patching
What You Need to Know About StackRot – CVE-2023-3269
StackRot, identified as CVE-2023-3269 is a 7.8 HIGH use-after-free vulnerability in the Linux kernel versions 6.1 to 6.4 that can lead to privilege escalation. The vulnerability, which was disclosed by Ruihan Li ...
Zyxel Firewall Protection: Patching to Combat Attacks
Introduction Zyxel firewall helps to secure networks against threats and unauthorized access. In today’s world where we share a tremendous amount of data online, network security has become vital. It’s necessary for ...
NetOps, Security Pros Overwhelmed by Network Updates
Network operations and security professionals are overwhelmed by constant updates and need more support from leadership to keep network and security devices updated and backed up. These were among the key results ...
Should you install the latest update? Yes, please do
While updating software, firmware, and devices may seem trivial, it is an important part of maintaining good overall cybersecurity posture. So, odds are you should definitely update to the latest version of ...
Unpatched Vulnerabilities Hamper IT Security Efforts
Executive leadership teams are overlooking critical gaps in vulnerability management within organizations, despite a series of high-profile breaches, according to an Action1 survey of 804 IT professionals. The study revealed that, on ...
BlackLotus Malware Hijacks Windows Secure Boot Process
Researchers have discovered malware that “can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows.” Dubbed BlackLotus, the ...
Microsoft January Patch Tuesday 2023: 98 Security Vulnerabilities and a Zero Day
On January 10th, 2023 Microsoft released their January Patch Tuesday fixes and revealed 98 vulnerability fixes, including one Zero Day vulnerability known to be exploited in the wild. The vulnerabilities affect popular ...
Critical Microsoft Code-Execution Vulnerability
A critical code-execution vulnerability in Microsoft Windows was patched in September. It seems that researchers just realized how serious it was (and is): Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, ...
Responsible Disclosure for Cryptocurrency Security
Stewart Baker discusses why the industry-norm responsible disclosure for software vulnerabilities fails for cryptocurrency software. Why can’t the cryptocurrency industry solve the problem the way the software and hardware industries do, by ...
The Importance of Timely Patching
Yet another new critical vulnerability was uncovered with the discovery that Microsoft Office could be exploited through a malicious Word document and used to run remote code execution. Meanwhile, many old vulnerabilities ...