rating of critical" or "important."
Adobe's Patch Tuesday this month covered 81 vulnerabilities including both a critical and important patch affecting Flash.
The alert warns users of four vulnerabilities in the Siemens CT, PET, and SPECT scanners and workflow systems based on Windows 7.
Google has released a security update for its Chrome operating system in order to address the critical BroadPwn security bug that can be exploited to remotely control devices.
Of 100 infosecurity professionals surveyed, 34 percent fingered Russia as the biggest threat to cybersecurity in the U.S., followed closely by organized crime at 33 percent, according to a Cylance blog post.
Keen Security Lab researchers spotted another set of critical vulnerabilities in a Tesla, this time on the Model X.
Microsoft patched a memory corruption vulnerability and an information disclosure vulnerability in Microsoft Office Outlook.
Video game developer Valve Corporation recently created a patch to fix a buffer overflow vulnerability in its Source SDK library that can allow for remote code execution on client and server devices.
Researchers investigating a vulnerability in security cameras from Axis Communications ended up uncovering a far more wide-ranging threat when they discovered the flaw actually lies within a toolkit used by myriad IoT product developers.
Oracle has issued a critical patch update for July 2017, fixing 308 vulnerabilities across its product line.
Cisco on Monday released software updates to fix a critical remote code execution vulnerability in its WebEx browser extensions for both the Google Chrome and Mozilla Firefox browsers.
Researchers found just two weeks after the EternalBlue exploit was used in the WannaCry ransomware attack that 60,000 hosts are still vulnerable.
Uber recently patched an authentication bypass vulnerability on its custom single sign-on solution.
SAP on Tuesday released a dozen security notes after developing patches for a series of vulnerabilities, including a high-priority flaw in its Point of Sale Retail Xpress Server that could expose the server to attackers.
Microsoft's July Patch Tuesday news covered 55 flaws with 19 being rated critical with all the latter issues leading to remote code execution if left unpatched.
Adobe issued a light Patch Tuesday bulletin today covering three vulnerabilities in Flash Player and three in Adobe Connect for Windows.
Google this week released its July 2017 security bulletin for the Android operating system and Nexus and Pixel devices, making patching available for all 138 vulnerabilities.
Cisco on Thursday released security updates to fix multiple vulnerabilities - three critical in severity - in its Elastic Services Controller, Ultra Services Framework and Staging Server, and StarOS CLI products.
Microsoft has issued an update for Azure Active Directory (AD) Connect fixing a flaw that could lead to an elevation of privilege.
A massive ransomware campaign attacked countless endpoints for the second time in just over a month, exploiting a vulnerability that had been patched months earlier. SC asks, why does this keep happening?
Researchers claim to have found a 'killswitch' for NotPetya, but there seems to be disagreement over what to call it.
Both Edward Snowden and the Shadowbrokers have used the NotPetya attacks, to provide their unique perspective on the situation.
Microsoft has issued an advisory and patched a remote code execution vulnerability in its Microsoft Malware Protection Engine after the flaw was spotted by a Google Project Zero bug hunter.
Cisco has patched vulnerabilities in its Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM), Virtualized Packet Core - Distributed Instance (VPC-DI), and WebEx Network Recording Player products.
The disk back-up utility software Acronis True Image is susceptible to arbitrary code execution attacks because it does not perform update operations securely, according to a new vulnerability advisory published on Monday.