‘Wormable’ Flaw Leads January 2022 Patch Tuesday

Credit to Author: BrianKrebs| Date: Tue, 11 Jan 2022 22:18:55 +0000

Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another.

Read more

Patch Tuesday, November 2020 Edition

Credit to Author: BrianKrebs| Date: Wed, 11 Nov 2020 01:56:41 +0000

Adobe and Microsoft each issued a bevy of updates today to plug critical security holes in their software. Microsoft’s release includes fixes for 112 separate flaws, including one zero-day vulnerability that is already being exploited to attack Windows users. Microsoft also is taking flak for changing its security advisories and limiting the amount of information disclosed about each bug.

Read more

Microsoft Patch Tuesday, October 2020 Edition

Credit to Author: BrianKrebs| Date: Tue, 13 Oct 2020 20:10:36 +0000

It’s Cybersecurity Awareness Month! In keeping with that theme, if you (ab)use Microsoft Windows computers you should be aware the company shipped a bevy of software updates today to fix at least 87 security problems in Windows and programs that run on top of the operating system. That means it’s once again time to backup and patch up.

Read more

Microsoft Patch Tuesday, Sept. 2020 Edition

Credit to Author: BrianKrebs| Date: Tue, 08 Sep 2020 21:33:26 +0000

Microsoft today released updates to remedy nearly 130 security vulnerabilities in its Windows operating system and supported software. None of the flaws are known to be currently under active exploitation, but 23 of them could be exploited by malware or malcontents to seize complete control of Windows computers with little or no help from users.

Read more

Back to Basics: Why We Need to Encourage More Secure IoT Development

Credit to Author: Mike Gibson| Date: Wed, 22 Aug 2018 12:05:33 +0000

The Internet of Things (IoT) is radically reshaping the way we live and work. Before our very eyes, organizations are becoming more agile, efficient and cost effective to run, all while consumers marvel at the wonders of the smart home, fitness trackers and connected cars. There’s just one major problem: Much of this new infrastructure…

The post Back to Basics: Why We Need to Encourage More Secure IoT Development appeared first on .

Read more

Zero-Day Coverage Update – Week of July 23, 2018

Credit to Author: Elisa Lippincott (Global Threat Communications)| Date: Fri, 27 Jul 2018 12:00:54 +0000

We’re at the end of July and the Zero Day Initiative (ZDI) has published 873 advisories so far. That’s 273 advisories this month alone – and that’s just the tip of the iceberg! Earlier this week, ZDI announced the Targeted Incentive Program, which brings over $1,500,000 USD in special bounty awards for specific targets. With…

The post Zero-Day Coverage Update – Week of July 23, 2018 appeared first on .

Read more

Zero-Day Coverage Update – Week of July 16, 2018

Credit to Author: Elisa Lippincott (Global Threat Communications)| Date: Fri, 20 Jul 2018 15:24:42 +0000

One night this week, I came across one of my favorite movies Willy Wonka and the Chocolate Factory. The world had gone crazy after the reclusive Willy Wonka announces that he has hidden five golden tickets in chocolate Wonka Bars that promised a factory tour and a lifetime supply of chocolate. There’s a scene at…

The post Zero-Day Coverage Update – Week of July 16, 2018 appeared first on .

Read more

Zero-Day Coverage Update – Week of July 9, 2018

Credit to Author: Elisa Lippincott (Global Threat Communications)| Date: Fri, 13 Jul 2018 14:10:20 +0000

Earlier this week, I wrote a blog covering a couple of the statistics from the Zero Day Initiative’s (ZDI) first half of 2018. One of the stats that I didn’t cover is the increasing focus on enterprise applications. The team is seeing consistent growth in submissions of Microsoft and Apple vulnerabilities, but now they’re also…

The post Zero-Day Coverage Update – Week of July 9, 2018 appeared first on .

Read more