Attackers reverse Outlook vulnerability CVE-2017-11774 patch functionality

Researchers at FireEye have spotted an uptick in active exploits of CVE-2017-11774, an Outlook security feature bypass vulnerability. Attackers are also actively reversing Outlook vulnerability patch functionality. To help protect against such exploits, FireEye has provided Outlook hardening guidelines.

Continue Reading Attackers reverse Outlook vulnerability CVE-2017-11774 patch functionality

NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines

The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).

Continue Reading NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines

Lenovo warns of critical WiFi vulnerabilities

Lenovo warned its customers about two critical Broadcom WiFi vulnerabilities that affect 25 ThinkPad models. The firmware vulnerabilities impact Broadcom’s BCM4356 Wireless LAN Driver for Windows 10 and contain buffer overflow flaws.

Continue Reading Lenovo warns of critical WiFi vulnerabilities