Weekend news review: October 14-17

Zero-day attackers exploit Windows kernel, Patch Tuesday brings fix
FireEye researchers say that two zero-day flaws were used in separate, unrelated attacks. <a style="color: #FFFFFF" href="http://bit.ly/1zfsXMn" target="_blank">Read more</a>
On Patch Tuesday, Microsoft plugs 24 bugs, including three zero-days
For the month of October, the tech giant released eight patches, including three critical fixes. <a style="color: #FFFFFF" href="http://bit.ly/1sXyP8G" target="_blank">Read more</a>
'Sandworm Team' exploits zero-day bug in espionage campaign
A group of cybercriminals believed to be Russian are exploiting a zero-day vulnerability to deliver malware and gather information from various organizations around the world. <a style="color: #FFFFFF" href="http://bit.ly/1sxssap" target="_blank">Read more</a>
Oracle addresses vulnerabilities with 154 security fixes
Several of the vulnerabilities addressed by Oracle in its Critical Patch Update can be remotely exploitable without authentication. <a style="color: #FFFFFF" href="http://bit.ly/1xZIifS" target="_blank">Read more</a>
POODLE exploits SSL 3.0 fallback
Researchers at Google have discovered a flaw in SSL 3.0 that allows attackers to exploit the popular cryptography protocol and intercept communications. <a style="color: #FFFFFF" href="http://bit.ly/1wjAuWM" target="_blank">Read more</a>
SSDP reflection DDoS attacks on the rise, Akamai warns
Attackers are abusing SSDP to carry out reflection and amplification DDoS attacks, according to a PLXsert threat advisory released by Akamai. <a style="color: #FFFFFF" href="http://bit.ly/1vm1Rzn" target="_blank">Read more</a>
Updates, changes to security, could lessen POODLE's bite
Security pros urge operators and users to nix support for the popular, but antiquated, SSL v3.0. <a style="color: #FFFFFF" href="http://bit.ly/1rJqwYH" target="_blank">Read more</a>
Phishing email delivers keylogger malware, also takes screenshots
The malware has various features, including the ability to start persistently, take screenshots and bypass user access controls. <a style="color: #FFFFFF" href="http://bit.ly/1plv2g4" target="_blank">Read more</a>
President signs Executive Order to improve payment security
President Obama signed an Executive Order at the Consumer Financial Protection Bureau calling for enhanced security measures, including microchips and PINs. <a style="color: #FFFFFF" href="http://bit.ly/1DjCYXs" target="_blank">Read more</a>News of POODLE broke this week and dominated headlines. Oracle and Microsoft issued patches, and researches discovered various ongoing attacks. For a closer look at these articles, click here to visit our news section.
More Slideshows
Topics:
You must be a registered member of SC Media US to post a comment.
Click here to login
|
Click here to register