The CERT Coordination Center (CERT/CC) has released a security advisory for multiple TCP networking vulnerabilities that impact Linux and FreeBSD kernels.
The Apache Software Foundation has released new Apache Tomcat security updates to address an HTTP/2 Denial of Service (DoS) vulnerability.
Oracle has released a patch for a critical vulnerability CVE-2019-2729 in Oracle WebLogic Server, exploited in the wild. The company also warns bad actors can remotely exploit the flaw without a username and password.
Mozilla has released a security update that fixes a critical vulnerability in Firefox 67.0.3 and Firefox ESR 60.7.1.
Samba has released fixes for two security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
The Department of Homeland Security (DHS) just issued a new warning on the “wormable” BlueKeep threat and vulnerability. DHS says attackers can exploit unpatched systems to perform remote code execution.
Yubico has issued a recall of certain models of its YubiKey FIPS series devices after the company discovered security issues.
A hacker group known for intrusions against oil and gas facilities is now expanding attacks against the electric utility sector.
Google has released a new security update for Chrome 75.0.3770.90 for Windows, Mac and Linux.
Intel has released security and firmware updates that fix vulnerabilities in multiple Intel products.