security update
Microsoft testing EMET’s new protection mechanisms
Just as researchers made public their successful attempt of creating attack code for bypassing the protections of the latest version of Microsoft’s Enhanced Mitigation …
Apple fixes critical crypto bug in iOS, OS X fix to be released “soon”
On Friday, Apple announced the release a software update for its iOS mobile operating system that addresses a critical encryption flaw. A similar update has also been released …
Adobe fixes Flash 0-day
Adobe released their second out-of-band update for Adobe Flash this month. APSB14-07 fixes three vulnerabilities in Adobe Flash, including CVE-2014-0502 which is being used in …
Microsoft issues Fix it for critical IE 0-day exploited in attacks
Microsoft has finally issued a security advisory addressing the IE zero-day that has been recently actively exploited in attacks in the wild, and has followed with a Fix it …
HP says server security and safety updates will remain free
The news that starting on February 19, HP will provide firmware updates for its servers only to customers with a valid warranty, Care Pack Service or support agreement, has …
Microsoft patches critical vulnerabilities, secures IE
At first take, it looked like Microsoft would continue the 2014 trend of keeping patch Tuesday relatively light. There were only 5 advisories this month, two critical, three …
Microsoft to keep next Patch Tuesday light
Microsoft continues the trend they started last month of keeping patch Tuesday relatively light. There are only five advisories this month – two critical, three …
Adobe Flash flaw exploited in the wild, update now
Adobe has released an emergency patch for a critical vulnerability affecting Flash Player for Windows, Linux and OS X, the exploitation of which can result in an attacker …
Microsoft extends support for Win XP’s security solutions to mid-2015
Despite having announced earlier this month that they would stop providing signature updates for Security Essentials for Windows XP in April 8, 2014 – the same date when …
Light Patch Tuesday delivers four bulletins
With only four bulletins, this month’s release is the lightest in recent memory. Markedly missing are any bulletins for Internet Explorer and not a single bulletin is …
IE flaw targeted in Aurora attacks still actively exploited
Regular software patching is often touted as one of the best things you can do to keep your computer safe against malware infection. Unfortunately, not all users follow that …
Configuring for security in a world of 0-days
Last month, Microsoft published two separate notices of 0-day vulnerabilities that were being used in the wild to attack Microsoft products. The first flaw is in a code …
Featured news
Resources
Don't miss
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance