November 2023 Patch Tuesday forecast: Year 21 begins 10/11/2023 at 09:03 By Help Net Security The October forecast for large numbers of CVEs addressed in Windows 10 and 11 and the recent record on the number fixed in Windows Server 2012 was spot on! Microsoft addressed 75 CVEs in Windows 11, 80 in Windows 10, […]
React to this headline:
November 2023 Patch Tuesday forecast: Year 21 begins Read More »
Organizations lack the skills and headcount to manage Kubernetes 10/11/2023 at 07:02 By Help Net Security The Kubernetes industry is undergoing rapid change and evolution due to the growth of edge computing, the acceleration of AI, and the pressing need to modernize Kubernetes management in response to increasing technology scale and complexity, according to Spectro
React to this headline:
Organizations lack the skills and headcount to manage Kubernetes Read More »
Why legacy system patching can’t wait 02/11/2023 at 07:32 By Help Net Security The persistent neglect of patching legacy systems is plaguing critical infrastructure and industries. The consequences of such neglect can be damaging to organizations, ranging from costly security vulnerabilities to compliance risk and operational inefficiencies. Thus, the question remains: why is the process
React to this headline:
Why legacy system patching can’t wait Read More »
Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) 11/10/2023 at 13:31 By Zeljka Zorz Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older curl versions have been released, too. Preparation for the security updates A little over a
React to this headline:
Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) Read More »
Be prepared to patch high-severity vulnerability in curl and libcurl 10/10/2023 at 12:20 By Zeljka Zorz Details about two vulnerabilities (CVE-2023-38545, CVE-2023-38546) in curl, a foundational and widely used open-source software for data transfer via URLs, are to be released on Wednesday, October 11. Daniel Stenberg, the original author and lead developer, has said that
React to this headline:
Be prepared to patch high-severity vulnerability in curl and libcurl Read More »
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) 27/09/2023 at 14:46 By Zeljka Zorz The Chrome zero-day exploited in the wild and patched by Google a few weeks ago has a new ID (CVE-2023-5129) and a description that tells the whole story: the vulnerability is not in Chrome, but the libwebp library,
React to this headline:
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) Read More »
Baseline standards for BYOD access requirements 07/09/2023 at 06:02 By Help Net Security 49% of enterprises across Europe currently have no formal Bring-Your-Own-Device (BYOD) policy in place, meaning they have no visibility into or control over if and how employees are connecting personal devices to corporate resources, according to a Jamf survey. With the summer
React to this headline:
Baseline standards for BYOD access requirements Read More »
Old vulnerabilities are still a big problem 06/09/2023 at 17:01 By Zeljka Zorz A recently flagged phishing campaign aimed at delivering the Agent Tesla RAT to unsuspecting users takes advantage of old vulnerabilities in Microsoft Office that allow remote code execution. “Despite fixes for CVE-2017-11882/CVE-2018-0802 being released by Microsoft in November, 2017 and January, 2018,
React to this headline:
Old vulnerabilities are still a big problem Read More »
Android n-day bugs pose zero-day threat 01/08/2023 at 14:17 By Helga Labus In the Android ecosystem, n-day vulnerabilities are almost as dangerous as zero-days, according to Google’s review of zero-days exploited in the wild in 2022. N-days functioning as zero-days Zero-days are software bugs that are unknown to the vendor but known to – and
React to this headline:
Android n-day bugs pose zero-day threat Read More »
A step-by-step guide for patching software vulnerabilities 27/07/2023 at 07:34 By Help Net Security Coalition’s recent Cyber Threat Index 2023 predicts the average Common Vulnerabilities and Exposures (CVEs) rate will rise by 13% over 2022 to more than 1,900 per month in 2023. As thousands of patches and updates are released each month, organizations struggle
React to this headline:
A step-by-step guide for patching software vulnerabilities Read More »
Micropatches: What they are and how they work 29/06/2023 at 07:02 By Help Net Security In this Help Net Security video, Mitja Kolsek, CEO at Acros Security, discusses micropatches, a solution to a huge security problem. With micropatches, there are no reboots or downtime when patching and no fear that an official update will break
React to this headline:
Micropatches: What they are and how they work Read More »