Oracle fixes 252 vulnerabilities in October 2017 Critical Patch Update
Oracle has released its Critical Patch Update (CPU) for October 2017, addressing 252 vulnerabilities across the wide multitude of its products. Compared to the July 2017 CPU, …
The pervasive risk of vulnerable open source components
Veracode announced findings from the 2017 State of Software Security Report, a comprehensive review of application security testing data from scans conducted by a base of more …
Should non-security functions get more involved in cybersecurity?
According to a survey conducted by Dimensional Research, 100 percent of respondents believe soft skills are important when hiring for their security teams. The three most …
Digital transformation and the loss of security control
Unpatched web infrastructure and de-centralised web management practices are leaving UK organisations vulnerable to cyber-attacks and high profile data breaches. New RiskIQ …
Vulnerability in code library allows attackers to work out private RSA keys
Researchers have discovered a security vulnerability in the Infineon-developed RSA library, which could be exploited by attackers to discover the RSA private key corresponding …
Are you employees snooping on the corporate network?
The overwhelming majority of employees are deliberately seeking out information they are not permitted to access, exposing a major snooping problem among today’s workforce. …
ESET helps Google protect Chrome users from unwanted software
Google has redesigned Chrome Cleanup on Chrome for Windows, and has upgraded the technology it uses to detect and remove unwanted software. A basic antivirus for Chrome …
Adobe releases emergency fix for Flash Player zero-day exploited in the wild
Adobe has released an out-of-band security update for Adobe Flash Player that patches a zero-day remote code execution vulnerability actively exploited in the wild. Kaspersky …
Digital transformation, regulations impacting data security decisions at financial organizations
Almost half (49%) of global financial services organisations have experienced a data breach in the past, according to the 2017 Thales Data Threat Report, Financial Edition. …
Companies turn a blind eye to open source risk
Though open source software (OSS) helps software suppliers be nimble and build products faster, there are hidden software supply chain risks all software suppliers and IoT …
As GDPR implementation date approaches, cyber risk gets more attention
The upcoming implementation of the European Union’s General Data Protection Regulation (GDPR), which takes effect in May 2018, has elevated cyber risk to the top of the …
WPA2 weakness allows attackers to extract sensitive info from Wi-Fi traffic
WPA2, a protocol that secures modern protected Wi-Fi networks, sports serious weaknesses that can allow attackers to read and capture information that users believe to be …
Featured news
Resources
Don't miss
- Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs
- Attackers phish OAuth codes, take over Microsoft 365 accounts
- When confusion becomes a weapon: How cybercriminals exploit economic turmoil
- SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)