PDF: The vehicle of choice for malware and fraud
There has been a substantial increase of fraudulent PDF files, according to a report by SonicWall Capture Labs threat researchers. This fraud campaign takes advantage of …
April 2019 Patch Tuesday: Microsoft fixes two actively exploited bugs
Microsoft has plugged 74 CVE-numbered security holes on this April 2019 Patch Tuesday, including two vulnerabilities actively exploited by attackers. All of the bugs are rated …
April Patch Tuesday Forecast: Be aware of end-of-service issues and browser exploits
April Patch Tuesday is nearly here with two significant topics of concern. The first relates to end-of-service milestones and the second issue is browser exploits. Let’s start …
What can we expect of this March Patch Tuesday?
March is here and that means it was time for RSA Conference in San Francisco. I’ve been on the expo floor all week and I can tell you the worldwide security industry is …
PDF viewers, online validation services vulnerable to digital signature spoofing attacks
Academics from Ruhr University Bochum have proven that the majority of popular PDF viewer apps and online digital signature validation services can be tricked into validating …
Mild to medium volume expected for February 2019 Patch Tuesday
If you look at the recent Patch Tuesday lineups, we have seen the usual updates for the Microsoft Windows OS, browsers, and Office. In the last two months we have seen updates …
Most out of date applications exposed: Shockwave, VLC and Skype top the list
More than half (55%) of PC applications installed worldwide are out-of-date, making PC users and their personal data vulnerable to security risks. Avast’s PC Trends Report …
January 2019 Patch Tuesday forecast: Partly cloudy followed by heavy fog around Java
2018 ended with a bit of excitement. Shortly after November Patch Tuesday we saw a pair of Flash Player zero-days (November 20 and December 5), which were followed by just …
December 2018 Patch Tuesday: Microsoft patches Windows zero-day exploited in the wild
It’s Patch Tuesday again and, as per usual, both Microsoft and Adobe have pushed out patches for widely-used software packages. The Microsoft patches Microsoft’s …
December Patch Tuesday forecast: Let it snow, let it snow, let it snow
Grab your shovels, dust off the snow blower, and bundle up. The way patches are accumulating this month is making me think of winter in Minnesota. I’m talking about the kind …
Adobe patches newly exploited Flash zero-day
Adobe has released an out-of-band security update for Flash Player that fixes two vulnerabilities, one of which is a zero-day (CVE-2018-15982) that has been spotted being …
Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
Adobe has released a Flash Player update that plugs a critical vulnerability (CVE-2018-15981) that could lead to remote code execution, and is urging users to implement it as …
Featured news
Resources
Don't miss
- Solana’s popular web3.js library backdoored in supply chain compromise
- How widespread is mercenary spyware? More than you think
- Product showcase: Securing Active Directory passwords with Specops Password Policy
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
- SafeLine: Open-source web application firewall (WAF)