Dennis Fisher and Mike Mimoso talk about all of the patches from Microsoft, Adobe and Oracle, the Flash security saga and the Darkode forum takedown.
Browsing Category: Vulnerabilities
iSight Partners provides details on an Office zero day patched this week that was used by the prolific APT 28 gang.
A slew of routers manufactured in China are fraught with vulnerabilities, some which have existed in products for as long as six years.
An authentication bypass vulnerability in a Siemens device that’s used in energy automation systems could allow an attacker to gain control of the device. The vulnerability is in the Siemens SICAM MIC, a small telecontrol system that performs a number of functions and includes an integrated Web server and several other features. “The devices consist of[…]
Microsoft ended security support for existing Microsoft Security Essentials customers running Windows XP, a little more than a year after support officially ended
A large group of security companies have formed a coalition to oppose the proposed rules from the Department of Commerce that would regulate the export of so-called intrusion software, a broad term that researchers and legal experts are concerned would limit security research and development. The rules proposed by the department’s Bureau of Industry and Security in[…]
Oracle has released its quarterly patch update, which includes fixes for nearly 200 vulnerabilities. The most notable bug fixed in this release is the Java zero day that’s been used in an ongoing attack campaign. The massive release from Oracle has patches for a long list of products, but the Java vulnerabilities are the heart[…]
Microsoft patched a Windows kernel zero day vulnerability uncovered among the data stolen from the controversial Hacking Team.
Adobe today patched two zero day vulnerabilities discovered in data from the Hacking Team breach. It also released updated versions of Acrobat, Reader and Shockwave.
Security researcher Jordan Wiens was awarded one million miles after submitting a remote code execution bug to United Airlines’ bug bounty program.