security update
D-Link fixes critical router flaws
D-Link has released new firmware for its DIR-820L Wi-Fi dual band cloud router, which fixes a number of security vulnerabilities. One of these can apparently be exploited by …
Over a million WP sites at risk of hijacking due to plugin bug
Users who run their websites on the popular WordPress CMS and are also using the WP-Slimstat web analytics plugin should update as soon as possible, warns Sucuri vulnerability …
Critical Samba flaw allows unauthorized remote code execution
Samba, the popular free software that allows file and print sharing between computers running Windows and those running Unix or Linux, has been found sporting a critical flaw …
Flaw makes Cisco routing hardware vulnerable to DoS attacks
A serious vulnerability affecting the software of some of Cisco’s routing hardware systems for telecommunications and Internet service providers could be exploited to …
Microsoft fixes critical remotely exploitable Windows root-level design bug
In this month’s Patch Tuesday, Microsoft has released nine security bulletins to address 56 unique vulnerabilities in Microsoft Windows, Microsoft Office, Internet …
Adobe patches latest Flash Player zero-day
Adobe has released Flash Player 16.0.0.305, a new version that fixes the latest zero-day flaw (CVE-2015-0313) that is currently exploited in mass malvertising campaigns. An …
New OS X Yosemite version fixes critical security issues, including Thunderstrike
Apple has released the latest version of OS X Yosemite (v10.10.2) and the first security update (2015-001) for this year, and among the problems fixed is one affecting the CPU …
Why Google won’t be updating pre-KitKat WebKit anymore
Two weeks ago, Rapid 7 researchers discovered that Google will no longer be providing security patches for WebView used in pre-KitKat (v4.4) Android versions, meaning that …
Adobe updates Flash Player again, plugs 0-day exploited by Angler
Adobe made good on its promise to make available by this week a fix for the recently discovered critical zero-day Flash Player vulnerability (CVE-2015-0311) preyed on by the …
Critical Flash Player hole plugged, another still unpatched and exploited
Adobe has released an out-of-band update for Flash Player, which fixes a security flaw (CVE-2015-0310) that could be used to circumvent memory randomization mitigations on the …
GoDaddy fixes domain-hijacking vulnerability
Security engineer Dylan Saccomanni has discovered a critical CSRF vulnerability that can be exploited to take over domains registered with Go Daddy, and has forced the popular …
Oracle patches 169 vulns across its products, many are critical
On Tuesday Oracle released its quarterly Critical Patch Update, which addressed a total of 169 vulnerabilities across multiple products, including Java SE (Standard Edition). …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments