security update
Adobe releases fix for actively exploited Flash Player zero-day
If you’re still using Flash Player, it’s time to update it again – and quickly: Adobe has just patched a critical zero day vulnerability (CVE-2018-5002) …
Apple security updates, iOS and macOS now support Messages in iCloud
It’s time to update your Apple devices and software again: the company has pushed out security updates for macOS, iOS, watchOS, tvOS, Safari, and iCloud and iTunes for …
Samsung doesn’t have to offer updates for phones older than two years
Dutch consumer protection organization Consumentenbond took Samsung Netherlands to court, arguing that the company should provide updates and upgrades for their telephones …
Google will force Android OEMs to push out security patches regularly
Android P, the ninth major version of the widely-used mobile OS, is expected to be released later this year. Google has already announced a slew of security and privacy …
May 2018 Patch Tuesday forecast: Where are the flowers?
The wintry weather doesn’t want to give up its hold on us here in the US. The extended cold has kept the spring flowers from blooming, dragging out the winter blues. It …
Crypto flaw in Oracle Access Manager can let attackers pass through
A padding oracle vulnerability in Oracle Access Manager (CVE-2018-2879) can be exploited by attackers to bypass authentication and impersonate any user account. About the …
It’s time to update your Cisco WebEx software again!
Cisco has released security updates for a variety of its offerings, including some that fix critical remote code execution vulnerabilities in Webex software, Cisco Secure ACS …
New Drupal RCE vulnerability under active exploitation, patch ASAP!
Yet another Drupal remote code execution vulnerability has been patched by the Drupal security team, who urge users to implement the offered updates immediately as the flaw is …
Apple device users, stay away from QR codes until you upgrade
It’s time to update your Mac and iOS-powered devices again: Apple has plugged four vulnerabilities, two of which could be exploited to execute arbitrary code if a user …
Cisco plugs critical hole in WebEx, users urged to upgrade ASAP
Cisco has fixed a critical vulnerability in its Webex videoconferencing software that could be exploited to compromise meeting attendees’ systems by simply opening a …
Moxa plugs serious vulnerabilities in industrial secure router
A slew of serious vulnerabilities in the Moxa EDR-810 series of industrial secure routers could be exploited to inject OS commands, intercept weakly encrypted or extract clear …
Your Android phone says it’s fully patched, but is it really?
How do fully-maintained (i.e., patched) Android phones end up getting exploited? Searching for an answer to that question spurred security researchers to analyze thousands of …