Oracle this week released its July 2018 set of patches to address a total of 334 security vulnerabilities, the largest number of flaws resolved with a Critical Patch Update (CPU) to date. Over 200 of the bugs may be remotely exploitable without authentication. This month, 23 products from the enterprise security giant were patched, including…

Microsoft’s Patch Tuesday updates for July 2018 address more than 50 vulnerabilities, but none of them appear to have been exploited for malicious purposes before the fixes were released. The company has classified 18 of the flaws as critical and, similar to previous months, they mostly affect the Edge and Internet Explorer web browsers. Many…

The Intel Processor Diagnostic Tool (IPDT) is a piece of software designed to verify the functionality of an Intel processor. It can check for brand identification and operating frequency, test specific features, and perform a stress test on the processor. The recently addressed vulnerabilities (two of which are tracked as CVE-2018-3667 and CVE-2018-3668) were found…

Google this week released its July 2018 set of Android patches to address tens of vulnerabilities in the mobile operating system, including several rated as Critical. The Internet giant addressed 11 vulnerabilities as part of the 2018-07-01 security patch level, including three rated Critical and 8 High risk bugs. The issues impact framework, media framework,…

Software development has shifted into overdrive to keep pace with the demand for rapid releases. To meet this challenge, the industry has moved in recent years to the far more agile development and operations (DevOps) model, which has enabled companies to push out releases faster and more efficiently. However, more code means more vulnerability alerts….

Organizations must manage known vulnerabilities in web applications. When it comes to application security, the Open Web Application Security Project (OWASP) Foundation Top 10 is the primary source to start reviewing and testing applications. The OWASP Foundation list brings some important questions to mind: Which vulnerability in the OWASP Foundation Top 10 has been the…

Last year, Aon Inpoint reported about 80 percent of buyers of stand-alone cyber premiums were medium-sized to large companies. However, smaller firms are increasingly assessing their cyber exposure risk as concerns about the potential impact of a cyber incident continue to rise. “The majority of breaches worldwide occur at companies with 1,000 employees or less…

The Internet of Things (IoT) botnet known as Hide ‘N Seek that first emerged in January can now achieve persistence on infected devices, Bitdefender reports. Discovered toward the end of April, the latest version of the malware also includes code that allows it to target more vulnerabilities and new types of devices, the security firm discovered,…

Researchers have disclosed the details of two unpatched vulnerabilities that expose more than one million home routers made by South Korea-based Dasan Networks to remote hacker attacks. In a blog post published on Monday, vpnMentor revealed that many Gigabit-capable Passive Optical Network (GPON) routers, which are used to provide fiber-optic Internet, are affected by critical…