Developers & vendors of numerous third-party security, forensics & incident response products for Mac computers have started issuing patches after researchers realised their software wasn't interacting with Apple's code-signing API.
Cisco Systems has issued 28 security updates that patch vulnerabilities found in a variety of products, including two critical bugs that were assigned a CVSS (Common Vulnerability Scoring System) base score of 9.8.
This month's Microsoft patch Tuesday included more than 70 patches 15 of which were marked as critical and one that could exploit authentication in Microsoft Remote Desktop Protocol.
A recently patched Flash Player flaw was exploited in a widespread attack spam campaign primarily targeting South Koreans.
Security patches introduced by Apple and Google reduced instances of jailbreaking and minimised firmware flaws, but the use of mobile ransomware, banking malware, and malicious apps by cyber-criminals shot through the roof in 2017.
The developer of uTorrent for Windows and uTorrent Web has been scrambling to issue patched versions of the BitTorrent-based peer-to-peer fire-sharing apps.
Cisco Systems on Wednesday issued 20 security updates, notably patching a critical vulnerability in two router products that could resulted in remote code execution or a denial of service condition.
Cisco's latest security update patches an Adaptive Security Appliance (ASA) software vulnerability that could allow an attacker to gain complete control of an affected system.
High-profile cyber-security incidents continue to appear due to the mistake of companies not applying patches to known vulnerabilities according to Tripwire research.
VMware issued patches on Wednesday for a trio of critical vulnerabilities in its vSphere Data Protection backup and recovery solution. The problem was found in versions 6.1.x, 6.0.x, and 5.x, and repaired in versions 6.1.6 and 6.0.7.
Apple has continued to roll out patches to fix the KRACK (Key Reinstallation AttaCKs) series of vulnerabilities, this time in its AirPort Base Station firmware.
Google issued patches for 37 security issues in Chrome, with one being rated critical and six considered high risks, with the release of Chrome 63.0.3239.84.
Cisco released patches for multiple vulnerabilities in its WebEx Recording Format and Advanced Recoding Format Players to address vulnerabilities.
Google reported it has updated Chrome to version 51.0.2704.79 for Windows, Mac, and Linux with a total of 15 security fixes, including two high and five medium threats, being patched.
Google plans to begin phasing out support for Adobe's Flash Player by the end of this year, the search company announced on a Chromium forum.
UK PC users are making progress when it comes to patching software vulnerabilities, however big challenges still remain.
A reflected cross-site scripting (RXSS) attack that let attackers log their passwords in cleartext was found contained on Fortinet's login page.
Cisco released a patch for a critical security vulnerability affecting the Internet Key Exchange of ASA software, the operating system that runs its Adaptive Security Appliance security devices.
A critical authentication bug has been discovered in Advantech's EKI series of Modbus-to-TCP/IP gateways.
Another emergency patch to guard against exploits in the wild
Vulnerabilities have been identified in a few web applications in the e-commerce/shopping cart application osCmax, osCommerce's Online Merchant, Roundcube, Osclass, and SocialEngine.
When it comes to what security professionals need to do to protect their organisations not much has changed in a couple of decades, though perimeters have all but dissolved and the timeframe for taking action has become more compressed, according to members of a Tuesday panel at SC Congress in Chicago.
Stagefright found in Android allows an attacker to run arbitrary code with the media or system permissions.
Adobe's Flash Player and AIR updates fix 35 bugs, the majority of which could lead to code execution.