Security researchers have warned that SAP CRM software has a couple of vulnerabilities that could be combined to compromise user data - the flaw is about as "bad as it gets".
The issue with manual patching it that it is very time consuming and vulnerabilities can be missed due to human error. Organisations can combat these issues by delegating the task to technology.
Almost all iPhones and Macs are at risk from Spectre chip security flaw according to industry reports.
A reported chip flaw in Intel processors that has existed at least for the last 10 years allows software programs to access content in kernel memory and patching the bug.
API vulnerabilities are the sleeping giant of our technology-led world. The threats posed by an exposed API are significant, yet, they remain the most overlooked threat to information security today says Jason Macy
VMware on Tuesday patched a series of vulnerabilities in its ESXI, Workstation Pro, and Fusion hypervisors, as well as its vCenter Server Appliance.
A vulnerability in Symantec endpoint clients remains unpatched months after disclosure, according to security researchers.
A day after a developer revealed a root access flaw in macOS High Sierra version 10.13.1, Apple released an emergency patch, which it plans to push out today.
Symantec patched a certificate spoofing vulnerability in its Install Norton Security product that occurs when downloading Norton for Mac.
Intel researchers identified an elevation of privilege exploits in various product families which could enable a system crash or system instability, among other issues.
Most breaches we become aware of are caused by failure to update software components that are known to be vulnerable for months or even years.
Security researchers have warned over multiple flaws in Libxls that could result in remote code execution using specially crafted XLS files.
Oracle Corporation issued a series of emergency patches on Tuesday last week, fixing five vulnerabilities in its Tuxedo middleware platform, including a critical one that has been compared to Heartbleed.
Cisco has patched a critical flaw in its Voice-OS which could allow an unauthenticated, remote hacker to gain elevated access to 12 types of its products.
Microsoft's November Patch Tuesday rollout included patches 53 flaws, 20 rated critical, spread across a variety of products, including Edge, Internet Explorer, Windows and Office.
A new malware uses an updated methodology to abuse the previously patched Android Toast overlay vulnerability, which once installed, can download additional malware as well as use various permissions to access the phone.
The Tor Project released a patch fixing an issue that could reveal the correct IP address of MacOS and Linux users using the Tor browser.
Apple has finally addressed the KRACK vulnerabilities in its latest macOS High Sierra, Sierra, El Capitan, iOS 11.1, tvOS and watchOS.
A private website Google used to track bugs in its own products was discovered to have its own set of flaws that could have exposed sensitive vulnerability reports - now fixed.
Apache OpenOffice patched four medium vulnerabilities in the suites word processing and graphics apps.
A bug in T-Mobile's wsg.t-mobile.com API may have allowed attackers to access customer data that can be used to carry out phishing attacks or worse.
LG patches holes in its IOT device range following cooperation with CheckPoint, including patching vacuum cleaners which could have become digital spies in the home.
National Audit Office (NAO) report says NHS trusts were left vulnerable to the unsophisticated Wannacry attack because NHS chiefs ignored cyber-security recommendations. UK Government holds North Korea responsible.
A quarter of financial service employee mobile devices have unpatched vulnerabilities, according to a recent Symantec report.
Patching and application control should be first on the list to strengthen your organisation against attack, but take a strategic approach, and don't just patch for the latest WannaCry, but for the next big attack too says Amber Boehm.
Oracle Corp's quarterly Critical Patch Update (CPU) has fixes for 252 vulnerabilities, including extremely severe bugs found in the company's Hospitality Applications, Siebel CRM solution, and PeopleSoft HR software.
ROCA proof of concept attacks threaten RSA encrypted devices as far back as 2012 - patches need updating now.
Mozilla issued a security update stating that the newly released Thunderbird 52.4 , Firefox 56 and Firefox ESR 52.4 patch 10 vulnerabilities, two rated critical, five high and three moderate found in earlier iterations of the software.
Microsoft's October Patch Tuesday release covered a wide spectrum of problems with the majority possibly resulting in remote code execution (RCE) and CVE-2017-11826 being publicly disclosed and actively exploited.
30GB of data stolen from a small Australian military defence contractor which included technical information on jet fighters, transport aircraft, 'smart bomb kits.' Culprit, the lone IT technician.