Displaying items by tag: Patch

Microsoft has evidence of in-the-wild exploitation and/or public disclosure for eight of the vulnerabilities published today, with three listed on CISA KEV. This is now the fourth consecutive month where Microsoft has published zero-day vulnerabilities on Patch Tuesday without evaluating any of them as critical severity at time of publication. It also sees the publication of nine critical remote code execution (RCE) vulnerabilities. Unusually, no browser vulnerabilities have yet been published this month.

GUEST OPINION by Stefan van der Wal, Consulting Solutions Engineer, EMEA, Application Security, Barracuda Networks:

The Australian Cyber Security Centre (ACSC) is encouraging organisations "to urgently adopt an enhanced cyber security position. Organisations should act now and follow ACSC’s advice to improve their cyber security resilience in light of the heightened threat environment."

Amazon Australia has announced the winners of its Amazon Launchpad Innovation Grantsinitiative, awarding five grants worth more than $200,000 each to trailblazing entrepreneurs and startups across Australia. 

The two most serious cybersecurity events of the decade (thus far), the SolarWinds and Microsoft Exchange Server hacks were recently viewed by local cyber advisors through the lens of global geopolitics. In “Precursors to cyberwar, or are we already there?” watch as three expert members of the Cybersecurity Advisors Network (CyAN) share their perspectives.

The number of APT groups "exploiting the latest Exchange vulnerabilities grows, with thousands of email servers under siege" according to security company ESET.

Security solutions firm Aura Information Security says its RedShield product is worthy of a new acronym, SwaS, and that it would have protected American credit information provider Equifax if they had it in place.

Getting a truly thorough and complete medical diagnosis from a handheld portable device is still in the realm of science fiction, but Prizma is our closest 21st century equivalent.

When a disastrous ransomware attack is devastating computers across the globe, based on a five-year-old NSA discovered vulnerability, where’s Microsoft?

If you are using Intel’s vPro chips from 2008 to its latest Kaby Lake and have Intel active management technology (AMT) enabled, hackers could breach your networks.

ICS-CERT has advised of a vulnerable SCADA system currently in use that cannot be patched.

Unlike most products, software is offered without any kind of warranty, and when you see how many bugs and vulns software has, it’s obvious why.

We all know that Adobe’s Flash Player is one of the most vulnerable programs that hackers try to exploit. It has issued a patch that addresses 21 critical vulnerabilities.

Some people got very excited when word spread of the discovery of a 'scary' vulnerability in Android that could be exploited to modify an application without the operating system detecting that the app's signature and content no longer match.

A security update for Java has been released well ahead of the routine schedule in response to a malware scare.

Adobe has released a security update for Photoshop CS6, along with multiple bug fixes.

In a recent public discussion, Linus Torvalds insisted that backward compatibility is of critical importance in kernel development. Is he correct?

Apple has released iOS security updates that plug a vulnerability that's been used to jailbreak devices. Before the howls of protest start, remember that such vulnerabilities can also be used for evil.

The first Patch Tuesday for 2011 has proved a quiet affair with just two bulletins from Microsoft, only one of which is rated critical.

The latest version of Firefox fixes 11 vulnerabilities, most of them critical.