security update
December 2019 Patch Tuesday: Microsoft fixes one actively exploited zero-day
For December 2019 Patch Tuesday, Microsoft and Adobe have released the final scheduled security updates for this year, Intel has fixed Plundervolt, and Google has delivered …
December 2019 Patch Tuesday forecast: Make sure to deploy year-end updates
Can you believe another year has passed and we’re approaching the last Patch Tuesday of the year? While I get ready to make another online gift purchase with my credit card, I …
WhatsApp RCE flaw can be exploited by sending malicious MP4 files
Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as …
Attack tools and techniques used by major ransomware families
Ransomware tries to slip unnoticed past security controls by abusing trusted and legitimate processes, and then harnesses internal systems to encrypt the maximum number of …
Intel releases updates to plug TPM-FAIL flaws, foil ZombieLoad v2 attacks
Intel’s Patch Tuesday releases are rarely so salient as those pushed out this month: the semiconductor chip manufacturer has patched a slew of high-profile …
November 2019 Patch Tuesday: Actively exploited IE zero-day fixed
November 2019 Patch Tuesday comes with patches for an IE zero-day exploited by attackers in the wild and four Hyper-V escapes. Microsoft updates Microsoft has delivered fixes …
Cisco fixes small business routers, kills eavesdropping vulnerability in conferencing devices
Cisco has released security updates for a variety of its products – owners of Small Business RV Series Routers, Web Security Appliances and TelePresence devices should …
Apple releases fresh security updates for macOS, iOS
In the last few days, Apple has staggered security updates for many of its products, including the recently unveiled macOS Catalina. Safari, tvOS, iPadOS, iOS, iCloud, iTunes …
Majority of 2019 breaches were the result of unapplied security patches
Despite a 24% average increase in annual spending on prevention, detection and remediation in 2019 compared with 2018, patching is delayed an average of 12 days due to data …
Cisco fixes serious flaws in enterprise-grade Catalyst and Aironet access points
Cisco has released another batch of security updates, the most critical of which fixes a vulnerability that could allow unauthenticated, remote attackers to gain access to …
Adobe splats bucketful of bugs in Acrobat and Reader
If you thought that Adobe skipped this month’s Patch Tuesday because there were no immediate vulnerabilities to fix, you were wrong: a week later the company dropped …
Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!
A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility