Oracle Patches 270 Vulnerabilities in Year’s First Critical Patch Update
Oracle patched 270 vulnerabilities, many remotely exploitable, across 45 different products as part of its quarterly Critical Patch Update (CPU) on Tuesday.
Chris Brook
About
"Distrust and caution are the parents of security" - Benjamin Franklin
Vulnerabilities Leave iTunes, App Store Open to Script Injection
Researchers say iTunes and Apple’s App Store suffer from a persistent input validation and mail encoding web vulnerability. If exploited, it could allow an attacker to inject their own malicious script.
Andrew Macpherson on Intelligence Gathering with Maltego
Operations Manager at Paterva Andrew Macpherson outlines the details of the “Digital Intelligence Gathering using Maltego” course being offered at SAS 2017.
The news of the week is discussed, including the ShadowBrokers’ farewell, GoDaddy’s buggy domain validation issue, MongoDB ransoms, and the latest with St. Jude Medical.
Mike Mimoso talks to Marie Moe, a research scientist at SINTEF of Norway, about her personal and emotional connection to medical device security.
A new WordPress update, pushed this week, resolves eight security issues, including a handful of XSS and CSRF bugs.
Cloudflare on Tuesday was finally able to post a National Security Letter it received from the FBI back in 2013.
Researchers recently identified a phishing campaign set up to lure unsuspecting Netflix users into giving up their credentials and credit card data.
Data purportedly belonging to 1.5 million members of the video gaming community ESEA, or the E-Sports Entertainment Association League, was leaked over the weekend.
Mike Mimoso and Chris Brook discuss the news of the week, including on this week’s U.S. Senate Committee on Armed Service hearing, the Burlington Electric ‘Hack’, FireCrypt, and Security Without Borders.
