Weekend news review: October 14-17

Zero-day attackers exploit Windows kernel, Patch Tuesday brings fix

Zero-day attackers exploit Windows kernel, Patch Tuesday brings fix

FireEye researchers say that two zero-day flaws were used in separate, unrelated attacks. <a style="color: #FFFFFF" href="http://bit.ly/1zfsXMn" target="_blank">Read more</a>
On Patch Tuesday, Microsoft plugs 24 bugs, including three zero-days

On Patch Tuesday, Microsoft plugs 24 bugs, including three zero-days

For the month of October, the tech giant released eight patches, including three critical fixes. <a style="color: #FFFFFF" href="http://bit.ly/1sXyP8G" target="_blank">Read more</a>
'Sandworm Team' exploits zero-day bug in espionage campaign

'Sandworm Team' exploits zero-day bug in espionage campaign

A group of cybercriminals believed to be Russian are exploiting a zero-day vulnerability to deliver malware and gather information from various organizations around the world. <a style="color: #FFFFFF" href="http://bit.ly/1sxssap" target="_blank">Read more</a>
Oracle addresses vulnerabilities with 154 security fixes

Oracle addresses vulnerabilities with 154 security fixes

Several of the vulnerabilities addressed by Oracle in its Critical Patch Update can be remotely exploitable without authentication. <a style="color: #FFFFFF" href="http://bit.ly/1xZIifS" target="_blank">Read more</a>
POODLE exploits SSL 3.0 fallback

POODLE exploits SSL 3.0 fallback

Researchers at Google have discovered a flaw in SSL 3.0 that allows attackers to exploit the popular cryptography protocol and intercept communications. <a style="color: #FFFFFF" href="http://bit.ly/1wjAuWM" target="_blank">Read more</a>
SSDP reflection DDoS attacks on the rise, Akamai warns

SSDP reflection DDoS attacks on the rise, Akamai warns

Attackers are abusing SSDP to carry out reflection and amplification DDoS attacks, according to a PLXsert threat advisory released by Akamai. <a style="color: #FFFFFF" href="http://bit.ly/1vm1Rzn" target="_blank">Read more</a>
Updates, changes to security, could lessen POODLE's bite

Updates, changes to security, could lessen POODLE's bite

Security pros urge operators and users to nix support for the popular, but antiquated, SSL v3.0. <a style="color: #FFFFFF" href="http://bit.ly/1rJqwYH" target="_blank">Read more</a>
Phishing email delivers keylogger malware, also takes screenshots

Phishing email delivers keylogger malware, also takes screenshots

The malware has various features, including the ability to start persistently, take screenshots and bypass user access controls. <a style="color: #FFFFFF" href="http://bit.ly/1plv2g4" target="_blank">Read more</a>
President signs Executive Order to improve payment security

President signs Executive Order to improve payment security

President Obama signed an Executive Order at the Consumer Financial Protection Bureau calling for enhanced security measures, including microchips and PINs. <a style="color: #FFFFFF" href="http://bit.ly/1DjCYXs" target="_blank">Read more</a>

News of POODLE broke this week and dominated headlines. Oracle and Microsoft issued patches, and researches discovered various ongoing attacks. For a closer look at these articles, click here to visit our news section.

More Slideshows

Topics:

You must be a registered member of SC Media US to post a comment.