Microsoft has released two additional Windows security updates that address the Spectre side-channel vulnerabilities that were revealed in January of 2018.
Month: April 2018
Drupal issued a security advisory (SA-CORE-2018-004) on Wednesday to address a Highly Critical Remote Code Execution vulnerability (CVE-2018-7602). It is important to note this vulnerability is being exploited in the wild. An excerpt from the advisory: “A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors …
A new vulnerability dubbed “Total Meltdown” was discovered last month after Microsoft issued patches to fix the previous Meltdown vulnerabilities.
A leaky Mongo database exposed nearly 25,000 personal records from a Bezop cryptocurrency server. Bezop is one of over 1,000 cryptocurrencies.
An advanced persistent threat (APT) hacking group has been exploiting an unpatched Internet Explorer (IE) vulnerability to infect Windows PCs with malware.
In an effort to protect patient safety and promote public health, the US Food and Drug Administration (FDA) released a new Medical Device Safety Action Plan.
Security researchers from Symantec have disclosed a new iOS vulnerability dubbed ‘Trustjacking’ that allows an attacker to exploit an iTunes Wi-Fi Sync feature and take control of a victim’s device.
Beware of a painting application called ‘Relieve Stress Paint’ that hackers are using to download malware dubbed “Stresspaint” and steal Facebook user credentials/cookies.
Cisco has released security updates for a number of Cisco products to include WebEx, Unified Computing System (UCS) Director, StarOS, IOS XR Software, Firepower and a number of other products.
Oracle has released its Critical Patch Update (CPU) for April 2018 that addresses 254 vulnerabilities across multiple products.