security update
Vulnerabilities allow attackers to take over infusion pumps
Two vulnerabilities in Windows CE-powered Alaris Gateway Workstations (AWGs), which provide support for widely used infusion pumps, could allow remote attackers to disable the …
June 2019 Patch Tuesday: A little something for everybody
For June 2019 Patch Tuesday, Microsoft has fixed a whooping 88 CVE-numbered vulnerabilities, Adobe has plugged many critical security holes in ColdFusion and Flash Player, and …
Attackers are exploiting WordPress plugin flaw to inject malicious scripts
Attackers are leveraging an easily exploitable bug in the popular WP Live Chat Support plugin to inject a malicious JavaScript in vulnerable sites, Zscaler warns. The company …
Microsoft updates break AV software, again!
Microsoft’s May 2019 security fixes have again disrupted the normal functioning of some endpoint security products on certain Windows versions. Current problems …
Intel MDS attack mitigation: An overview
Intel has revealed on Tuesday that some of its CPUs are vulnerable to a number of new speculative execution attacks that may allow attackers to stealing sensitive data and …
Apple May 2019 security updates fix numerous issues
Another month, another batch of Apple security updates that users of the firm’s computers, phones, tablets, streaming devices and smart watches will be prompted to …
Critical flaw allows attackers to take over Cisco Elastic Services Controllers
Cisco has patched a critical, remotely exploitable authentication bypass vulnerability in Cisco Elastic Services Controller (ESC), a popular enterprise software for managing …
Flaw in pre-installed software opens Dell computers to remote hijack
Dell computer owners should update the Dell SupportAssist software as soon as possible to close a high-risk remote code execution vulnerability. What is Dell SupportAssist? …
Magento sites under attack through easily exploitable SQLi flaw
A recently patched SQL injection flaw affecting the popular open-source e-commerce platform Magento is being actively exploited by attackers, so if you haven’t …
CIOs and CISOs hold off on crucial updates due to potential impact on business operations
CIOs and CISOs around the world have held back from implementing critical measures that keep them resilient against disruption and cyber threats. Over eight out of ten (81%) …
Patched Apache flaw is a serious threat for web hosting providers
Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via …
Security remains a top concern for IoT executives, but small fixes can shore up ecosystem resilience
66 percent of companies say their c-suite executives are supportive of their IoT implementation, but even with strong support they noted there are hurdles to overcome. A …
Featured news
Resources
Don't miss
- Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices
- Why security culture is crypto’s strongest asset
- Why remote work is a security minefield (and what you can do about it)
- Trump orders revocation of security clearances for Chris Krebs, SentinelOne
- FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887)