Those of us in the security industry saw the need to identify and share incident and vulnerability information, but unfortunately âsecurity through obscurityâ was often the approach taken â operations over protection. Fast forward to today, and whether you agree or disagree with the state of software security, we at least have the forums and […]
There were 56 newly-reported vulnerabilities fixed in this monthâs patches from Microsoft, with four of them offering attackers the chance of finding remote code execution (RCE) exploits. Remote code execution is where otherwise innocent-looking data thatâs sent in from outside your network can trigger a bug and take over your computer. Bugs that make it possible for booby-trapped chunks […]
Hot on the heels of disclosing a critical zero-day vulnerability in Chrome that was being exploited in the wild by attackers, Google has now uncovered another critical zero-day that is being used alongside it to take over Windows machines. Source: Google Says Upgrade To Windows 10 After Critical Flaws Found In Chrome And Windows 7
RV110W, RV130W, RV215W need patching to close remote hijacking bug Source: Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAArrg *segfault* Enter your email address: Delivered by FeedBurner
Microsoft announced on its support website that future Windows 7 and Windows Server 2008 updates will require SHA-2 code signing support to be installed starting with July 16, 2019. Source: Windows 7 and Server 2008 Updates to Require SHA-2 Support Starting July
Patching vulnerabilities is often seen as a key element of keeping systems secure. But a new report suggests businesses could be âsmarterâ in their patching regimes and prioritize the i⌠Source: Businesses can safely delay patching most vulnerabilities 🔒 securing the business 🔒 DISC InfoSec
