security update
Tens of thousands WordPress sites defaced, SEO spam to follow
Attackers are actively exploiting the recently patched unauthenticated privilege escalation vulnerability in WordPress’ REST API to deface websites. Sucuri, the company …
Cisco Prime Home flaw allows hackers to reach into people’s homes
Cisco has patched a critical authentication bypass vulnerability that could allow attackers to completely take over Cisco Prime Home installations, and through them mess with …
WordPress kept users and hackers in the dark while secretly fixing critical zero-day
Last week WordPress released the newest version (4.7.2) of the popular CMS, ostensibly fixing three security issues affecting versions 4.7.1 and earlier. What the WordPress …
Can your Netgear router be hijacked? Check now!
Yesterday, researcher Simon Kenin of Trustwave SpiderLabs released information about an authentication bypass flaw affecting a wide variety of Netgear routers, as well as PoC …
The latest on the critical RCE Cisco WebEx extension vulnerability
Since Google bug hunter Tavis Ormandy revealed the existence of a remotely exploitable code execution flaw in the Cisco WebEx extension for Google Chrome last week, Cisco has …
Firefox 51 starts flagging HTTP login pages as insecure
Mozilla has released Firefox 51 on Tuesday, and this latest stable version of the popular browser comes with many security fixes and improvements. The list of security …
Apple releases security patches for everything, update today!
On Monday, Apple released its latest batch of security patches for macOS, Safari, iOS, watchOS, tvOS, iTunes and iCloud for Windows. The iTunes and iCloud for Windows updates …
Massive Oracle Critical Patch Update fixes 270 vulnerabilities
Oracle has released the first Critical Patch Update scheduled for 2017, and it’s massive. It fixes 270 vulnerabilities across multiple products, and over 100 of them are …
FDA urges patients to implement patch to secure their cardiac implants
Patients who have been implanted with pacemakers and defibrillators manufactured by US-based St. Jude Medical are urged to make sure that their Merlin@home Transmitter unit is …
Nagios Core 4.2.4 closes serious root privilege escalation bug
If you’re using Nagios Core to monitor your systems, networks and infrastructure, and you have not updated to version 4.2.4, you better hop to it. This latest release …
Joomla vulnerability can be exploited to hijack sites, so patch now!
If you’re running a website on Joomla, you should update to the newly released 3.6.5 version as soon as possible – or risk your site being hijacked. The newest …
Netgear pushes out beta firmware for vulnerable router models
Netgear has confirmed that eight of its router models are vulnerable to device hijacking due to a vulnerability that can be easily exploited by remote, unauthenticated …
Featured news
Resources
Don't miss
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests