security update
SWAPGS Attack: A new Spectre haunts machines with Intel CPUs
Bitdefender researchers have uncovered yet another viable speculative execution side-channel attack that can be leveraged against Intel CPUs and the computers running on them. …
If you’re struggling with Windows 10 migration, updates will be an even bigger challenge
With the end of Windows 7 support on the horizon, many companies remain significantly behind in completing their Windows 10 migration, new data from 1E shows. Of 600 senior IT …
Flaw in Iomega, LenovoEMC NAS devices exposes millions of files on the Internet
A vulnerability in legacy Iomega and LenovoEMC network-attached storage (NAS) devices has led to many terabytes of potentially sensitive data being accessible to anyone via …
Citrix plugs critical Citrix SD-WAN flaws, patch ASAP!
Researchers have found critical vulnerabilities in Citrix SD-WAN, one of the most widely used SD-WAN solutions out there, and are urging administrators to patch them as soon …
Cisco plugs critical security holes in Data Center Network Manager
Cisco has plugged four security holes in its Data Center Network Manager, two of which critical (have a 9.8 CVSS score). About Cisco Data Center Network Manager Cisco Data …
Dell fixes high-risk vulnerability in pre-installed SupportAssist software
Dell pushed out fixes for a high-risk vulnerability in its pre-installed SupportAssist software and urges users who don’t have auto updating enabled to upgrade the …
Cisco fixes critical vulnerabilities in its SD-WAN, DNA Center solutions
Cisco has released another batch of fixes for many of its products, including its SD-WAN and DNA Center solutions, its Email Security Appliance, Security Manager, SOHO …
Mozilla plugs critical Firefox zero-day used in targeted attacks
A critical Firefox zero-day remote code execution vulnerability is being abused in targeted attacks in the wild, Mozilla has warned on Tuesday. About the vulnerability …
Vulnerabilities allow attackers to take over infusion pumps
Two vulnerabilities in Windows CE-powered Alaris Gateway Workstations (AWGs), which provide support for widely used infusion pumps, could allow remote attackers to disable the …
June 2019 Patch Tuesday: A little something for everybody
For June 2019 Patch Tuesday, Microsoft has fixed a whooping 88 CVE-numbered vulnerabilities, Adobe has plugged many critical security holes in ColdFusion and Flash Player, and …
Attackers are exploiting WordPress plugin flaw to inject malicious scripts
Attackers are leveraging an easily exploitable bug in the popular WP Live Chat Support plugin to inject a malicious JavaScript in vulnerable sites, Zscaler warns. The company …
Microsoft updates break AV software, again!
Microsoft’s May 2019 security fixes have again disrupted the normal functioning of some endpoint security products on certain Windows versions. Current problems …
Featured news
Resources
Don't miss
- Criminals create business website to sell RAT disguised as RMM tool
- Ex-Google engineers charged with orchestrating high-tech secrets extraction
- Google cleans house, bans 80,000 developer accounts from the Play Store
- The CISO view of fraud risk across the retail payment ecosystem
- Applying green energy tax policies to improve cybersecurity