A little bit of good news on the patch front this month. Microsoft issued 11 updates today, 6 of which are critical, but none of the 40 unique vulnerabilities are under active attack. The software maker is using what is likely a brief reprieve to clean up old code so if you’re using Vista,
Google Chrome, the world’s most popular web browser, is banging another nail into Adobe Flash’s coffin… in preference for HTML5.
If you pay any attention to infosec headlines, you’ve likely seen it’s once again that time of year when Verizon releases its Data Breach Investigations Report (DBIR). The 9th annual report was released yesterday and while much of it isn’t surprising, it is entirely disheartening.
A quick review of the findings show cybercrime continues to target what hackers obviously deem the weakest link in the chain,
The malicious hackers developing exploit kits, designed to help online criminals break into computers systems and spread malware, are keener on exploiting Adobe Flash than any other software.
Web servers around the world are at risk from a serious security vulnerability, dubbed the DROWN attack, which could allow hackers to steal private information.
Yes, you should keep your online store patched – but please be sure that the patch you are installing isn’t itself malicious.
Don’t just delete the malicious code on your web server. Determine how it got there in the first place if you want to prevent future attacks.
If there’s something which is in high demand from both the common internet criminals and intelligence agencies around the world, it’s a way of easily infecting the iPhones and iPads of individuals.
The proof that there is high demand for a way to remotely and reliably exploit iOS devices, in order to install malware that can spy upon communications and snoop upon a user’s whereabouts,
A cross-site scripting (XSS) flaw on PayPal’s website could have been used by hackers to phish for your login credentials, and even steal your unencrypted card details.
But thankfully the vulnerability was found by a responsible researcher, who informed PayPal about the problem and helped the web’s most popular payment service from being embarrassed by a massive security gaffe.
Yesterday was Patch Tuesday, and – as Optimal Security’s Russ Ernst described – Microsoft released fixes for a smorgasbord of vulnerabilities.
Obviously, it’s important that you roll out the patches as soon as possible, and ensure that your computers and networks are protected against threats which malicious hackers could use to target your systems,
As of August 1, ComputerWorld reported Windows 10 global usage had climbed to 2.5%. Not too shabby for the OS that was launched just three days earlier on July 29. Those numbers easily beat early adoption rates for Windows 8.1 but, I wonder how those users are faring? A quick read of headlines shows a lot of headaches ranging from overall privacy concerns to unwanted update files being delivered to networked machines still running Windows 7 or 8.1.
Operation Pawn Storm is up to its dirty tricks again, this time with what is claimed to be the first new Java zero-day vulnerability in two years.
It’s all very well having a bug bounty program, argues LinkedIn, but how is your organisation going to cope if it is bombarded with hundreds of meaningless and useless reports, that your security team cannot act upon?
Researchers discover a new attack against encrypted communications on the internet.