Update News, Articles and Updates

AMD Processors address Spectre vulnerabilities

AMD releases processor security updates for vulnerabilities concerning the Spectre Variant 2 vulnerability or Microsoft Windows users.

Should LinkedIn follow Facebook's lead in data restriction controls?

Facebook's recent announcement to update its data restriction policies has prompted some researchers to examine other social media platforms to review their data practices as well.

Natus reportedly updates EEG device software to squash RCE, DoS bugs

Health care device manufacturer Natus Medical Incorporated has reportedly updated the software used in its Xltek EEG products, which monitors brain activity, after a researcher discovered five vulnerabilities that could be exploited.

Newest Apple releases squash bugs in iOS, macOS, Safari, various apps

Apple addressed a bevy of security bugs late last week, after issuing updated versions of its current operating systems, Safari browser and several core apps, as well as security enhancements for two older OS offerings.

Updated Avzhan DDoS bot spotted in Chinese drive-by attack

A Chinese drive-by attack was recently observed dropping an updated version of the Avzhan DDoS bot, according to Malwarebytes researchers.

Data breach site adds 80M new records, updates 'Pwned Passwords' service

Data breach aficionado Troy Hunt has significantly updated his "Have I Been Pwned?" website in recent days, adding a data set of 2,844 breach incidents involving 80 million stolen records.

Massive code rewrite may be required to patch Skype vulnerability

Skype is reportedly refusing to patch a security vulnerability in its updater process which could allow an attacker to gain system level privileges on a vulnerable computer.

Cisco update eliminates DoS vulnerability in Aggregation Services Router OS

Cisco Systems on Wednesday issued a security update that fixes a high-severity denial of service vulnerability in release version 5.3.4 of its IOS XR Software for the Aggregation Services Router (ASR) 9000 Series.

Cisco patches ASA software flaw allowing VPN hacks

Cisco's latest security update patches an Adaptive Security Appliance (ASA) software vulnerability that could allow an attacker to gain complete control of an affected system.

Lenovo patches 14-year-old vulnerability

Lenovo released a patch for a vulnerability introduced 14 years ago via a firmware update by the now-defunct Nortel Networks and its blade server and switch business unit.

Microsoft to remove SMB1 protocol - used by Wannacry - from Windows 10

Microsoft is to remove SMB1 server software, which was used by the NSA and later exploited by the hackers behind the recent Wannacry outbreak.

Siemens update advised following US CERT advisory

Updates are available following US Computer Emergency Response Team (CERT) issuing advisory warning of "weakly protected" credentials in Siemens SIMATIC WinCC flexible industrial control system.

Microsoft Word users fuming as abnormal update borks macros

Microsoft security patch causes users to lose customised templates and safe macros, leaving cyber-security commentators shaking their heads that the software giant could make such a newbie mistake.