security update
Mozilla plugs critical Firefox zero-day used in targeted attacks
A critical Firefox zero-day remote code execution vulnerability is being abused in targeted attacks in the wild, Mozilla has warned on Tuesday. About the vulnerability …
Vulnerabilities allow attackers to take over infusion pumps
Two vulnerabilities in Windows CE-powered Alaris Gateway Workstations (AWGs), which provide support for widely used infusion pumps, could allow remote attackers to disable the …
June 2019 Patch Tuesday: A little something for everybody
For June 2019 Patch Tuesday, Microsoft has fixed a whooping 88 CVE-numbered vulnerabilities, Adobe has plugged many critical security holes in ColdFusion and Flash Player, and …
Attackers are exploiting WordPress plugin flaw to inject malicious scripts
Attackers are leveraging an easily exploitable bug in the popular WP Live Chat Support plugin to inject a malicious JavaScript in vulnerable sites, Zscaler warns. The company …
Microsoft updates break AV software, again!
Microsoft’s May 2019 security fixes have again disrupted the normal functioning of some endpoint security products on certain Windows versions. Current problems …
Intel MDS attack mitigation: An overview
Intel has revealed on Tuesday that some of its CPUs are vulnerable to a number of new speculative execution attacks that may allow attackers to stealing sensitive data and …
Apple May 2019 security updates fix numerous issues
Another month, another batch of Apple security updates that users of the firm’s computers, phones, tablets, streaming devices and smart watches will be prompted to …
Critical flaw allows attackers to take over Cisco Elastic Services Controllers
Cisco has patched a critical, remotely exploitable authentication bypass vulnerability in Cisco Elastic Services Controller (ESC), a popular enterprise software for managing …
Flaw in pre-installed software opens Dell computers to remote hijack
Dell computer owners should update the Dell SupportAssist software as soon as possible to close a high-risk remote code execution vulnerability. What is Dell SupportAssist? …
Magento sites under attack through easily exploitable SQLi flaw
A recently patched SQL injection flaw affecting the popular open-source e-commerce platform Magento is being actively exploited by attackers, so if you haven’t …
CIOs and CISOs hold off on crucial updates due to potential impact on business operations
CIOs and CISOs around the world have held back from implementing critical measures that keep them resilient against disruption and cyber threats. Over eight out of ten (81%) …
Patched Apache flaw is a serious threat for web hosting providers
Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via …
Featured news
Sponsored
Don't miss
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints